Tag Archive cybersecurity

ByEric GRAY

Encryption in 1 minute

Foundations of Encryption

As we prepare for the presentation on 27th of May by Johan Loos, it’s probably a good time to look at one of history’s great heroes Alan Turing.

Alan and his team (such as Joan Murray) were pioneers and were responsible for the decryption of the Nazi secret communications during the WWII via the Enigma machine. Alan’s work “On Computable Numbers” became the foundation of computer science as we know it. This work wasn’t truly recognized until many years after his death.

Brief History via Wikipedia: https://en.wikipedia.org/wiki/Alan_Turing

After the war Alan went on to create multiple computing machines before turning his attention to mathematical biology. If you haven’t see the remake movie about him during WW2 its worth checking out.

Encryption of Today

What Alan worked to break was symmetrical encryption where the same key is used to encrypted the clear text / plain text data and produce a coded message or a cipher text. This is still heavily used today but a stronger and more functional way of encryption is with asymmetrical encryption, with the combined use of public and private keys. Or, as per Javvad Malik as part of an ISC2 blog on encryption: “Encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information. In many contexts, the word encryption also implicitly refers to the reverse process, decryption to make the encrypted information readable again”

https://blog.isc2.org/.a/6a00e54f109b678834025d9b4256b8200c-pi

Malik goes on to discuss about how to turn princes into frogs, as an example of encryption and decryption via the two methods noted above.

https://blog.isc2.org/isc2_blog/2020/04/what-is-cryptography.html

RSA

RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977) is a crypto system that uses public and private keys to secure data via encryption. The RSA algorithm is possible by factoring of very large prime numbers and also (currently) has the benefit of not being easily broken.
You can check out the steps here: https://sites.google.com/site/danzcosmos/the-rsa-algorithm.

Johan will also cover the math behind it as well and its use in TLS (Transport layer Security).

Test Prep

Once you understand these basics you are one step closer to acing the CISSP exam! (But also CISSP-ISSAP, CCSP, SSCP, …). You will find a number of questions on encryption in the exams and I usually found that the more I understood about encryption the more interested I became. Hope that applies to you too.

Next, join us on May 27th at 19h to watch as Johan presents different types of RSA attacks in TLS communications. If you are new or well-aged in cyber security I’m sure you will take away something from this opportunity.

https://www.eventbrite.co.uk/e/tls-key-recovery-isc2-belux-chapter-online-webinar-tickets-150575057049

Bywebmaster

Don’t miss this new online event by #isc2 Belux Chapter on 25 Mar!

Putting Enterprise Architecture to work to transform cybersecurity into a Business Executive’s opportunity

Subscribe at: https://www.eventbrite.co.uk/e/isc2-belux-chapter-online-seminar-tickets-142909001671

About this Event

Making business execs aware of and ultimately responsible for the cybersecurity agenda is not an easy endeavour. Connecting the strategic business realm with the hard-core reality of cybersecurity is a daunting task for security leaders, and needs to be addressed carefully–as cybersecurity is a business responsibility, not merely an information technology task. Enterprise architecture offers the tools and methods to connect these conflicting realities, to close the gap between opportunities and liabilities and to provide a platform for meaningful insights and alignment. In this talk we go into how to use enterprise architecture methods to transform liabilities into opportunities, and get business executives excited about cybersecurity.

Speaker: Niek de Visscher

Having a background with KPMG as management consultant, Niek is leading Digital Innovation Benelux, a strategic, human-oriented digital consulting firm. He’s also DI’s Group CTO. Niek is a business technology professional with a 22-year track record of managing successful business technology & IT enabled business transformation projects, working for large global brands such as adidas, Shell, and Philips in several architecture and tech-leadership roles.

Webinar link will be shared with participants a few days in advance.

This website uses cookies. By continuing to use this site, you accept our use of cookies.