Latest activity

Threads

Latest activity

 Posts Questions Social Forum list

Do you teach students that encoding is the same as encrypting?

Fanuel
Hank Cox said:
Topic 3A in the 701 course uses "encoding" and "encryption" as synonyms. I think students should understand the difference between the two terms.

I would appreciate knowing what other instructors think about these terms. Does encoding = encryption?

I would also appreciate feedback from a CompTIA SME. What is CompTIA's definition of encoding, and CompTIA's definition of encryption?


My notes on the use of "encoding" in Topic 3A:

The Official CompTIA Security+ Instructor Guide (Exam SY0-701)

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Slide 4

Students need to learn the difference between encoding and encryption. This slide, “Cryptographic Concepts,” should not confuse encryption and decryption with encoding and decoding. If encoding is mentioned at all, the slide should point out that encoding is not cryptography or encryption.

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Page 38, first paragraph:

“A cryptographic algorithm is the particular operations performed to encode or decode data.”

Encoding is not the same as encrypting.
Encryption uses a cryptographic key as one of the inputs to a cryptographic algorithm. Encoding does not use a cryptographic algorithm or require the use of a cryptographic key. Geeks for Geeks has an explanation of the difference.
One example of encoding is the use of ASCII codes to represent letters of the alphabet. No cryptographic algorithm or cryptographic key is used.

Page 38, second paragraph:

‘Cryptography, which literally means “secret writing,” is the art of making information secure by encoding it. ‘

Cryptography is “transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.” Encryption and hashing can provide this confidentiality or integrity, however encoding does not.
Using ASCII or Morse code are examples of encoding; however they are not examples of cryptography.

Lesson 11: Enhance Application Security Capabilities | Topic 11A, page 317, Question 2

“the session key does the actual data encoding”

First, the answer should say “encryption,” not “encoding.”
Second, the key does not do the actual encryption. The encryption algorithm does the encryption, using the key as one of the inputs.
Click to expand...
Good observation
Click to expand...
  • Like
Reactions: Hank Cox

Do you teach students that encoding is the same as encrypting?

Brian Callahan
As an instructor (not a CompTIA SME), I would make the following tweaks:

Change:
‘Cryptography, which literally means “secret writing,” is the art of making information secure by encoding it. ‘
to:
‘Cryptography, which literally means “secret writing,” is the art of making information secure by encrypting it. ‘ Or, if you don't want to define the word cryptography using the word encryption, you could say it makes information secure by preventing useful reading and useful copying of the data except by the intended recipients. Or something like that.

Yes, I think you're right that “the session key does the actual data encoding” should at least be “the session key does the actual data encrypting” otherwise you are muddying the waters. I could be convinced that the wording otherwise could be left as-is, depending on the text around it. If it's just a standalone sentence, then you are right it needs to be framed in the context of the algorithm doing the encryption. If it's in context with something like "the algorithm provides the steps needed to produce the ciphertext from the original input; the session key does the actual data encrypting" then I don't think I love it but I don't know how much it matters in the context of the Security+. The Security+ isn't making cryptographers, and it isn't wanting to do so.

It appears based on what you've presented that CompTIA very much wants to produce a distinction between encoding and encryption, which is good. It just also appears that yes they should be a little tighter with language to ensure that distinction is best retained by students.
Click to expand...
  • Like
Reactions: Angel Waymer, Fanuel, superguruman and 2 others

Do you teach students that encoding is the same as encrypting?

Hank Cox
Topic 3A in the 701 course uses "encoding" and "encryption" as synonyms. I think students should understand the difference between the two terms.

I would appreciate knowing what other instructors think about these terms. Does encoding = encryption?

I would also appreciate feedback from a CompTIA SME. What is CompTIA's definition of encoding, and CompTIA's definition of encryption?


My notes on the use of "encoding" in Topic 3A [edited 2/15/2024 to distinguish my opinions from the CompTIA course content]:

The Official CompTIA Security+ Instructor Guide (Exam SY0-701)

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Slide 4

CompTIA content:
"Cryptographic Concepts
Encryption and decryption—encoding and decoding
Plaintext is the unencoded message
Ciphertext is the coded message"

I think this content is misleading, unhelpful, or inaccurate because:
Students need to learn the difference between encoding and encryption. This slide should not confuse encryption and decryption with encoding and decoding. If encoding is mentioned at all, the slide should point out that encoding is not cryptography or encryption.

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Page 38, first paragraph

CompTIA content:
“A cryptographic algorithm is the particular operations performed to encode or decode data.”

I think this content is not accurate because:
Encoding is not the same as encrypting.
Encryption uses a cryptographic key as one of the inputs to a cryptographic algorithm. Encoding does not use a cryptographic algorithm or require the use of a cryptographic key. Geeks for Geeks has an explanation of the difference.
One example of encoding is the use of ASCII codes to represent letters of the alphabet. No cryptographic algorithm or cryptographic key is used.

Page 38, second paragraph:

CompTIA content:
‘Cryptography, which literally means “secret writing,” is the art of making information secure by encoding it. ‘

I think this content is not accurate because:
Cryptography is “transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.” Encryption and hashing can provide this confidentiality or integrity, however encoding does not.
Using ASCII or Morse code are examples of encoding; however they are not examples of cryptography.

Lesson 11: Enhance Application Security Capabilities | Topic 11A, page 317, Question 2

CompTIA content:
“the session key does the actual data encoding”

I think this content is not accurate because:
First, the answer should say “encryption,” not “encoding.”
Second, the key does not do the actual encryption. The encryption algorithm does the encryption, using the key as one of the inputs.
Click to expand...
  • Like
Reactions: Joel M and Damion McCurdy

CIN Instructor Toolbox: Practical AI for Instructors

Stephen Schneiter
Rick Butler said:
Well, I guess that means that "The Usual Suspects" have to bring all the snark so we're not accused of being AI bots...

BTW, @Stephen Schneiter do we have a plan to screen them out? Because...you never know...

;)
Click to expand...
Screen them out? You mean the AI bots or "The Usual Suspects" :ROFLMAO:
Click to expand...
  • Haha
Reactions: aleibl

CIN Instructor Toolbox: Practical AI for Instructors

hosnypasha
Stephen Schneiter said:
During the last TTT series, John Guise was talking to me about how he was using AI to help with lesson plans and how his organization is adopting AI from an instructor's point of view. I thought it was very interesting and have asked John if he would be will to share and demonstrate some of the practices they are adopting and utilizing as they develop courses for their students. Join us for our first CIN Instructor Toolbox of 2024 as we take a look at how instructors can utilize AI.

What: two-hour webinar highlighting tools and best practices for implementing AI in your training environment.
When: Wednesday February 28, 2024, 1:00 p.m. CST
Where: ON24
Who: John Guise, ECPI University

Register Now

https://event.on24.com/wcc/r/4486710/09C0D5E67B6F30021526550AD7534FC3
View attachment 1604
Click to expand...
I have just registered
Click to expand...
  • Like
Reactions: Stephen Schneiter

CIN Instructor Toolbox: Practical AI for Instructors

Stephen Schneiter
During the last TTT series, John Guise was talking to me about how he was using AI to help with lesson plans and how his organization is adopting AI from an instructor's point of view. I thought it was very interesting and have asked John if he would be will to share and demonstrate some of the practices they are adopting and utilizing as they develop courses for their students. Join us for our first CIN Instructor Toolbox of 2024 as we take a look at how instructors can utilize AI.

What: two-hour webinar highlighting tools and best practices for implementing AI in your training environment.
When: Wednesday February 28, 2024, 1:00 p.m. CST
Where: ON24
Who: John Guise, ECPI University

Register Now

https://event.on24.com/wcc/r/4486710/09C0D5E67B6F30021526550AD7534FC3
CIN ON24 Banner-Toolbox series SM 320X70.png
Click to expand...
  • Like
Reactions: Femi, jlyon, aleibl and 12 others

Filter

Top Bottom
Home
Media
Resources
Menu