|Like this CertiGuide? Get it in PDF format!|
Use coupon code "certiguide" to save 20%!
|Also available: 300-question Security+ practice test!|
|Get It Here!|
(Page 3 of 6)
You learned about several concepts
important to cryptography, including:
- Confidentiality, the ability to pass a
message without unauthorized people who intercept it, understanding
it, accomplished by encrypting with receivers private key; in
symmetric crypto, confidentiality is limited because of the use of a
shared key and the challenges of distributing it securely.
- Integrity, assurance that data has not
been tampered with since it was encrypted, usually accomplished by encrypting
with the senders private key; with symmetric crypto, anyone possessing
the key can recreate and re-encrypt the message, destroying integrity.
- Authentication, verifying that a specific
person sent a message).
- Non-Repudiation, a stronger variation
on authentication, where the senders identity is verified by a
third party, to prove that the message was not forged and make it impossible
for the sender to deny sending it; you can prove message origin by encrypting
the message or its hash value with the senders private key and
decrypting with the senders public key.
- Digital Signature, an electronic signature
of a document, created by calculating a document hash value with MD5
or SHA-1 that is encrypted with asymmetric crypto using the senders
private key and an algorithm such as RSA; can be used to get data integrity
and non-repudiation by having receiver decrypt signature using senders
public key, compute the message hash value and verify that the has value
and decrypted value are equal; you can digitally sign a message to get
data integrity and non-repudiation WITHOUT encrypting the entire message
to get confidentiality, or encrypt the message to get confidentiality
- Access Control, for symmetric cryptography,
all parties need to make sure the key is kept secure, which can be challenging;
for asymmetric cryptography, the private key must be kept secure and
if it is compromised, the key pair should be destroyed/revoked.
|If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!|
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.