Cryptography is the process of encrypting and decrypting data in order to keep that data safe when storing or transmitting it.
Encryption is a way of hiding data by converting it to an encoded format.
Decryption is a way of revealing encrypted data by decoding it from its encoded format.
Symmetric and Asymmetric Encryption
Symmetric encryption uses the same key to encrypt and decrypt data.
Asymmetric encryption uses a public key to encrypt data and a different private key to decrypt data.
Hashing is a one-way process that takes data of any size and represents it as a unique hash value of a fixed size. No matter how large or complex your file is, hashing provides a fast, reliable way to compare files and verify their authenticity.
Hashing can be used to store sensitive data in a secure way.
A rainbow table is a massive table of common passwords and password-hash combinations used by attackers to break into accounts. One common technique we can take to protect ourselves from rainbow table attacks is the use of salts.
A salt is a secret random string that is combined with a password prior to hashing specifically to defend against the use of rainbow tables.
Rainbow tables are large lookup databases that consist of pre-computed password-hash combinations which correlate plaintext passwords with their hashes.
Authentication & Authorization
Authentication is who you are. Logging in with a username and password is an example of authentication.
Authorization is what you can do. Only being allowed into non-VIP sections of the site is an example of authorization.
Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is more secure than single-factor authentication.
Using more forms of authentication makes an asset more secure.
One example of MFA would be:
- First, logging into a website with a username and password
- Then, receiving a One-Time Passcode (OTP) that needs to input into the same website
OAuth is a secure framework that makes use of a trusted third-party for authentication.
When a service asked if you want to “Sign in with ____”, this an example of OAuth.