Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)

Previous Topic/Section
4.5.10.1  Multiple Key Pairs (Single, Dual)
Previous Page
Pages in Current Topic/Section
12
3
456
Next Page
4.7  Success Questions
Next Topic/Section

4.6  Summary
(Page 3 of 6)

Cryptographic Concepts



You learned about several concepts important to cryptography, including:

  • Confidentiality, the ability to pass a message without unauthorized people who intercept it, understanding it, accomplished by encrypting with receiver’s private key; in symmetric crypto, confidentiality is limited because of the use of a shared key and the challenges of distributing it securely.

  • Integrity, assurance that data has not been tampered with since it was encrypted, usually accomplished by encrypting with the sender’s private key; with symmetric crypto, anyone possessing the key can recreate and re-encrypt the message, destroying integrity.

  • Authentication, verifying that a specific person sent a message).

  • Non-Repudiation, a stronger variation on authentication, where the sender’s identity is verified by a third party, to prove that the message was not forged and make it impossible for the sender to deny sending it; you can prove message origin by encrypting the message or its hash value with the sender’s private key and decrypting with the sender’s public key.

  • Digital Signature, an electronic signature of a document, created by calculating a document hash value with MD5 or SHA-1 that is encrypted with asymmetric crypto using the sender’s private key and an algorithm such as RSA; can be used to get data integrity and non-repudiation by having receiver decrypt signature using sender’s public key, compute the message hash value and verify that the has value and decrypted value are equal; you can digitally sign a message to get data integrity and non-repudiation WITHOUT encrypting the entire message to get confidentiality, or encrypt the message to get confidentiality as well.

  • Access Control, for symmetric cryptography, all parties need to make sure the key is kept secure, which can be challenging; for asymmetric cryptography, the private key must be kept secure and if it is compromised, the key pair should be destroyed/revoked.

Previous Topic/Section
4.5.10.1  Multiple Key Pairs (Single, Dual)
Previous Page
Pages in Current Topic/Section
12
3
456
Next Page
4.7  Success Questions
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.