CCNP Chapter 2: Cryptography

Encryption Mechanisms

Encryption ensures data confidentiality by converting plaintext into ciphertext. The main encryption categories are:

Symmetric Encryption: Uses a single key (e.g., AES, ChaCha20)
Asymmetric Encryption: Uses a key pair - public and private (e.g., RSA, ECC)

Symmetric vs Asymmetric Encryption

View Full Image

Hashing Algorithms

Hashing is used for data integrity checks. It produces a fixed-size output from input data. Examples include:

SHA-256, SHA-3
BLAKE2
HMAC: Hash-based Message Authentication Code (adds authentication)

Public Key Infrastructure (PKI)

PKI enables secure communication through digital certificates:

Certificate Authority (CA): Issues digital certificates
Digital Signature: Ensures authenticity and integrity
SSL/TLS: Encrypts data in transit between web servers and browsers

SSL Handshake

View Full Image

Post-Quantum Cryptography

Quantum computers pose a threat to traditional encryption. Post-quantum cryptography is being developed to mitigate this:

CRYSTALS-Kyber: Key encapsulation
Dilithium: Digital signatures
Part of NIST's standardization initiative

Back to Home