Asymmetric and Symmetric Encryption Flashcards
Substitution Cipher
where he moved each letter of the alphabet three places one
way or another.
ROT 13
ROT 13 is a variation of the Caesar cipher. As there are 26 letters in the alphabet, we are rotating the letters 13 times
Symmetric Encryption
only uses one key, which is known
as the secret key. The same key encrypts and decrypts the data. The danger of
symmetric encryption is that if the key is stolen, the attacker gets the keys to the
kingdom. The main reason for using symmetric encryption is that it can encrypt
large amounts of data very quickly. The Security+ exam does not focus on key
exchange, because it only uses one key, but instead focuses on which is the fastest or
strongest symmetric key
The symmetric encryptions are DES 56 bit, 3DES 168 bit, AES 256 bit, Twofish 128 bit, and Blowfish 64 bit. The smaller the key, the faster it is, but the larger the key, the more secure it is. largest key that would be
AES that can go up to 256 bits
Asymmetric Encryption
Asymmetric encryption uses two keys; a private key and
a public key. If you think of the private key as your bank card, you will retain it and
never give it away. If you think of the public key as being a deposit slip, you will
give it to anyone as long as they pay money into your account. If you ever have to
install a key on a remote server, it will always be the public key as the private key
is always retained. When you see the word Public Key Infrastructure (PKI), it is
asymmetric encryption, complete with its CA and intermediary authorities. The
Security+ exam tests the use of both the private and public keys very thoroughly.
Diffie Hellman (DH)
When symmetric data is in
transit, it is protected by Diffie Hellman, whose main purpose is to create a secure
tunnel for symmetric data to pass through. It does not encrypt data but creates a
secure tunnel.
TIP
Your private key, or a key pair, is never installed on another server. You always
retain the private key just like your bank card. You give the public key away or
install it on another server.
Non-repudiation
means that I cannot deny that it was me who signed the document
Advanced Encryption Standard (AES) Symmetric
AES comes in three key strengths: 128-,
192-, and 256-bits. AES is commonly used for L2TP/IPSec VPNs
Data Encryption Standard (DES) Symmetric
DES groups data into 64-bit blocks, but for the
purpose of the exam, it is seen as a 56-bit key, making it the fastest but weakest of
the symmetric algorithms. This could be used for L2TP/IPSec VPNs but is weaker
than AES.
Triple DES (3DES) Symmetric
3DES applies the DES key three times and is said to be a
168-bit key. This could be used for L2TP/IPSec VPNs but is weaker than AES.
Rivest Cipher 4 (RC4) Symmetric
RC4 is 40 bits and is used by WEP and is seen as a
stream cipher.
Blowfish and Twofish Symmetric
Blowfish is a 64-bit key and Twofish is a 128-bit key, and both were originally designed for encryption with embedded systems. How can you remember which of these is faster as they have similar names? Easy. I have a pond with fish inside and I have a challenge with a guy called Tom. I need to catch two
fish from the pond and he only needs to blow into the air. Guess what? He will win each time. Therefore, remember, Blowfish is faster than Twofish.
Asymmetric algorithms
use a PKI environment as they use two keys: a private key and a
public key
Internet Key Exchange (IKE) Asymmetric
DH creates the keys used in the Internet Key Exchange (IKE); it uses UDP port 500
to set up the secure session for the L2TP/IPSec VPN. Once the secure tunnel has been
created, then the symmetrically encrypted data flows down the tunnel.
Rivest, Shamir, and Adelman (RSA) Asymmetric
A is named after the three people who
invented the algorithm. The keys were the first private and public key pairs, and
they start at 1,024, 2,048, 3,072, and 4,096 bits. They are used for encryption and
digital signatures.
