Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 15: Cryptographic Services - Coggle Diagram
Module 15: Cryptographic Services
15.1 Secure Communcations
15.1.1 Authentication, Integrity and Confidentality
To ensure secure communications across both the public and private infrastructure, the network administrator’s first goal is to secure the network infrastructure, including routers, switches, servers, and hosts.
This can be accomplished using
Device hardening
AAA access control
ACLs
Firewalls
Monitoring threats using IPS
Securing endpoints Advanced Malware Protection (AMP)
Enforcing email and web security using the Cisco Email Security Appiance (ESA) and Cisco Web Security Appliance (WSA)
Three primary objectives of securing communications
Authentication
This guarantees that the message is not a forgery and actually comes from the authentic source.
Integrity
This guarantees that no one intercepted the message and altered it; similar to a checksum function in a frame.
Confidentiality
This guarantees that if the message is captured, it cannot be deciphered.
15.1.2 Authentication
Authentication guarantees that a message comes from the source that it claims to come from.
15.1.3 Data integrity
Data integrity ensures that messages are not altered in transit. With data integrity, the receiver can verify that the received message is identical to the sent message and that no manipulation occurred.
15.1.4 Data Confidentiality
Data confidentiality ensures privacy so that only the receiver can read the message. This can be achieved through encryption. Encryption is the process of scrambling data so that it cannot be easily read by unauthorized parties.
15.2 Cryptography
15.2.1 Creating Cipher Text
Scytale
A scytale is a device used to generate a transposition cipher. A strip of paper or other material is wrapped around a rod of a known diameter.
The message is written on the paper across rows. When the strip is removed, the message is unreadable until it is wrapped around another rod of the same diameter.
Caesar Cipher
The Caesar Cipher is a type of substitution cipher in which each letter is replaced by another letter that is a set number of places away in the alphabet. That number of places is the key.
Vigenére Cipher
The Vigenère cipher is a type of polyalphabetic substitution cipher. It was considered unbreakable until 1863. To use the cipher a key text is generated that repeats for the length of the message to be encrypted.
A combination of the plaintext letter and the corresponding key letter are used to locate the ciphertext value for the letter in a table, or other device.
Enigma Machine
The Enigma machine was an electromechanical encryption device that was developed and used by Nazi Germany during World War II. The device depended on the distribution of pre-shared keys that were used to encrypt and decrypt messages.
15.2.2 Tranposition Ciphers
In transposition ciphers, no letters are replaced; they are simply rearranged.
Plantext Message
The plaintext message will be encoded using a key of 3. This key value specifies that three lines are required when creating the encrypted code.
Encryption Process
A rail fence cipher is used with the key of 3
Encrypted Message
Show the encrypted text
15.2.3 Substitution Ciphers
Substitution ciphers substitute one letter for another. In their simplest form, substitution ciphers retain the letter frequency of the original message.
Plaintext Message
The plaintext message will be encoded with a key of 3.
Encryption process
Shift the top scroll over by the three characters (a key of 3) and A becomes D, B becomes E, and so on. If the key used was 8, then A becomes I, B becomes J, and so on.
Encrypted message
The process is reversed to de-encrypt the message.
15.2.4 A More Complex Substitution Cipher
The Vigenère cipher is based on the Caesar cipher, except that it encrypts text by using a different polyalphabetic key shift for every plaintext letter. The different key shift is identified using a shared key between sender and receiver. The plaintext message can be encrypted and decrypted using the Vigenère Cipher
15.3 Cryptoanalysis
15.3.1 Cracking Code
Cryptanalysis is the practice and study of determining the meaning of encrypted information (cracking the code), without access to the shared secret key. This is also known as codebreaking.
15.3.2 Methods of Cracking Code
Brute-force method
The attacker tries every possible key knowing that eventually one of them will work.
Ciphertext method
The attacker has the ciphertext of several encrypted messages but no knowledge of the underlying plaintext.
Known-Plaintext method
The attacker has access to the ciphertext of several messages and knows something about the plaintext underlying that ciphertext.
Chosen-Plaintext method
The attacker chooses which data the encryption device encrypts and observes the ciphertext output.
Chosen-Ciphertext method
The attacker can choose different ciphertext to be decrypted and has access to the decrypted plaintext.
Meet-in-the-Middle method
The attacker knows a portion of the plaintext and the corresponding ciphertext.
