#### Basic Cryptography

The intent of the Basic Cryptography Knowledge Unit is to provide students with a basic ability to understand where and how cryptography is used.

#### Topics

- Common cryptographic uses a. Security Functions (data protection, data integrity, authentication, non-repudiation) b. Block vs. stream data c. Digital Signatures (Authentication)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA) a. Public Key Infrastructure b. Certificates c. Key Management (creation, exchange/distribution)
- Hash Functions (MD4, MD5, SHA-1, SHA-2, SHA-3)
- Symmetric Cryptography (DES, Twofish)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA)
- Cryptography in practice
- Common cryptographic uses
- Security Functions (data protection, data integrity, authentication, non-repudiation)
- Public Key Cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA), C. Key Management (creation, exchange/distribution)
- Public Key Infrastructure
- Certificates
- Key Management (creation, exchange/distribution)
- Integrity checking
- For protecting authentication data

#### Outcomes

- Students will be able to identify the elements of a cryptographic system.
- Students will be able to describe the differences between symmetric and asymmetric algorithms.
- Students will be able to describe which cryptographic protocols, tools and techniques are appropriate for a given situation.
- Students will be able to describe how crypto can be used, strengths and weaknesses, modes, and issues that have to be addressed in an implementation (e.g., key management), etc.
- Students will be able to describe how crypto can be used, strengths and weaknesses, modes, and issues that have to be addressed in an implementation (e.g., key management), etc
- Students will be able to describe the differences between symmetric and asymmetric algorithms

#### KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

Learn More about the KAS-T's.

ID | DESCRIPTION |
---|---|

K0201 | Knowledge of symmetric key rotation techniques and concepts. |

K0018 | Knowledge of encryption algorithms |

K0019 | Knowledge of cryptography and cryptographic key management concepts |

K0308 | Knowledge of cryptology. |

K0190 | Knowledge of encryption methodologies. |

K0336 | Knowledge of access authentication methods. |

K0196 | Knowledge of Import/Export Regulations related to cryptography and other security technologies. |

K0285 | Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption. |

K0056 | Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). |

K0007 | Knowledge of authentication, authorization, and access control methods. |

ID | DESCRIPTION |
---|---|

S0047 | Skill in preserving evidence integrity according to standard operating procedures or national standards. |

S0089 | Skill in one-way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]). |

S0298 | Skill in verifying the integrity of all files. (e.g., checksums, Exclusive OR, secure hashes, check constraints, etc.). |

S0138 | Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic). |

ID | DESCRIPTION |
---|

ID | DESCRIPTION |
---|