Security+: Authentication, Cryptography, Encryption
There are several authentication schemes in computer security including something you know – like passwords, something you have – like a key, and something you are – such as physical characteristics that can prove who you are in order to grant access. Identity proofing is the most common, often via methodology of usernames and passwords. These are done with several different systems such as “Kerberos” (time-sensitive ticket granting system), the use of Tokens (physical or virtual objects such as smart cards, ID badges, or data packets), or Biometrics. Biometrics are based on individual’s physical characteristics such as fingerprints (with a fingerprint scanner), eyes (with a retinal scanner), voice (voice-recognition software), or face (face recognition software). Multi-facator authentication is incorporated by means of validation of at least two of the authentication factors combining who you are, what you have, and what you know. Also sometimes implemented is mutual authentication which requires each party in communication to verify its identity in order to prevent a client from inadvertently submitting confidential information to a non-secure server. Cryptograpy is incorporated as a science of hiding information and is utilized within the security tool known as Encryption. Cryptography is as as old as writing and possesses roots in mathematics and the building blocks of computer science. It is used to protect sensitive information and communications from unauthorized access. This is often achieved by the use of ciphers. Ciphers are a specific set of actions used to encrypt data. While Plaintext is the original unencoded data – when enciphering is applied, the obscured data becomes ciphertext. The process of translating ciphertext back to cleartext is known as deciphering. Other forms of encryption rely on codes that are utilized to translate words or phrases like a secret language. Cryptanalysis is the science of breaking codes and ciphers. There are two main types of ciphers : Stream and Block. Algorithms and mathematics are utilized as a rule, system, or mechanism by which to encrypt the data. Steganography is an alternative cipher process used to hide information by enclosing it in graphics, movies, art, or sound files. Encryption hides the message into the media, steganography is the attempt to obscure the fact that the information exists. Encryption keys are pieces of information used in conjunction with algorithms to perform encryption and decryption and makes deciphering possible. Hashing is also used and serves as a one-way encryption that transforms cleartext into ciphertext that is not intended to be decrypted. Its result is called a hash, hash value, or message digest. Hashing is used in password authentication schemes and applies encryption algorithms. These Encryption algorithms are often symmetric or asymmetric in methods of use of public and private keys. This gave birth to digital signatures which are message digests encrypted with a user’s private key.
