Page 414 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 414

For a one-time pad to be successful, the key must be generated
               randomly without any known pattern. The key must be at least as long

               as the message to be encrypted. The pads must be protected against
               physical disclosure, and each pad must be used only one time and then
               discarded.

               Understand the concept of zero-knowledge proof. Zero-
               knowledge proof is a communication concept. A specific type of
               information is exchanged, but no real data is transferred, as with

               digital signatures and digital certificates.
               Understand split knowledge. Split knowledge means that the

               information or privilege required to perform an operation is divided
               among multiple users. This ensures that no single person has
               sufficient privileges to compromise the security of the environment. M
               of N Control is an example of split knowledge.

               Understand work function (work factor). Work function, or
               work factor, is a way to measure the strength of a cryptography system

               by measuring the effort in terms of cost and/or time to decrypt
               messages. Usually the time and effort required to perform a complete
               brute-force attack against an encryption system is what a work
               function rating represents. The security and protection offered by a
               cryptosystem is directly proportional to the value of its work
               function/factor.

               Understand the importance of key security. Cryptographic keys

               provide the necessary element of secrecy to a cryptosystem. Modern
               cryptosystems utilize keys that are at least 128 bits long to provide
               adequate security. It’s generally agreed that the 56-bit key of the Data
               Encryption Standard (DES) is no longer sufficiently long to provide
               security.

               Know the differences between symmetric and asymmetric
               cryptosystems. Symmetric key cryptosystems (or secret key

               cryptosystems) rely on the use of a shared secret key. They are much
               faster than asymmetric algorithms, but they lack support for
               scalability, easy key distribution, and nonrepudiation. Asymmetric
               cryptosystems use public-private key pairs for communication
               between parties but operate much more slowly than symmetric
   409   410   411   412   413   414   415   416   417   418   419