2 cissp ® Official Study Guide Eighth Edition


Exam Essentials Understand the key types used in asymmetric cryptography



Download 19,3 Mb.
Pdf ko'rish
bet258/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   254   255   256   257   258   259   260   261   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

269
Exam Essentials
Understand the key types used in asymmetric cryptography.
Public keys are freely shared 
among communicating parties, whereas private keys are kept secret. To encrypt a message, 
use the recipient’s public key. To decrypt a message, use your own private key. To sign a 
message, use your own private key. To validate a signature, use the sender’s public key.
Be familiar with the three major public key cryptosystems.
RSA is the most famous pub-
lic key cryptosystem; it was developed by Rivest, Shamir, and Adleman in 1977. It depends 
on the difficulty of factoring the product of prime numbers. El Gamal is an extension of 
the Diffie-Hellman key exchange algorithm that depends on modular arithmetic. The ellip-
tic curve algorithm depends on the elliptic curve discrete logarithm problem and provides 
more security than other algorithms when both are used with keys of the same length.
Know the fundamental requirements of a hash function.
Good hash functions have five 
requirements. They must allow input of any length, provide fixed-length output, make it 
relatively easy to compute the hash function for any input, provide one-way functionality
and be collision free.
Be familiar with the major hashing algorithms.
The successors to the Secure Hash 
Algorithm (SHA), SHA-1 and SHA-2, make up the government standard message digest 
function. SHA-1 produces a 160-bit message digest whereas SHA-2 supports variable 
lengths, ranging up to 512 bits. SHA-3 improves upon the security of SHA-2 and supports 
the same hash lengths.
Know how cryptographic salts improve the security of password hashing.
When straight-
forward hashing is used to store passwords in a password file, attackers may use rain-
bow tables of precomputed values to identify commonly used passwords. Adding salts 
to the passwords before hashing them reduces the effectiveness of rainbow table attacks. 
Common password hashing algorithms that use key stretching to further increase the dif-
ficulty of attack include PBKDF2, bcrypt, and scrypt.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   254   255   256   257   258   259   260   261   ...   881




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish