OBJECTIVES
This chapter covers the following TruSecure-specified objectives for the TICSA exam:
Identify key issues of cryptography and be able to explain basic cryptographic methods in use today.
Recognize the characteristics of encryption.
Identify encryption types.
This chapter introduces you to the basic concepts behind encryption and the differences between symmetrical and asymmetrical encryption types. You learn what a hash function is and how it is used in encryption algorithms. We discuss how digital signatures are used to authenticate identity and ensure that the original content of a message has not been changed.
Explain, identify, or recognize basic uses, requirements and functions of PKI and digital certificates.
Define the function of a Public Key Infrastructure (PKI).
Recognize the history of the PKI.
Identify the role of digital certificates within a PKI.
This chapter outlines the history of public key cryptography and introduces the concept of a Public Key Infrastructure (PKI) based on a public/private key pair and implemented via Certification Authorities (CAs) that issue digital certificates containing public key information.
OUTLINE
Brief History of Cryptography 290
Uses of Cryptography in Information Security Security 292
Purposes of Cryptography in Information Security 292
How Cryptography Is Used to Protect Computer Data 295
Remote Access Authentication 299
Hashing and Hash Functions 307
How Digital Signatures Work 309
Managing the Encryption Keys 311
Management of Secret Keys (Shared Secrets) 311
Management of Public/Private Key Pairs 312
Secure Key Generation and Key Exchange 312
Internet Key Exchange (IKE) 312
Secure Key Exchange Mechanism (SKEME) 312
Certificate Revocation Lists (CRL) 326
STUDY STRATEGIES
Ensure that you understand the definitions and concepts relating to cryptography and the PKI.
Read the references at the end of the chapter for further understanding of the topics covered in this chapter.
Obtain practical experience in using digital certificates and public/private key pairs obtained by requesting issuance from a public or internal certification authority.