Cryptography
The Cryptography domain addresses the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity.
The candidate is expected to know basic concepts within cryptography; public and private key algorithms in terms of their applications and uses; algorithm construction, key distribution and management, and methods of attack; the applications, construction and use of digital signatures to provide authenticity of electronic transactions, and non-repudiation of the parties involved; and the organization and management of the Public Key Infrastructures (PKIs) and digital certificates distribution and management.
We discuss this domain in Chapter 8. Its major topics include
Applying and using cryptography to achieve security goals
Reviewing the cryptographic life cycle
Comparing encryption concepts
Managing public and private keys
Using digital signatures for authentication
Setting up non-repudiation
Examining cryptanalytic attack methods
Putting cryptography in the context of network security
Using cryptography to secure applications
Defining Public Key Infrastructure (PKI)
Reviewing certificate-related issues
Deciding when to hide information (and what to hide)