Encryption is a method in which a message is encrypted so that it retains its integrity and confidentiality while transferring message through a communication channel.
There are two types of encryption:
1. Only 1 key is used to encrypt and decrypt messages.
2. Also called shared key or shared secret encryption.
3. DES, 3DES, AES used in IPSEC are few examples.
4. RC4 used in WEP and WPA1 is also example.
5. It is a Fast Encryption
6. All host parties should have the secret key configured through some external means.
1. Also known as public key cryptography.
2. Data when encrypted using public key of host can only and only be decrypted using corresponding host’s private key as public and private keys are interlinked.
3. Hence two keys are used, One for encryption and other for decryption called public and private keys.
4. RSA, Digital certificates are example of Asymmetric Encryption
5. However It is a slow encryption thus mostly used to secure channel and not actual payload/Data.
6. The operation of this type of algorithm is that first public key is requested from host and then session key is encrypted using that public key. Then session key is shared to the host and tunnel is made up. Once tunnel is up data is encrypted using symmetric also and transferred to host. And session key is only valid for that session only.
1. It is different form of encryption.
2. It condenses message into irreversible fixed length value called hash using a hashing algo.
3. most common algorithms are MDF and SHA1.
4. Hashing is only used to verify data , original message cannot be retrieved back.
5. Example when we download some software and we can check the actual value with the value given by software vendor.
1. Salt is a random number which is used with password for security purposes.
2. It is used to defend dictionary attacks.
DS are used for Electronic identification /encryption over internet.
It has two main purposes:
1. Identification: Verify, sender, user, or server.
2. Encryption : certificates contain public keys to encrypt data.
For example, Certificate copy is copied from bank server to browser cache on first connection. The browser generates a unique one time session key using public key of bank which he got from certificate and encrypts it. Once bank receives it and a secure tunnel is created.
Digital certificate usually contain:
- Public Key
- Information about computer, individual.
- Certificate issuing authority info.
- Date & exp of certificate
- Serial number of certificate.
Wireless Security protocols
• Wired equivalent privacy
• Has to modes of authenticaltion i.e. open and pre-shared.
• WEP uses data encryption scheme. Called RC4.
• Supports upto 256 bit key length.
• Wifi protected access.
• Uses TKIP
• It also includes a message integrity check.
• Uses ccmp, a AES based encryption mode to provide better security.
• ccmp : Counter cipher mode protocol
• It has two modes i.e wpa2-psk and wpa2 -ent.(Radius)
• Wpa2-psk uses 256 key – through TKIP or AES
• Wpa2-ent creates new encryption key each time the user logs . Also it can be used with radius.
• Temporal key integrity protocol
• 128 key lenghth for encryption
• An important part of TKIP is that it changes the key used for each packet.
• Each packet transmitted using TKIP has a unique 48-bit serial number that is incremented every time a new packet is transmitted and used both as the Initialization Vector and part of the key.
It is a stream cipher (cipher means the text we get after encryption)
•It is a symmetric cipher. In a stream cipher each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the cyphertext stream
• Used in SSL and WEP.
• Rivest Cipher 4 or Rons Code.