2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet178/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   174   175   176   177   178   179   180   181   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Data Protection Methods
One of the primary methods of protecting the confidentiality of data is encryption. Chapter 6, 
“Cryptography and Symmetric Key Algorithms,” and Chapter 7, “PKI and Cryptographic 
Applications,” cover cryptographic algorithms in more depth. However, it’s worth pointing 
out the differences between algorithms used for data at rest and data in transit.
As an introduction, encryption converts cleartext data into scrambled ciphertext. 
Anyone can read the data when it is in cleartext format. However, when strong encryption 
algorithms are used, it is almost impossible to read the scrambled ciphertext.
Protecting Data with Symmetric Encryption
Symmetric encryption uses the same key to encrypt and decrypt data. In other words, if an 
algorithm encrypted data with a key of 123, it would decrypt it with the same key of 123. 
Symmetric algorithms don’t use the same key for different data. For example, if it encrypted 
one set of data using a key of 123, it might encrypt the next set of data with a key of 456. 
The important point here is that a file encrypted using a key of 123 can only be decrypted 
using the same key of 123. In practice, the key size is much larger. For example, AES uses key 
sizes of 128 bits or 192 bits and AES 256 uses a key size of 256 bits.


Identify and Classify Assets 
177
The following list identifies some of the commonly used symmetric encryption algo-
rithms. Although many of these algorithms are used in applications to encrypt data at rest
some of them are also used in transport encryption algorithms discussed in the next sec-
tion. Additionally, this is by no means a complete list of encryption algorithms, but
Chapter 6 covers more of them.
Advanced Encryption Standard 
The Advanced Encryption Standard (AES) is one of the 
most popular symmetric encryption algorithms. NIST selected it as a standard replacement 
for the older Data Encryption Standard (DES) in 2001. Since then, developers have steadily 
been implementing AES into many other algorithms and protocols. For example, Microsoft’s 
BitLocker (a full disk encryption application used with a Trusted Platform Module) uses 
AES. The Microsoft Encrypting File System (EFS) uses AES for file and folder encryption. 
AES supports key sizes of 128 bits, 192 bits, and 256 bits, and the U.S. government has 
approved its use to protect classified data up to top secret. Larger key sizes add additional 
security, making it more difficult for unauthorized personnel to decrypt the data.
Triple DES 
Developers created Triple DES (or 3DES) as a possible replacement for DES. 
The first implementation used 56-bit keys but newer implementations use 112-bit or 168-bit 
keys. Larger keys provide a higher level of security. Triple DES is used in some implementa-
tions of the MasterCard, Visa (EMV), and Europay standard for smart payment cards. These 
smart cards include a chip and require users to enter a personal identification number (PIN) 
when making a purchase. The combination of a PIN and 3DES (or another secure algorithm) 
provides an added layer of authentication that isn’t available without the PIN.
Blowfish 
Security expert Bruce Schneier developed Blowfish as a possible alternative to 
DES. It can use key sizes of 32 bits to 448 bits and is a strong encryption protocol. Linux 
systems use bcrypt to encrypt passwords, and bcrypt is based on Blowfish. Bcrypt adds 128 
additional bits as a salt to protect against rainbow table attacks.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   174   175   176   177   178   179   180   181   ...   881




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish