Cryptography 101
This domain includes questions from the following topics:
• An overview of cryptography and encryption techniques
• Cryptographic algorithms
• How public and private keys are generated
• An overview of the MD5, SHA, RC4, RC5, and Blowfish algorithms
• The digital signature and its components
• Method and application of digital signature technology
• Overview of digital certificates
• Cryptanalysis and code-breaking methodologies
• A list of cryptography attacks
It’s a glorious day in 1500 B.C. Mesopotamia, and the potter is elated. He has developed a new method of glazing—and as everyone in the area knows, longer lasting pottery could mean a lot more shekels in his pocket. But to complete this glaze, he needs help from a few close, trusted friends, which causes a problem for him: how to get messages about his glaze to those who can assist without tipping off everybody else? The clay tablets used to send messages back and forth across the kingdom provided no protection at all, but were the only way he knew to send this sort of meaningful communication back and forth.
So he sent tablets to his friends, with lots of symbols on them, with each symbol equating to a corresponding letter in the alphabet. He then wrote all new tablets, using his symbols instead of alphabet characters. Smiling at his cleverness, he relaxed in the knowledge that his new glazing process would be protected from prying eyes. The only real question is, did he realize he was one going to be one of the forefathers of cryptography?
This is one of the earliest and clearest known cryptography attempts in history. Sure, the Egyptians had some things going in hieroglyphics earlier than this, but their writing was based on symbols and weirdness. My kids will tell you they’re not sure the Egyptians themselves understood half what they wrote to each other anyway. Cryptography and cryptanalysis are big parts of the security world, and have been ever since that dusty Mesopotamian day. If you’re going to be an ethical hacker, you’re going to have to at least know the basics. The good news is, you are not required to break down the mathematics of the algorithms. The bad news, though, is that you need to know pretty much everything else about them.
STUDY TIPS You’ll be asked a variety of questions about cryptography on the exam, ranging from simple identification to mind-altering questions you won’t even believe are part of this certification. The biggest thing you can do to prepare for the CEH cryptography questions is plain old organization. Also, make use of an old test-taking trick: eliminating those answers you absolutely know to be wrong is faster and easier than trying to figure out which one is right. As an example, if you simply remember which algorithms are symmetric and which are asymmetric, you can oftentimes eliminate half the answers based on that qualifier in the question itself. Key in on the characteristics of algorithms—symmetric versus asymmetric, block versus stream—and you’re well on your way. And don’t forget your key lengths—you’ll be asked about them a lot. Lastly, when it comes to encrypted messaging, PKI is always going to be high on the testing list. Simply remembering that you encrypt with a public key and decrypt with a private key will nab you a couple questions without fail. And, for goodness sake, be sure to know the difference between a digital certificate and a digital signature.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.