Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)
      9  4.2  Concepts in Using Cryptography

Previous Topic/Section
4.2  Concepts in Using Cryptography
Previous Page
Pages in Current Topic/Section
1
Next Page
4.2.2  Integrity
Next Topic/Section

4.2.1  Confidentiality

Confidentiality involves passing a message among authorized parties without any unauthorized parties who obtain it, through eavesdropping or other techniques, being able to understand it.395 Cryptography provides confidentiality by scrambling the message before it is passed, so that even if unauthorized individuals get a copy of the scrambled message, it isn’t feasible for them to figure out its original contents in ample time. Only the intended receiver of a message can decrypt it.

This works provided the key is not detected or broken. As we mentioned earlier, keys come in two flavors, secret key (symmetric encryption) or public/private key (asymmetric encryption), and either type can be used to enforce confidentiality.

To enforce confidentiality with asymmetric encryption, you would obtain the recipient’s public key and encrypt the message with the public key of its recipient before sending it; the recipient would decrypt it with his private key upon receipt. Since you can only encrypt a message with a single public key at a time, this allows you to send a specific confidential message to only one person at a time. If you want to communicate confidentially with multiple people using asymmetric cryptography, you have to send a separate message to each recipient, each encrypted with the receiver’s public key.

To enforce confidentiality with symmetric encryption, you would encrypt the message with the shared secret key, and the intended receivers would decrypt it using the same shared-secret key. Because anyone who possesses the shared secret key can decrypt the message, messages encrypted with symmetric encryption can be sent to multiple people at a time, rather than requiring a separate message per recipient, as with asymmetric methods.

Confidentially involves…

Confidentiality involves passing a message among authorized parties without any unauthorized parties (who having intercepted it), to be able to understand it.

To send a confidential message using asymmetric encryption, encrypt the message with the recipient’s public key, and decrypt it with the recipient’s private key.



 __________________

395. Schlaff, Robert, “Confidentiality Using Authentication”, gttp://www.acm.org/crossroads/xrds5-2/confide.html

Previous Topic/Section
4.2  Concepts in Using Cryptography
Previous Page
Pages in Current Topic/Section
1
Next Page
4.2.2  Integrity
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.