Chapter8

Symmetric and Asymmetric Encryption

-Symmetric encryption uses a private key to encrypt and decrypt.

-Asymmetric encryption uses the public key of the recipient to encrypt the message. \n Digital Certificates

-A digital certificate is a file or electronic password that proves the authenticity of a device, server, or user through the use of cryptography and the public key infrastructure (PKI)

-A digital certificate contains identifiable information, such as a user’s name, company, or department and a device’s Internet Protocol (IP) address or serial number. Digital certificates contain a copy of a public key from the certificate holder, which needs to be matched to a corresponding private key to verify it is real. A public key certificate is issued by certificate authorities (CAs), which sign certificates to verify the identity of the requesting device or user.

 \n Key Management

-The term CKMS stands for Cryptographic Key Management System. A CKMS Security Policy provides the rules that are to be used to protect keys and metadata that the CKMS supports. This Policy establishes and specifies rules for this information that will protect its:

 

  • Confidentiality
  • Integrity
  • Availability
  • Authentication of source
  • \n The Reused Key Stream Problem
  • Reused key stream is the concept that uses same key in multiple times to encrypt the data. That is same key is used to encrypt the different messages.
  • When a key is used in multiple times to encrypt the message, this is should allow the intruder to penetrate the key or key stream. Then intruder easily decrypt the messages, which are transmitted later. \n Therefore, in order to protect the file the keys shouldn't use more than once.

 \n Nonce

  • Nonce shouldn't repeat itself. If same passphrase used to bind the message, then nonce will generate a new key. \n Key Wrapping
  • Key wrapping is the technique that encrypts the key itself using the passphrase. \n Separation of Duty
  • refers to the principle that no user should be given enough privileges to misuse the system on their own. For example, the person authorizing a paycheck should not also be the one who can prepare them.

Diffie Hellman

  • shared secret key is the main aspect. Every participant performs multiplication operation with their private key and other's public key to produce the shared secret key.

  • asymmetric \n RSA encryption

  • In RSA algorithm, private key and private key both are consisting numbers because these numbers should generated by large prime numbers. These large prime numbers perform modular operations to produce the public key and private key.

  • Asymmetric \n Public keys

  • it’s public and anyone can look it up and share it widely. can be shared with everyone in the system. Once the sender has it, he uses it to encrypt his message.

  Private keys

  • In the case of encrypted messages, you use this private key to decrypt messages