2 cissp ® Official Study Guide Eighth Edition

Know the requirements for successful use of a one-time pad

Download 19,3 Mb. Pdf ko'rish bet 228/881 Sana 08.04.2023 Hajmi 19,3 Mb. #925879

Bu sahifa navigatsiya:

• Understand the concept of zero-knowledge proof.
• Understand work function (work factor).
• Understand the importance of key security.
• Know the differences between symmetric and asymmetric cryptosystems.

Know the requirements for successful use of a one-time pad.  For a one-time pad to be suc- cessful, the key must be generated randomly without any known pattern. The key must be  at least as long as the message to be encrypted. The pads must be protected against physical  disclosure, and each pad must be used only one time and then discarded. Understand the concept of zero-knowledge proof.  Zero-knowledge proof is a communica- tion concept. A specific type of information is exchanged, but no real data is transferred, as  with digital signatures and digital certificates. Understand split knowledge.  Split knowledge means that the information or privilege  required to perform an operation is divided among multiple users. This ensures that no  single person has sufficient privileges to compromise the security of the environment. M of N  Control is an example of split knowledge. Understand work function (work factor).  Work function, or work factor, is a way to  measure the strength of a cryptography system by measuring the effort in terms of cost and/ or time to decrypt messages. Usually the time and effort required to perform a complete  brute-force attack against an encryption system is what a work function rating represents.  The security and protection offered by a cryptosystem is directly proportional to the value of  its work function/factor. Understand the importance of key security.  Cryptographic keys provide the necessary ele- ment of secrecy to a cryptosystem. Modern cryptosystems utilize keys that are at least 128  bits long to provide adequate security. It’s generally agreed that the 56-bit key of the Data  Encryption Standard (DES) is no longer sufficiently long to provide security. Know the differences between symmetric and asymmetric cryptosystems.  Symmetric key  cryptosystems (or secret key cryptosystems) rely on the use of a shared secret key. They  are much faster than asymmetric algorithms, but they lack support for scalability, easy key  distribution, and nonrepudiation. Asymmetric cryptosystems use public-private key pairs for  communication between parties but operate much more slowly than symmetric algorithms. Written Lab  Download 19,3 Mb. Do'stlaringiz bilan baham: