CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [169]
An Overview of Cryptography
Cryptography is a field almost as old as humankind. The first recorded cryptographic efforts occurred 4,000 years ago. These early efforts included translating messages from one language into another or substituting characters.
You won’t be tested on the history of cryptography in the Security+ exam; this information is included primarily for background purposes.
The following sections briefly discuss three categories of cryptography—physical, mathematical, and quantum—as well as code breaking. Quantum cryptography is extremely classified and is relatively new. The other methods discussed are well known and commonly used.
Understanding Physical Cryptography
Physical cryptography includes several different approaches. The more common methods involve transposition or substitution of characters or words. Physical methods also include a method of encryption called steganography, which is the science of hiding information within other information, such as within a picture.
In general, physical cryptography refers to any method that doesn’t alter a value using a mathematical process.
A cipher is a method used to encode characters to hide their value. Ciphering is the process of using a cipher to encode a message. The three primary types of cryptography, or ciphering methods—substitution, transposition, and steganography—are discussed in the following sections. The hybrid model, which is also discussed, uses one or more methods to accomplish encryption.
It’s important to know that cryptography is always changing in an effort to make algorithms that are more difficult to crack. Not that long ago, single-digit bit encryption was good enough; now triple digits are almost a minimum requirement.
Substitution Ciphers
A substitution cipher is a type of coding or ciphering system that changes one character or symbol into another. Character substitution can be a relatively easy method of encrypting information. You may see this method used in a childhood toy such as a decoder ring. For example, let’s say you had the following message:
You can do this easily if you put your mind to it.
And here is how the encrypted message read:
You can do qhis zasily if you puq your mind to iq.
Notice in the encrypted example that every instance of z is a substitute for e and that every instance of q is a substitute for t. This code, while simple, may prevent someone from understanding the message for a very short period of time.
This type of coding creates two potential problems. Obviously, the system isn’t highly secure. In addition, how do you know the q isn’t really a q? Nevertheless, this method has been used in simple codes since time immemorial.
Real World Scenario
Working with rot13
One of the oldest known encoding algorithms is rot13—said by some to have been used in the days of Caesar. This simple algorithm rotates every letter 13 places in the alphabet. Thus an A becomes an N, a B becomes an O, and so forth. The same rotation of 13 letters that is used to encrypt the message is also used to decrypt the message. Many newsgroups offer a rot13 option that allows you to encrypt/decrypt postings.
See if you can solve these encryptions:
1. Neg snve qrohgf urer Fngheqnl.
2. Gevcyr pbhcbaf ng Xebtre!
3. Gel lbhe unaq ng chmmyrf.
One of the easiest ways to solve rot13 text messages is to take a sheet of paper and write the letters from A to M in one column and from N to Z in a second. To decipher, replace the letter in the encrypted message with the one that appears beside it in the other column.
Here are the answers:
1. Art fair debuts here Saturday.
2. Triple coupons at Kroger!
3. Try your hand at puzzles.
Transposition Ciphers
A transposition cipher (also referred to as a transposition code) involves transposing or scrambling the letters in a certain manner. Typically, a message