Basic Cryptography
The intent of the Basic Cryptography Knowledge Unit is to provide students with a basic ability to understand where and how cryptography is used.
Topics
- Common cryptographic uses
a. Security Functions (data protection, data integrity, authentication, non-repudiation)
b. Block vs. stream data
c. Digital Signatures (Authentication)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA) a. Public Key Infrastructure b. Certificates c. Key Management (creation, exchange/distribution)
- Hash Functions (MD4, MD5, SHA-1, SHA-2, SHA-3)
- Symmetric Cryptography (DES, Twofish)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA)
- Cryptography in practice
- Common cryptographic uses
- Security Functions (data protection, data integrity, authentication, non-repudiation)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA), C. Key Management (creation, exchange/distribution)
- Public Key Infrastructure
- Certificates
- Key Management (creation, exchange/distribution)
- Integrity checking
- For protecting authentication data
Outcomes
- Students will be able to identify the elements of a cryptographic system.
- Students will be able to describe the differences between symmetric and asymmetric algorithms.
- Students will be able to describe which cryptographic protocols, tools and techniques are appropriate for a given situation.
- Students will be able to describe how crypto can be used, strengths and weaknesses, modes, and issues that have to be addressed in an implementation (e.g., key management), etc.
- Students will be able to describe how crypto can be used, strengths and weaknesses, modes, and issues that have to be addressed in an implementation (e.g., key management), etc
- Students will be able to describe the differences between symmetric and asymmetric algorithms
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
ID |
DESCRIPTION |
K0201 |
Knowledge of symmetric key rotation techniques and concepts. |
K0336 |
Knowledge of access authentication methods. |
K0308 |
Knowledge of cryptology. |
K0018 |
Knowledge of encryption algorithms |
K0019 |
Knowledge of cryptography and cryptographic key management concepts |
K0190 |
Knowledge of encryption methodologies. |
K0196 |
Knowledge of Import/Export Regulations related to cryptography and other security technologies. |
K0285 |
Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption. |
K0056 |
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). |
K0007 |
Knowledge of authentication, authorization, and access control methods. |
ID |
DESCRIPTION |
S0047 |
Skill in preserving evidence integrity according to standard operating procedures or national standards. |
S0089 |
Skill in one-way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]). |
S0298 |
Skill in verifying the integrity of all files. (e.g., checksums, Exclusive OR, secure hashes, check constraints, etc.). |
S0138 |
Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic). |