Modern Cryptography for Cybersecurity Professionals
eBook - ePub

Modern Cryptography for Cybersecurity Professionals

  1. 286 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Modern Cryptography for Cybersecurity Professionals

About this book

As a cybersecurity professional, discover how to implement cryptographic techniques to help your organization mitigate the risks of altered, disclosed, or stolen dataKey Featuresโ€ข Discover how cryptography is used to secure data in motion as well as at restโ€ข Compare symmetric with asymmetric encryption and learn how a hash is usedโ€ข Get to grips with different types of cryptographic solutions along with common applicationsBook DescriptionIn today's world, it is important to have confidence in your data storage and transmission strategy. Cryptography can provide you with this confidentiality, integrity, authentication, and non-repudiation. But are you aware of just what exactly is involved in using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals helps you to gain a better understanding of the cryptographic elements necessary to secure your data. The book begins by helping you to understand why we need to secure data and how encryption can provide protection, whether it be in motion or at rest. You'll then delve into symmetric and asymmetric encryption and discover how a hash is used. As you advance, you'll see how the public key infrastructure (PKI) and certificates build trust between parties, so that we can confidently encrypt and exchange data. Finally, you'll explore the practical applications of cryptographic techniques, including passwords, email, and blockchain technology, along with securely transmitting data using a virtual private network (VPN). By the end of this cryptography book, you'll have gained a solid understanding of cryptographic techniques and terms, learned how symmetric and asymmetric encryption and hashed are used, and recognized the importance of key management and the PKI.What you will learnโ€ข Understand how network attacks can compromise dataโ€ข Review practical uses of cryptography over timeโ€ข Compare how symmetric and asymmetric encryption workโ€ข Explore how a hash can ensure data integrity and authenticationโ€ข Understand the laws that govern the need to secure dataโ€ข Discover the practical applications of cryptographic techniquesโ€ข Find out how the PKI enables trustโ€ข Get to grips with how data can be secured using a VPNWho this book is forThis book is for IT managers, security professionals, students, teachers, and anyone looking to learn more about cryptography and understand why it is important in an organization as part of an overall security framework. A basic understanding of encryption and general networking terms and concepts is needed to get the most out of this book.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weโ€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere โ€” even offline. Perfect for commutes or when youโ€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Modern Cryptography for Cybersecurity Professionals by Lisa Bock in PDF and/or ePUB format, as well as other popular books in Computer Science & Cryptography. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2021
eBook ISBN
9781838647797
Edition
1
Topic
Computer Science
Subtopic
Cryptography
Index
Computer Science

Section 1: Securing Our Data

In this section, we'll take a look at the current threat landscape so that you can better understand the reasons why we need to secure our data. First we'll outline how encryption can protect the data, whether in motion or at rest, by providing security services, such as confidentiality, integrity, and authentication. We'll then take a brief look at the evolution of ciphers over time, along with the development of Lucifer and Feistel ciphers, as scientists recognized the need to secure digital data. Finally, we'll compare some of the various network attacks that can alter the integrity of our data.
This section comprises the following chapters:
  • Chapter 1, Protecting Data in Motion or at Rest
  • Chapter 2, The Evolution of Ciphers
  • Chapter 3, Evaluating Network Attacks

Chapter 1: Protecting Data in Motion or at Rest

We live in an exciting yet challenging time. Every second of the day there are zettabytes of data traveling over networks and the internet. Data is constantly being sent and received from our homes, cars, businesses, and billions of Internet of Things (IoT) devices. In this chapter, you'll gain an appreciation for the need to secure our data in a dynamic digital world. We'll begin with a brief look at how, over the past few decades, we have seen advances in technology that have resulted in more of our data being exchanged. Concurrent to the advances in technology, we have seen an increase in the type and amount of threats to our data.
So that you understand the many resources available on guidelines for ensuring our data is not compromised, we'll take a look at the Security architecture for Open Systems Interconnection for CCITT applications, also known as X.800. You'll learn how encryption provides many security services, which include ensuring confidentiality, integrity, authentication, forward secrecy, non-repudiation, and enhanced privacy guarantees. In addition, we'll outline some common cryptographic concepts, such as Trusted Third Party (TTP) and the Public Key Infrastructure (PKI). We'll also cover how we use the story of Bob, Alice, and other personalities to help us understand complex technical concepts.
We'll then cover some basic encryption techniques. You'll see how using substitution or transposition can scramble data into an unreadable form that won't make sense unless you have the key to decrypt the message. In order to better understand substitution and transposition, we will discuss some illustrative examples that employ two basic ciphers, namely pigpen and rail fence. Finally, we'll outline some basic techniques, such as letter frequency analysis, which can be used to break some codes.
This chapter covers the following main topics:
  • Outlining the current threat landscape
  • Understanding security services
  • Introducing common cryptographic concepts
  • Outlining substitution and transposition

Outlining the current threat landscape

Over the past three decades, there has been substantial growth in the amount of digital data, both at rest and in transit. The digital wave has become an ocean of all types of data, such as email, movies, images, and tweets. With this growth comes the threat of attacks on our data, which we face on a daily basis.
In this section, we'll take a look at how our world has transformed with the adoption of digital technology, along with an overview of the current threat landscape.
Let's start with a look at the growth in digital information over the years.

Digitally transforming our world

In 1946, the world got a glimpse of the future. That was the year that the Moore School of Electrical Engineering of the University of Pennsylvania introduced the Electronic Numerical Integrator and Computer (ENIAC) system. The ENIAC was enormous, as it filled a room and was capable of performing calculations faster than any other computer at the time.
When computers first appeared, the cost to own and operate a system was extremely high. Ordinary citizens knew very little about computers. Due to their prohibitively large costs, computer systems were owned mainly by governments, industry, and universities. In 1980, the cost of a gigabyte (GB) hard drive was approximately $1.2 million. By 1990, the price was down to $8,000, and costs continued to decrease. As shown in the following graphic, from 1995 to 2000, the price of drives per GB went down substantially:
Figure 1.1 โ€“ The cost of hard drives per gigabyte
Figure 1.1 โ€“ The cost of hard drives per gigabyte
By 2010, the cost of drives per GB was approximately $0.10. Along with the cost of hard drives, the price of computers in general went down as well. With more affordable pricing, more and more businesses and consumers were embracing technology, as we'll see next.

Rapidly advancing technology

The industry continued to develop desktops, laptops, games, mobile devices, and IoT devices that began to collect and exchange more and more data. Concurrently, businesses, universities, governments, and consumers began to invest heavily in information technology, spending billions on hardware and software designed to improve the quality of life.
Today, a large percentage of the world is using digital technology and the internet, for a wide variety of purposes. Applications include e-commerce, social media, mobile banking, and email, all generating data.
Data includes anything you can see or hear and can be digitized in a multitude of different types and formats, including the following:
  • Voice over Internet Protocol (VoIP), also known as IP telephony, is a group of technologies primarily used to transmit phone calls over the internet
  • Documents such as spreadsheets, word processor documents, presentation files, and Portable Document Format (PDF) files
  • Images that include Joint Photographic Group (JPG), Tagged Image File Format (TIPP), and Bitmap Image File (BMP)
  • Video that includes a wide range of formats, such as Moving Picture Experts Group (MPEG) and Advanced Video Coding (AVC), originating from a variety of sources
Some may argue that not all data needs to be protected. However, much of the data that is in storage on a server or in motion while traveling across the network should be encrypted, mainly because this flood of da...

Table of contents

  1. Modern Cryptography for Cybersecurity Professionals
  2. Contributors
  3. Preface
  4. Section 1: Securing Our Data
  5. Chapter 1: Protecting Data in Motion or at Rest
  6. Chapter 2: The Evolution of Ciphers
  7. Chapter 3: Evaluating Network Attacks
  8. Section 2: Understanding Cryptographic Techniques
  9. Chapter 4: Introducing Symmetric Encryption
  10. Chapter 5: Dissecting Asymmetric Encryption
  11. Chapter 6: Examining Hash Algorithms
  12. Section 3: Applying Cryptography in Today's World
  13. Chapter 7: Adhering to Standards
  14. Chapter 8: Using a Public Key Infrastructure
  15. Chapter 9: Exploring IPsec and TLS
  16. Chapter 10: Protecting Cryptographic Techniques
  17. Assessments
  18. Other Books You May Enjoy