Cryptology in Information Security Fundamentals, Essay Example

Introduction

The opening statement

Taking this class, I have learned a lot of things that I could use to get a job in the outside world in this field and I can definitely say beyond a shadow of a doubt that this class was the most impressive as well as engaging course that I have ever taken. Make no mistake, there were some twists and turns but I enjoyed the class very much. A subject matter I fell in love with and enjoyed studying was the Cryptology, there were so many things that I enjoyed reading about this chapter. For example, Kerckhoff’s six principles. What I found so interesting about it was all of the principles center around what a person working in this field should remember at all times, like a code of conduct of sorts. According to Peltier (2014), “the system must be decipherable no matter what, secrets are not meant to be kept in the system” (Peltier, 24, 2014). The six principles came off to me like it was something that was mandatory for everyone to follow if they were going to be working in that profession, I never wanted to stop learning about this particular subject matter because I felt like it was central to everything I could ever learn about Cryptology and deciphering codes. Another thing I enjoyed learning about this particular subject matter was the history backing Cryptology going back thousands of years to the times of the Egyptians who used the powers of Cryptology to keep their secrets hidden away from prying, nosy or enemy eyes and I found it so cool how even back then there were types of cyphers that the Egyptians used to hide their secrets which were the Spartan and Caesar cyphers; both were capable of keeping the secrets of those in charge. All throughout the time that I was reading this, studying this I felt the knowledge I’ve amassed was practically infinite and fresh; there was always something new for me to learn.

Body

The Cypher Types

The things that I studied in this course pretty much made my experience in learning the course material really worthwhile because there is so many things that I could not get my head around, but there were also aspects of the things I learned in this course that kept me hanging on every single minute that I was in this course. Along with learning everything about Cryptology, I learned that there are different kinds of cyphers that is used for all kinds of encryptions and decryptions. One of the things that I enjoyed learning about the different cypher types was the substitution cypher which basically comes in two types which are monoalphabetic and polyalphabetic, substitution cyphers is the more common type of cypher used to decipher messages and decipher encryptions. According to Peltier (2014), “substitution cyphers may be the most basic cypher used to decipher cryptic messages but it is just as handy as the other modern day cyphers” (Peltier, 25, 2014). Now, it can be said that after reading about the substitution cyphers, I thought they were really hard to crack or decipher but I learned that there is another cypher that falls into this same category; transposition cyphers. It’s so interesting that Transposition Cyphers were even easier to decode than that of the substitution cyphers, transposition cyphers work in the aspect that if a person were to reorganize the letters or even numbers on it, they could easily decode whatever message that they are trying to decipher. To me, I found it so interesting how cyphers would be difficult to use when it came to trying to decipher messages but the more I got into reading about the substitution and transposition cyphers, the more I became enthralled with wanting to pursue a career in this field. I realize that it takes some top level decryption skills to use these cyphers but the truth is, I learned that just the opposite is true; I loved what I learned about the cypher information.

Body II

Another interesting thing about cyphers

It goes without saying that learning about cyphers and the different kinds of cyphers used to decrypt secret messages has been a very eye opening experience, people use these tools to keep their secrets hidden from the rest of the world or out of enemy hands or out of traitorous hands who would use them to do bad things. It can be argued that cyphers are tough nuts to crack, but they are well worth the trouble because what lies on the other side is well worth the trouble that a person has to go through; the reward is practically legendary. Interesting enough, I learned about the simpler cyphers used to decode messages and I also enjoyed studying up on the more complex and “complicated” of the cyphers; cryptographic keys. What I loved about reading up on cryptographic keys is that they are the tougher nuts to crack, so if an enemy of the state were to get their hands on one of these then they would not be able to open it so easily or at all. Cryptographic keys come in the form of a private key or keys used to decode different messages. For example, let’s say that there are these symbols *$*$*##@%^#%@!!#% and a person uses a private cryptographic key then they decode the message which I found amazing in the regard that one key can solve and make sense of all of the symbols. According to Peltier (2014), “private cryptographic keys are used to privately decode messages in the aspect that a person’s or nation’s security is not compromised or sabotaged in any way” (Peltier, 32, 2014). Everything about this entire chapter just kept me hanging on, cryptology is the most interesting chapter I’ve ever read in this textbook. In a big way, it makes me feel like that just reading the chapter has inspired me to look into possibly getting a job as a cryptologist or in a related field. Either way, I thoroughly enjoyed what I learned about this chapter during the time I took this course and I want to go on record as saying that if given the chance to retake this course, I definitely would.

Body III

Theories

It can be argued that this course has had a lot of interesting and complicated concepts along with theories that practically made the course material as well as the course itself hard, but through it all I learned that some of the things that go into some of these theories are what makes up the entire concept of a particular subject. For example, take the likelihood subject. It is technically based on the incidence if the worst case scenario happens whatever it might be, I did not really feel like I understood that part completely because preparing for the worst case scenario is what I thought this course was all about. The risk assessment involved with the likelihood that anything can happen was an important part about this chapter, the information I read on the section called likelihood put me in a state of inquisition like “why would we have to worry about the likelihood of anything happening that might cause a relevant threat or even cause some damage in some way or other”. I even tried getting the professor to help me clarify what I wanted to know but I felt like I was even that much more lost, but let it be known that I did learn very important things from that particular part of the chapter. I took much away from this course and that also includes the theories and different conceptual aspects of the chapter as well, it gave me a sense of clarification upon further reading up on it. I learned that the likelihood aspect is only one out of several aspects that are needed to complete a risk assessment which is ultimately needed to evaluate certain dangers, dangers that could completely compromise or destroy national security. I felt like that even though I was reading all of this, I got to a point where I wanted to invest more of my time in learning more about these different aspects that made the IT management field as appealing as it ever was. I have to admit, I was a bit overwhelmed by all of the different concepts but it wasn’t anything that I did not want to unravel or read.

Body IV

Another important concept

When I thought about risk level, I asked myself, “risk level, why is that important and why is there a section completely dedicated to discussing it”; it was a question that was answered shortly thereafter. What I learned about risk level is that it is the most important part of risk assessment, it is easy to underestimate the risk level of anything but especially information technology which could have complete drastic consequences. As I was reading up on risk level, I learned about its importance; it is because risk level is important that people are able to do things to prevent that from happening or ensuring that nothing worse comes of that. Incidentally, I learned that having a risk level in IT at all was a risk in itself because information is sensitive as most people well know and when it is put under lock and key, it becomes more so. According to Layton (2007), “the risk level associated with all threats and vulnerabilities must be taken into account because ignoring it gives birth to even greater risk which no one including IT professionals needs” (Layton, 15, 2007). Threats associated with the risk levels are what gives birth to greater threats and the more I got into this chapter, the more I saw how important it is to make a list and check it twice; people’s lives and information solely depends on the risk assessment because even the slightest compromise could destroy thousands of lives. It can be argued that only some of the risk involved with handling information even the threat of the information becoming undecipherable is minimal, but it is far from it. Incidentally, there is so much involved with the risk level of IT; I never realized just how much a person has to do in order to protect the information of so many. All I can say is that this is another part of the course I enjoyed studying up on even though there was a little bit of a confusion issue with certain concepts but I enjoyed reading it nonetheless.

Body V

Future Activities and Effects

Coincidentally, I had several ideas about what I wanted to actively pursue after taking this course before I graduated from college. I am at the point right now that because I have taken this course and gained an understanding of what goes into this field, I’ve had so much time to deliberately think about what I found interesting not to mention how I can turn that interest into actual future activity in this field. I can say beyond reasonable doubt that what I learned in the Cryptology section of the book definitely held my attention in the aspect that if I was going to get a job in the future in IT then I would definitely want to be in the cryptology department, I found that it is the most prominent and promising profession in the entire IT field. According to Peltier, Peltier & Blackley (2005), “employee discipline and keen attention is needed for an effective information security program to properly function” (Peltier, Peltier & Blackley, 4.4.5, 2005). This course has affected my future activities in the aspect that I want to seek employment in the cryptology field just based on what I learned in this course and what I learned from the course material, reading that chapter and my love for solving puzzles and problems makes me a great fit for the job in that particular field. Let it be known that I have never had any second thoughts about what it takes to be able to do this because I was so enthralled with what I learned not just in the chapters I had to study but the course overall. My overall experience in taking this course was a very worthwhile endeavor and it has put me in a position to start investigating an internship and ultimately a job in IT management, this course has had a prominent effect on my future plans to get a job in this field, I wasn’t quite sure what I wanted to do after I graduated from college but thankfully this course had helped me in making the choice to get a job in IT so that I can use the skills I have to do great things which I know I am capable of.

Conclusion

My summary of what is

My overall personal experience in taking this course has been nothing short of excellent and forthcoming, the information taught me so much about IT as well as the different areas that make information technology the focal point governing people’s lives. I can say beyond a shadow of a doubt that Cryptology was my favorite thing to study, I learned about all the different cyphers that are used in decoding different messages as well as cryptographic keys which do the same thing but it requires that a person really pay attention to the different signs and symbols so they can properly decode the message. Ironically, I was under the impression that this is something that anyone can do as long as they are willing to work at solving puzzles and unraveling the different cyphers that hold secrets that are central to continuing to live lives of continued security as corny as that sounds. The risk level as well as the threats, vulnerabilities and risk evaluations are central to ensuring that a proper risk assessment be made to prevent mistakes from being made. Of all of the courses that I have taken so far and all of the knowledge that I’ve amassed so far was child’s play in comparison to what I learned in this course, I felt that the things I’ve learned in this course will better serve and benefit me when I get out into the real world. I also feel that this course has gave me the push I need to start investigating the different fields of study as well as the jobs in the IT management field, I felt like I did not have any idea what I wanted to do but this course gave me the nudge I needed to make a decision. In summary, there is nothing that I can say negatively about this course or the things that I learned in it, if anything I would encourage other people take it if for nothing else, just to see how they would like it; I personally think that they would learn a great deal in this course as I have. I was not just able to take knowledge away from this course, but inspiration as well.

References

Layton, T. (2007). Information Security Risk Assessment Model. In Information Security, design, implementation, measurement, and compliance (1st ed., Vol. 1, p. 14). Boca Raton, Florida: Auerbach Publications.

Peltier, T. (2014). Cryptology. In Information Security Fundamentals (1st ed., Vol. 1, pp. 23-30). Boca Raton, Florida: CRC Press.

Peltier, T., Peltier, J., & Blackley, J. (2005). Information Security Policies. In Information Security Fundamentals (1st ed., Vol. 1, p. 4.4.5). Boca Raton, Florida: Auerbach Publications.