Cyber Basics - Module 3: Cryptography Updated!
This is the third module in the Cyber Basics course (aka GenCyber). It begins by providing the student with a bit of the evolution of cryptography and cryptographic systems, exposing them to several cipher techniques. We then look at basic threats to confidentiality and explain how cryptography can help to ensure confidentiality, discussing the cryptography process and symmetric versus asymmetric cryptography. The module introduces the student to several critical pieces and parts of modern cryptography to include cryptographic algorithms, cryptographic hash functions, key exchange, key management (private and public keys), PKI, and digital signatures. Additionally, the module provides the student with some hands-on experience with cryptography using online tools and exposure to techniques for encrypting and decrypting files.
- Understand the evolution of cryptography and cryptographic systems
- Describe the basic characteristics of cryptographic systems
- Apply basic cryptanalysis techniques to decrypt simple ciphers
- Describe what makes the one-time pad impervious to cryptanalysis
- Describe common threats to confidentiality
- Understand the benefits of encryption for confidentiality
- Distinguish symmetric and asymmetric key cryptography
- Define key exchange, key management, and digital certificates
- Describe hash functions and their uses
- Use online tools to solve simple cryptographic problems
- Understand and implement 2-factor authentication on a computer
- Apply techniques for encrypting and decrypting files
This module includes an exercise entitled Cyber Basics – Introduction to Cryptography in which students use symmetric and asymmetric cryptography to encrypt and decrypt files. The exercise is available for faculty to add to their course in the Virginia Cyber Range exercise area. Students can also complete the exercise using a standalone Kali Linux virtual machine or a Kali Linux virtual machine that they already have access to in the cyber range.
- K0018: Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).
- K0019: Knowledge of cryptography and cryptographic key management concepts.
- K0044: Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- K0056: Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
- K0305: Knowledge of encryption algorithms, stenography, and other forms of data concealment.
- K0308: Knowledge of cryptology.
- Basic Cryptography (BCY)