Cryptography is the process of encrypting and decrypting data in order to keep that data safe when storing or transmitting it.
Encryption is a way of hiding data by converting it to an encoded format.
Decryption is a way of revealing encrypted data by decoding it from its encoded format.
Ciphers can be symmetric or asymmetric.
Asymmetric ciphers can be slower than symmetric ciphers but have additional use-cases in authentication and non-repudiation.
Hashing is a one-way process that takes data of any size and represents it as a unique hash value of a fixed size. No matter how large or complex your file is, hashing provides a fast, reliable way to compare files and verify their authenticity.
Hashing lets you check if two pieces of information are the same, without knowing what the information itself actually is.
Hashing can be used to store sensitive data in a secure way.
A rainbow table is a massive table of common passwords and password-hash combinations used by attackers to break into accounts. One common technique we can take to protect ourselves from rainbow table attacks is the use of salts.
A salt is a secret random string that is combined with a password prior to hashing specifically to defend against the use of rainbow tables.
Rainbow tables are large lookup databases that consist of pre-computed password-hash combinations which correlate plaintext passwords with their hashes.
Authentication is who you are. Logging in with a username and password is an example of authentication.
Authorization is what you can do. Only being allowed into non-VIP sections of the site is an example of authorization.
Multi-factor authentication (MFA) is more secure than single-factor authentication.
Using more forms of authentication makes an asset more secure.
One example of MFA would be:
OAuth is a secure framework that makes use of a trusted third-party for authentication.
When a service asked if you want to “Sign in with ____”, this an example of OAuth.