COMPTIA Security+ Tutorial: Module 06,Part 01 – GENERAL CRYPTOGRAPHY CONCEPTS


Moving ahead in technology, we need to understand about cryptography concepts and the type of cryptography. Transport Encryption, Hashes and Steganography, WEP, WPA and WPA 2, MD5, SHA and AES, and Public Key Infrastructure are also important to understand cryptography better.


The key that is used to encrypt the message is the same key that is used to Decrypt the message. Only one key is used and hence it is Symmetric Key Cryptography.

Key Management is an important issue so that it doesn’t fall in the hands of the malicious users. You can send the information to the client via emails, but you should not send the key through email as it can be then hacked by the malicious users. Failing to protect which, we can leave all our important credentials in the hand of the hackers.

When there is only one key involved, we also call this as the Shared Key Encryption as we have to share the key with the recipients of the message. Another aspect is the Asymmetrical Key Cryptography which is further divided into a Public Key and a Private key. These two keys are completely different. If the Public key is used to encrypt the message the corresponding private key will decrypt the message. The public key can be advertised to anybody who cares to have it. However, the private key should only be known by the individuals that owns the account or for which the public key belongs.

There are times we will encrypt the message with the public key or private key. If you wish to ensure confidentiality, we would encrypt the message with the public key of the recipient. That way only the recipient have the corresponding private key for that message.

If we need to ensure the authenticity, the sender of the message who encrypts the message with their own private key, anybody who can have access the message can decrypt the message. This is only to prove the message came from the sender. It ensures authenticity, but not confidentiality.

For example:

Let us assume that Dan needs to send a message to Adam. To ensure confidentiality, how should Dan encrypt the message. In Confidentiality unauthorized disclosures are not allowed. How would we do it?

A: Use Dan’s Public Key

B: Use Adam’s Private Key

C: Use Dan’s Private Key

D:Use Adam’s Public Key

For option A, using Dan’s public key will not solve  the purpose as Adam does not have the corresponding private key.

For option B, using Adam’s Private key will not solve the purpose as Dan does not know the Adam’s private key.

For option C, using Dan’s private key will not solve the purpose anybody in possession with the Dan’s public key can decrypt the message. It will ensure authenticity, but not confidentiality.

For option D, using the Adam’s Public Key we will encrypt the message and to decrypt the message only Adam will have the private key. This will ensure confidentiality.

We should know more on Cryptography with Confidentiality in relation to the Cryptography ensures that the data remain private while at rest ,that is, when it is stored on the disk or even when it is in transmission between the two or more parties.

Authentication in relation to Cryptography is the service that verifies the identity of the sender and the receiver that communicates over the network. Symmetric Cryptography is a system in which a common key is shared between the sender and the receiver. This key can also be denoted as session key, secret key algorithms, private key algorithms and shared secret algorithm.

As compared to the Asymmetric Cryptography, the symmetric cryptography is very fast. It provides the stronger encryption protection. However, it remains strong unless the key is not exchanged.

The Secure file transfer protocols that may include HTTPS, FTPS, SFTP encrypts the data through the symmetric key ciphers. Two primary types of the Symmetric encryption methods for encrypting plain-text data are:  a) Block Cipher, and b) Stream Cipher.

Let us discuss these in detail.


A cryptographic key and algorithm is further applied to a block of data as a group rather than to one bit at a time. Block Cipher is a method of encrypting text that will produce the cipher text. It will proceed and process the text in the predefine block sizes. The usual sizes of the blocks are 64 bits, 128 bits and 256 bits. For example a 128 bit block cipher will take 128 plain bits, and encrypts it into 128 bits of the cipher text.

In case the bits of the plaintext are shorter than the block size, we choose the padding schemes. Some of the popular block ciphers in use are:

DES :Data Encryption Statndard, DES is a 64 bit cipher that works with the 64 bit key. The 8 bits in the key are parity bits, so the actual key size to be considered are 56 bits.

3 DES: 3 DES is a cipher based on the DES which has a block size of 64 bits unlike DES. 3 DES is stronger but is slower than DES.

AES: Adavnced Encryption Standard is undoubtedly the most popular block cipher used in the world. It works on the block size of 128 bits,but supports three possible key sizes 128, 192, and 256 bits.

Blowfish: It is also a popular cipher, but not as much as AES is. It has a block size of 64 bits and supports a variable length key that can range from 32 to 448 bits.

Twofish: It is related to Blowfish and is a 128 bit block cipher that supports the key sizes up to 256 bits long.


An alternative encryption method is Stream Cipher through which we will encrypt the data using one bit or character at a time. Here the cryptographic key and algorithm is applied to each binary digit in the data stream, one bit at a time. In order to have a secure stream cipher, the pseudo-random generator should be unpredictable and the key should never be reused.

The Stream Cipher method is not much in use. Still, the popular Stream Cipher is RC4 that is most widely used in the various protocols like WEP and WPA (both used as security protocols for wireless networks).

Some terms to know:

Plain Text: It is an unencrypted message.

Cipher Text: An encrypted message.

Cipher: It is an algorithm that is used to encrypt or decrypt the information.

Please follow and like us:

Social media & sharing icons powered by UltimatelySocial