课程: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

Understanding encryption

课程: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

开始一个月试用 购买团队方案

Understanding encryption

- [Instructor] Cryptography is one of the most important controls available to information security professionals. Encryption protects sensitive information from unauthorized disclosure in many different environments, and many other security functions depend upon cryptography to work properly. So what is cryptography? It's the use of mathematical algorithms to transform information into a form where it's not readable by unauthorized individuals, but authorized individuals have the ability to transform it back into its readable form. Cryptography depends upon two basic operations. The first, encryption, converts information from its plaintext form into an encrypted version that is unreadable known as ciphertext. The second operation, decryption, performs the reverse transformation, using an algorithm to transform encrypted information back into plaintext form. Now, I've already used the word algorithm a few times. If you're not already familiar with algorithms, they're simply a set of mathematical instructions that you follow to achieve a result. Think of an algorithm as a mathematical recipe. Algorithms are very similar to computer code, and in fact, computer code is often designed to implement mathematical algorithms. Let's take a look at a basic algorithm designed to convert temperatures from Fahrenheit into Celsius. The algorithm has an input, the temperature in Fahrenheit, and it then takes this input through a series of steps. First, it subtract 32 from that input, then it multiplies the result by five, and divides that result by nine. This provides the final result, our output, which is the Celsius equivalent of a temperature that was input in Fahrenheit. Encryption algorithms work in similar ways, except the steps are different. Encryption algorithms have two inputs, the plaintext message and an encryption key. They then go through a series of steps that transform the plaintext message using the encryption key. I'll skip over the details of how encryption algorithms work for now, because we'll be discussing them extensively during the rest of this course. The encryption algorithm then has a single output, that's the encrypted ciphertext message. Decryption algorithms perform the reverse operation. They also have two inputs, the encrypted message, otherwise known as the ciphertext, and a decryption key. The algorithm then goes through a series of steps that converts the ciphertext back into plaintext using the decryption key, and then returns the plaintext message as output. Those are the basic concepts of cryptography. I'll fill in the details as we work our way through this course. You'll see how different cryptographic algorithms use different steps, and you'll learn more about the roles of different types of cryptographic keys.

内容