Time
23 hours 21 minutes
Difficulty
Intermediate
CEU/CPE
14

Video Transcription

00:02
Hi. Welcome back to the course in module 16. We just finished up our discussion on the cloud
00:07
here. Much of 17. We're gonna discuss cryptography, so we're gonna have several different sections here. We're going to first start off talking about algorithms, and then we're gonna talk about message hashing, and then we're also going to talk about cryptography tools that we can use.
00:21
So let's go ahead and get started. So we got a brief pre assessment like we normally do. Just a couple of questions here. So this uses a single key for both encryption and encryptions. And which one of those is that?
00:32
All rights. If you guessed, answer, be symmetric encryption. You are correct. So that one uses a single key for both encryption and decryption. Now, asymmetric encryption is going to use to key, so it's going to use a public, and a private team will go over that a little later on.
00:45
Hashing is gonna be used for file integrity or integrity of our data
00:49
and then playing Texas what you're looking at right here, it's information that you can just read is we type it up. We share share with each other
00:58
question number two All the following of these air primary functions of cryptography in today's world Except which one?
01:04
All right, this was pretty easy. So if you just answer D O S I u r creeks or size, actually a networking model. We cover that in the first module of this course.
01:15
So authentication, I'm just making sure that you are who you say you are, you know, Or that data is You know what? It's supposed to be
01:22
confidentiality. I'm making sure that I don't share information with people that don't need to know about it right now than integrity. I'm just again verifying that this is the information that is not altered.
01:34
So some of the terms you're gonna need to know. Just cryptography. In general, it's a study and practice of techniques for secure communications in the presence of third parties. So again, we think of asymmetric encryption. I encrypt it and we'll talk about it. We'll talk about this, but I encrypt it and then I send it to you, and then you decrypted, right? So somebody in between us can't see that so that third party can't see the information.
01:53
Krypton. Allison says the study of analyzing information systems to study the different hidden aspects of the system and then cipher, which will actually talk about, is one of the algorithms that we can use for performing encryption and decryption.
02:06
So top secret cryptography. We just talked about this a second ago, symmetric and asymmetric and then hashing so against the metric is using that one key to encrypt and decrypted data Asymmetric is using the public and private key and then hashing is just verifying the integrity. And that's a one way function function. Excuse me, hashing is
02:25
Jackie's a term you're gonna need to know for the actual sort of fine ethical hacker examination. If you're not taking that, you could just fast forward video. But basically, you just need to know the context of it stands for government access to keys. And all that means is basically that as a company, as a software company, I have to make sure and certain countries have to make sure that the
02:45
I either give a copy of the keys to the government or that they get enough information for me that they could easily crack the key
02:52
and, you know, get into the software of you know, of the bad guys are her basically, whoever they're trying to look at.
02:59
So encryption algorithms. We got many of them here like ciphers A s, three desks to fish, Arcee, etcetera, etcetera. So we're gonna talk about one of these individually. I do want to stress that you don't have to know these on a very intricate level. Just a very high level. Just know a little bit about each one, and you should be good to go for the exam.
03:19
So ciphers these we're gonna be generally substituting the same number of characters that are input for the same output on and then plain tax would show we talked about earlier. It's just what you're seeing here. We're just typing up stuff and you can read it. Cipher text is gonna be the encrypted version of that.
03:34
So we've got a black site for versus Stream star for so basically the difference there. Stream suffering Crips. One bidder, one bite at a time. So every single individual, one and then black cipher, basically just since a chunk of information. Right. So it it hence the name block, right. It's a chunk of information or black of information.
03:53
And that's how it's gonna encrypted data in that block
03:54
on the screen here. I've got the Caesar block and basically we don't know. We don't know if he really uses or not, but this is a 16 character thing here. So this message Great job. If you great job, you gotta excuse me. We just write it down in each column all the way through and you see you see it there.
04:12
By the way, I've never seen that in used to the Caesar block and use an industry. Just one of those textbook things you just learned about
04:19
us. We've got D s and triple deaths. So data encryption standard. It's 56 big key sides. It's insecure, but it's, ah influential because it kind of helped all these other cryptography things come into place
04:34
on Ben. We got triple desk or three deaths. It basically applies this three times each block. And both of these air symmetric form of encryption.
04:45
Hey, yes, or advanced encryption Standard s Oh, this one is symmetric as well. It uses 128 big block size and then they variable key length of 1 28 1 92 or 256 bits.
04:58
So the river cipher so RC four R C five and 36 is RC for that guy. Right there is Ron Rivest. So he's the inventor of all these ones. They're on, and a lot of people just call it the Ron Cipher or not the River Cipher, But many most of these air, not even in use
05:14
at all. You might see RC six
05:17
kind of sort of some places. Maybe it's really not used in industry that
05:23
so basically, the way the RC four works is the first few bites of the output key stream are non random, and so that's one of our vulnerability. So basically, if you analyze a high volume or a large amount of messages, you can potentially discover that the key over the long term because again that first initial first part of it's not random at all.
05:45
So our C five came and plays well, that's gotta very well block size on, and then the key sizes upto 2040 bits.
05:51
One feature of this is data dependent rotations. Oh, are you know that a resistant and basically that just means that it makes it more resistant crypt analysis and then also its rotation dependent. And that's focused on the least significant few bits. So we'll talk about that in our C six here.
06:06
The difference is there's just remember RC five least significant few bits is how the rotations dependable dependent upon that
06:15
and then our C six here. You see, the rotation is dependent on every bit in the word, so you probably won't see something like that on the actual exam. That's kind of too intricate to, you know, ground down to the
06:28
to the vory many details there, but just kind of tucked in the back of your head. You just never know with the d c council exam what you might see on there. So just just keep that in mind.
06:38
So I'm gonna go in Paul's appeal here because we waited to have a lot to cover, and I don't wantto go too far into stuff. So we're gonna pause it there in the next video. We're gonna start off with something called to fish, and that's actually gonna be something new for this version or this new content of the sort of fine ethical hacker Sam

Up Next

Penetration Testing and Ethical Hacking

Do you like breaking things or figuring out how things work? Join thousands of professionals who’ve entered the information security field by taking this class. Taking this ethical hacking course will give you the skills needed to become a professional penetration tester and prepare you for industry certifications, like the CEH.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor