Posted filed under CompTIA Security+, MICROSOFT MTA SECURITY.

[bs_icon name=”glyphicon glyphicon-chevron-right”] Introduction to Cryptography

In this Security+ study guide you will notice that we like to jump around from topic to topic. This is intentional! We want you to keep different topics fresh in your mind as some topics in the exam are particularly boring. In this lesson, we will learn about the basics of cryptography, including common terminology, function, and applications. In later lessons, we will take a look at the more technical aspects of cryptography.
[bs_icon name=”glyphicon glyphicon-chevron-right”] What is Cryptography?

Cryptography is the science of hiding the meaning of a message. Even children are familiar with the concept of cryptography as they learn to speak to each other in “code languages” that adults cannot understand. Rap stars employ lyrics that have alternate and more explicit meanings. The British in World War II were able to crack the Enigma Machine, Nazi Germany’s method of ciphering critical data.

For the purposes of the Security+ exam, however, we will usually speak of cryptography in terms of IT information security. Computers are often employed in conjunction with cryptographic services and protocols as many of these require complex calculations that only computers can provide in a timely manner.
[bs_icon name=”glyphicon glyphicon-chevron-right”] How Cryptography Works

The basic concept of cryptography is very simple. In a typical cryptographic exchange, information that is meant to be hidden for whatever reason is encrypted, or ciphered into a difficult-to-interpret form. We call this conversion encryption because it involves the change of clear text, or understandable data, into cipher text, or difficult-to-interpret data. The encryption process is one-half of the entire cryptographic exchange.

At the other end of the process is decryption, or the conversion of cipher text into clear text. Decryption is not always a part of encryption, however – some algorithms are called “hashes” as they only apply encryption (that is, from clear to cipher text) and have no means of deciphering the information. We will cover more on this later.
[bs_icon name=”glyphicon glyphicon-chevron-right”] Public Key and Private Key Systems

A key is the password of sorts used to encrypt and decrypt data.

When an encryption key is made available to any host, it’s known as a public key. In contrast, a private key is confidentially shared between two hosts or entities.

A symmetric encryption algorithm uses the same key for encryption and decryption. When a different key is used for encryption and decryption this is known as asymmetric encryption.

More complex systems require both a public key and a private key to operate. We will go into greater detail regarding these public key systems in later lessons but you should know of their existence.
[bs_icon name=”glyphicon glyphicon-chevron-right”] Applications and Functions of Cryptography

The Security+ exam will test you on your ability to recognize situations in which cryptography might be employed. The general rule here is that cryptography is employed in settings in which data confidentiality and integrity are desirable. For example, you would not use cryptography when transferring MP3 files (unless those files were highly sensitive for some reason) but you would certainly employ cryptographic methods when transferring health information. In addition to data confidentiality and integrity, cryptography can provide non-repudiation, which is the idea that a sender of information would not be able to refute the fact that he or she did send that information or data. Here is a sample laundry list of some well-known functions of cryptography:

• Tunneling protocols and VPN
• Email security (PGP et al.)
• Secure file transfer (S-FTP)
• Kerberos Authentication
• Certificates
• Document security

**Source by wikipedia**