Chapter 8: Cryptography

In This Chapter

• Unlocking cryptography

• Understanding the differences between symmetric and asymmetric key systems

• Getting a grasp on key management, message digests, digital signatures, and more

• Finding out everything you need to know about PKI

• Getting to know cryptography technologies and applications

• Finding alternatives to cryptography

• Conducting cryptanalysis

Overview

This is the part where Good Will Hunting meets the Rain Man and A Beautiful Mind. If solving long, complex, theoretical math problems on window panes isn’t your forte, you’ll probably want to read this chapter slowly and carefully, read it again, and then possibly delve into some additional resources - which we conveniently list at the end of this chapter.

Cryptography (from the Greek, kryptos meaning hidden and graphia meaning writing) is the science of encrypting and decrypting communications to make them unintelligible for all but the intended recipient.

 Remember   The Certified Information Systems Security Professional (CISSP) candidate must have a thorough understanding of the fundamental concepts of cryptography, the basic operation of cryptographic systems, common uses and applications, and methods of attack. The CISSP exam tests the candidate’s ability to apply general cryptographic concepts to real-world issues and problems. You won’t be required to memorize mathematical formulas or the step-by-step operation of various cryptographic systems. However, you should have a firm grasp of cryptographic concepts and technologies as well as their specific strengths, weaknesses, uses, and applications.