Domain 9 of CEH – Cryptography
Domains of CEH
Information Security and Ethical Hacking Overview – 6%
Phases of system hacking and Attack Techniques-17%
Network and perimeter hacking-14%
Web application hacking-16%
Wireless network hacking – 6%
Mobile platform, IoT and OT hacking -8%
Cloud Computing 6%
We will be discussing the ninth domain of CEH, ‘Cryptography.
What is cryptography?
Cryptography is a technique that allows us to convert plain text into encrypted text and the ciphertext back into plain text. Didn’t get my point? No worries! Let me show you a simple example.
Let’s say you have two friends who live in different parts of the world. Let’s assume that one of these friends (let’s call it Bob) is sending confidential information to Alexa. Some attackers could gain access to this information in the interim. Using a key, Bob might convert the plain text (original message), into ciphertext (a combination random numbers and alphabets). Even if an attacker does find the message, he won’t be able to understand it. Finally, Alexa can use her key to convert the encrypted text into plaintext after receiving the message. Cryptography is the process of converting texts to keep them secret.
The figure shows that the original message was 1065256. This message is used to create an encryption key. This key is used to convert the message into a ciphertext (unreadable form). This ciphertext will then be sent across the internet to the other end. The decryption key will be used by the other person to whom the message is being sent.
Keys? What keys? Do you have a question? You can go on.
Cryptography keys are strings of characters that combine letters, numbers, symbols to create random data. These keys are similar to physical keys. Only the right key can unlock the data.
Four objectives are the focus of cryptography.
Non-repudiation is a term that refers to a message which cannot be retracted or taken back by the sender.
Confidentiality: Private communications can be kept confidential. This means that the intended recipient cannot read the message until it has been decrypted.
Authenticity: Authenticity ensures that both the sender and the recipient can verify their identities and that the message has been received by the intended recipients.
Integrity: Integrity refers to the ability to make sure that information in a message is not altered while it is being stored, transported, or transported.
Different types of cryptography
Symmetric Key Cryptography: Symmetric cryptography, also known as symmetric encryption, is an algorithm for cryptography which uses the same cryptographic keys for both plaintext’s encryption and ciphertext decryption. The keys could be related or they may have slight differences between them.
Asymmetric key cryptography: Also known as public-key cryptography or Asymmetric cryptography, Asymmetric cryptography encrypts and decrypts messages with two related keys, one private and one public, to protect confidential information from unauthorized access.
Cryptography is vital
Privacy: We care about privacy, whether we are talking about digital or physical worlds. Although I don’t know much about the physical world, cryptography can provide privacy in the digital universe. We encrypt our data to ensure that only authorized users can see it. Hackers, cybercriminals and internet providers cannot access it. Even government agencies cannot.
Authentication: To protect our data, we use cryptography to scramble it using a random passcode called an encryption key. This key is used to eliminate all traces of the key.