377Chapter6CryptographyIntroductionCryptographyaddressestheprinciples,means,andmethodsofdisguis-inginformationtoensureitsintegrity,confidentiality,andauthenticity.TheCISSPcandidateshouldbeabletounderstand:•Thebusinessandsecurityrequirementsforcryptographyandhowtoapplytheappropriateuseofcryptographytoachievethedesiredbusinesseffect.–Confidentiality.Understandthestrengthofvariouscryptographicapplications,impactsonsystemperformance,andwhentoap-ply;theconceptsofsynchronizationofparametersbetweenendsystems;andhowtorecognizetheuseofconfidentialityfunc-tions.–Integrity.Understandhowtheintegrityfunctionworksandhowitdiffersfromtheauthenticationandconfidentialityfunctions,whentoapply,andhowtorecognizeitsuse.–Authentication.Understandhowtheauthenticationfunctionworks,howitdiffersfromintegrityandnon-repudiation,whatadigitalsignatureis,andhowtoapplythisfunctiontomessaging,web,andcommerceapplications.–Non-repudiation.Understandhownon-repudiationworks,howitdiffersfromauthentication,whattoapply,andhowtorecognizeitsuse.•Cryptographicconcepts,methodologies,andpractices:–Understandthedifferencebetweensymmetricandasymmetriccryptography,publicandprivatekeys.–Understandpublicandprivatekeyalgorithmsintermsoftheirapplicationsanduses.–Understandconstructionanduseofdigitalsignatures.–Understandthebasicfunctionalityofhash/cryptoalgorithms(DES,RSA,SHA,MD5,HMAC,DSA),andeffectsofkeylength.–Understandthebasicfunctionsinvolvedinkeymanagement,includingcreation,distribution,verification,revocation,destruc-tion,storage,recoveryandlifespan,andhowthesefunctionsaffectcryptographicintegrity.–Understandmajorkeydistributionmethodsandalgorithms(e.g.,manual,Kerberos,ISAKMP).378OFFICIAL(ISC)2®GUIDETOTHECISSP®EXAM•Vulnerabilitiestocryptographicfunctions:–Understandthestrengthsandweaknessesofalgorithmsandkeystrengths.–Understandcryptographickeyadministrationandstorageintermsofvulnerabilityincreases(compromise).–Understandattackmethods(COA,KPA,CTA[includingCPA,AC-PA,andCCA],bruteforce,CRACK,...
