Cryptography - science of securing communication and information

through the use of mathematical techniques and algorithms.

cryptography ensures the confidentiality, integrity, and
authenticity of data.

Encryption - process of converting plaintext (readable data)

into ciphertext (unreadable data) using an algorithm and a key.
Decryption - The reverse process of converting ciphertext back
to plaintext using the same algorithm and a decryption key.

key - piece of information used by an algorithm to transform

plaintext into ciphertext during encryption and reverce during
decryption. Cryptographic systems can use symmetric keys,
same key for encryption and decryption or asymmetric keys
different keys for encryption and decryption.

Digital signature is a cryptographic technique used to verify

the authenticity and integrity of a message or document,
involves using a private key to generate a digital signature,
which can be verified using the corresponding public key.

Digital certificate - digital document that verifies the

identity of an entity, such as a person, organization, website.
It binds a public key to an individual or entity and provides
information about the key, its owner, the digital signature of
the certificate authority (CA), and other relevant data.

Digital Certificate Components:

*Public Key: The cryptographic key associated with the entity.
*Subject: Information about the entity (name, email,...)
*Issuer: The entity (usually a Certificate Authority) that
issues the certificate.
*Digital Signature: A cryptographic signature generated by
the CA to verify the authenticity of the certificate.
*Validity Period: The timeframe during which the certificate
is considered valid.

Types of Digital Certificates:

*SSL/TLS Certificates - Used to secure communication between
a user's browser and a website. Indicated by
"https://" in the URL
*Code Signing Certificates - Used by software developers to
sign their code, indicating that it has not been tampered with.
*Email Certificates - Secure email communication by encrypting
and digitally signing emails.

Certificate Authorities (CAs) - trusted entities responsible

for issuing and verifying digital certificates.They establish
the link between a public key and the entity's identity.

Certificate Signing Request (CSR) - request generated by an

entity to apply for a digital certificate. It includes the
entity's public key and relevant identification information.
The CA uses the CSR to create a signed digital certificate

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) -

SSL/TLS protocols use digital certificates to establish
secure connections between clients and servers on the internet.

Web browsers come pre-installed with a list of trusted root CAs.

A certificate signed by a trusted root CA is automatically
trusted by browsers.

certificates that are signed by the entity themselves. Used for

testing/internal purposes but not suitable for public-facing websites.

Locating sertificates in your OS:

in Windows OS: start > Manage Computer Certificates
in Linux OS: located in control files: /etc/ssl/certs

CAs maintain Certificate Revocation Lists (CRLs) or use Online

Certificate Status Protocol (OCSP) to indicate whether a
certificate is still valid or has been revoked.

Public Key Infrastructure (PKI) - framework that manages digital

keys and certificates. It includes the creation, distribution,
storage, and revocation of digital certificates. Certificates
are issued by a trusted third party called a
Certificate Authority (CA).

Cryptographic protocols - sets of rules for secure communication

between two parties. ex: SSL/TLS for secure web communication,
IPSec for securing network communications.

*Hash functions take an input and produce a fixed-size string

of characters, typically a hash value.
*Hash functions are used for integrity verification and creating
digital signatures. ex: SHA-256 (Secure Hash Algorithm 256-bit),
MD5 (Message Digest Algorithm 5).

A checksum (hash) - alphanumeric value that uniquely represents

the contents of a file. Checksums are often used to verify the
integrity of files downloaded from an external source, such as
an installation file. You can also use checksums to verify the
integrity of your own files. You can generate checksums for your
backup files and then use checksum algorithms or a hashing utility
to ensure they have not become corrupted or altered at a later
date. If both checksums are the same, the files are the same.

The two most commonly used checksum algorithms are MD5 and SHA.
When verifying checksums, you must make sure you use the same
algorithm that was used to generate the checksum. File's MD5
checksum value is different from its SHA-256 checksum value
checksum command in bash shell:
for SHA-256 - "sha256sum file_name"
for MD5 - "md5sum file_name"

checksum command in windows powershell:

for SHA-256 - "get-FileHash \path\to\file -Algorithm SHA256"
for MD5 - "get-FileHash \path\to\file -Algorithm MD5"

cryptography as security mesure:

*Confidentiality - Ensuring that unauthorized entities cannot
access sensitive information.
*Integrity - Ensuring that data is not altered or tampered
with during transmission or storage.
*Authentication - Verifying the identity of communicating parties.
*Non-repudiation - Preventing parties from denying their
involvement in a communication or transaction.

*Full Disk Encryption (FDE)

Encrypts the entire storage device, protecting all data on it.
ex: BitLocker for Windows, FileVault for macOS.

File and Folder Encryption

Encrypts specific files or folders rather than the entire disk.
VeraCrypt is an open-source tool that allows users to create
encrypted containers or encrypt entire partitions.

Network Encryption:
Secures data transmitted over networks, preventing eavesdropping.
SSL/TLS protocols for securing web traffic, IPsec for
securing network communication.

Email Encryption:
Secures email communications, protecting the content from
unauthorized access.

BitLocker is a full disk encryption feature included with

Microsoft Windows operating systems. It is designed to
protect data by providing encryption for entire volumes
BitLocker encrypts the entire disk volume, including the
operating system, system files, and user data.This
helps protect the data on the disk from unauthorized access.

BitLocker is integrated into the Windows operating system,

making it a convenient and seamless encryption solution for
users of Windows editions that support it.

BitLocker allows users to set a password or a personal

identification number (PIN) that must be entered during the
system boot process to unlock the encrypted drive.
This adds an additional layer of security.
enabling bitlocker on windows without trusted platform module:
start -> logal group policy editor -> administrative templates
-> windows components -> bitlocker drive encryption ->
operating system drives -> require additional authentication
at startup - here make it enabled with allow bitlocker without
TPM option

Linux Unified Key Setup (LUKS) is a disk encryption specification

that provides a standard for setting up disk encryption on
Linux systems. LUKS works with various disk encryption tools,
and it's commonly used with dm-crypt, the standard device-mapper
encryption module for the Linux kernel

GPG (GNU Privacy Guard) - free and open-source implementation of

the OpenPGP standard, which provides cryptographic privacy and
authentication for data communication. GPG is commonly used for
encrypting and signing files, emails, and communications in
Linux systems

encript file command: "gpg -c file_name" will create file_name.gpg

file wich will have the same data inside but encrypted
decript file command: "gpg -d file_name.gpg > file_name" decript
contents of the file_name.gpg file and save it as file_name

Windows provides a built-in tool called "Backup and Restore

(Windows 7)" for creating a system image

creating system image:

control panel -> system and security -> backup and restore(win7)
-> create the system image -> choose destination -> select
drives to go in backup -> start backup

UEFI is a modern replacement for the traditional BIOS

(Basic Input/Output System) that was commonly used to boot
operating systems on PCs

you can restore your Images From UEFI settings:

troubleshoot -> advanced options -> system image recovery

Deja-Dup is a simple and user-friendly backup tool for Linux

systems that provides an easy way to back up your files and
directories.

Malware(malicious software) -broad term that encompasses

various types of harmful software designed to disrupt,
damage, or gain unauthorized access to computer systems.

*Viruses - programs that can replicate themselves and spread

to other files on a computer. They often attach themselves
to legitimate executable files and can cause damage by
modifying or deleting data.
*Worms - self-replicating programs that can spread across
networks without any user intervention. They can exploit
vulnerabilities in operating systems or applications to
infect other computers
*Trojans -Trojan Horses disguise themselves as legitimate
software but contain malicious code. Once activated,
they can perform a variety of harmful actions, such as stealing
sensitive information or providing backdoor access to a system.
*Keyloggers - record keystrokes on a computer or mobile device.
used to capture sensitive information, such as login credentials,
credit card numbers.
*Rootkits - designed to hide the existence of malware on a
system. They often replace or modify system files and can be
challenging to detect and remove.
*Ransomware - malware that encrypts a user's files and demands
a ransom for the decryption key.
* Spyware - designed to spy on the user's activities without their
knowledge. It can capture sensitive information, such as login
credentials, browsing habits, and personal details, and send
them to a third party.
*Adware - displays unwanted advertisements on a user's device,
often in the form of pop-up ads. While not always malicious,
it can be intrusive and annoying.
and other less common malicious software...