• Unit 3: Cryptographic Models

    One of the earliest ways to encrypt a message was with a substitution cipher developed by Julius Caesar, known as the Caesar cipher. Today, in the information age, cryptology involves the use of computers to create complex algorithms. In this unit, we examine various symmetric and asymmetric key algorithms, as well as hashing algorithms. Encryption is a tool that can be used to support all three tenets of the CIA triad, the goal of information security.

    Completing this unit should take you approximately 8 hours.

    • 3.1: Cryptographic History

      As you begin this section on cryptography, it is important to review a brief history of the origins of cryptography to understand why cryptography was developed. The timeline of cryptography dates to the times of Julius Caesar and continues through some important times in our history during the first and second world wars. Cryptography is as important, or possibly more important today than it was in previous years due to advancements in technology. This unit describes the mechanism of the Caesar cipher and shows how to encipher your own message. This section also describes the one-time pad (OTP) and why it is secure.

      • 3.1.1: The Caesar Cipher

      • 3.1.2: One-Time Pads

    • 3.2: Goals of Cryptography

      Now that you understand why and how cryptography was developed, you will learn about the primary goals of cryptography. Cryptography is used today to protect the confidentiality and integrity of data. You saw that confidentiality and integrity were part of the CIA triad and are protected by cryptography, but additionally cryptography is used to provide for nonrepudiation and authenticity. Nonrepudiation means the sender cannot deny sending the data or message. An example of nonrepudiation is when an email is sent using a digital signature. Authentication is the acceptance of credentials to prove identity. When a user enters the correct username and password, the user is authenticated and is allowed access to the system. These are important concepts to understand as an organization may require the information systems professional to evaluate or to provide cryptographic methods of nonrepudiation and authenticity.

    • 3.3: Comparing Cryptographic Algorithms

      This section describes the three different methods of encryption: symmetric, asymmetric, and hashing. As you saw in the history of cryptography, symmetric key cryptography was the primary encryption method until asymmetric encryption was developed in the 1970s. Both encryption methods need a method of encryption and decryption, but hashing is one-way function as it cannot be reversed. The following sections will describe the attributes and the purposes of these three encryption methods, and it will describe how hashing is used in conjunction with asymmetric encryption.

        • 3.3.1: Symmetric Key Algorithms

        • 3.3.2: Asymmetric Key Algorithms

        • 3.3.3: Hashing Algorithms

      • 3.4: Types of Key Algorithms

        To secure communication, a set of defined mathematical rules called algorithms are used for encryption. In this section, you will learn some of the different types of encryption algorithms used in symmetric and asymmetric encryption. You will start with symmetric encryption and learn about DES, 3DES, AES, RC4, RC5, RC6, Blowfish, and Twofish algorithms. For asymmetric encryption, you will learn about the RSA, DSA, PGP, GPG, Diffie-Hellman, and Elliptic-curve algorithms.

          • 3.4.1: Symmetric Key Algorithms

            • 3.4.1.1: DES

            • 3.4.1.2: 3DES

            • 3.4.1.3: AES

            • 3.4.1.4: Ciphers (RC4, RC5, RC6, Blowfish, Twofish)

              RC4, RC5, and RC6 were series of algorithms developed in succession by RSA Security. The name RSA is an abbreviation taken from the names of the three owners: Rivest, Shamir, and Adleman. These three names will appear again in a subsequent section. In the article on the Rivest ciphers there are three sections you should read, one about each type of encryption. Notice the differences in block size, key size, and the number of rounds used in each algorithm. Then read and view the information on two more ciphers: blowfish and twofish. These ciphers also have the same creator and were created in succession. As you review this material, you will see that RC6 and twofish were created for the AES competition. Unfortunately, neither twofish nor RC6 were selected in the competition.

          • 3.4.2: Asymmetric Key Algorithms

            We discussed symmetric key algorithms first since they are easier to understand. Asymmetric key algorithms have an advantage in that no key distribution is required, but asymmetric keys are more complex in that they require more management oversight. This section will explain asymmetric key distribution, public-key cryptography, RSA, digital signature algorithm (DSA), pretty good privacy (PGP), GNU privacy guard, Diffie-Hellman cryptography, and elliptic-curve cryptography (ECC).

            • 3.4.2.1: RSA

            • 3.4.2.2: DSA

            • 3.4.2.3: Pretty Good Privacy (PGP)

            • 3.4.2.4: GPG

            • 3.4.2.5: Diffie-Hellman

            • 3.4.2.6: Elliptic-Curve Cryptography

        • 3.5: Hashing Algorithms

          Hashing algorithms are used to provide data integrity, proving that the data has not been altered. Hashing can be important to review when downloading a patch for a system. If the hash does not match the published hash, then the patch may not be authentic and should not be downloaded or uploaded to the system. We will discuss several types of hashing algorithms: message digest 5 (MD5), secure hash algorithm (SHA-0, SHA-1, SHA-2, and SHA-3), and hashed message authentication code (HMAC). Notice the differences and the similarities between symmetric and asymmetric cryptography and hashing algorithms and how the tenets of the CIA triad are protected.

          • 3.5.1: Digital Certificates

          • 3.5.2: Message Digest 5 (MD5)

          • 3.5.3: Secure Hash Algorithm (SHA-0, SHA-1, SHA-2, and SHA-3)

          • 3.5.4: Hashed Message Authentication Code (HMAC)

        • Unit 3 Assessment

          • Receive a grade