Computer Networks 8

Trust

assumption made about how external actors and internal components will behave

Threat

potential failure scenario that a system is designed to prevent or mitigate

Cryptographic (encryption) algorithm

set of steps that can be used to convert plain text into cipher text, consists of ciphers and cryptographic hashes

cipher

used for encryption and decryption

cryptographic hash function

used for integrity and authentication

Block Cipher

as an input takes plaintext block, encrypt it and return ciphertext (which can be decrypted only by using decryption key)

Secret-Key (Symmetric) Ciphers

message is encrypted using a particular key, the same key is required for decrypting the message, fast and efficient

Public-Key (Asymethric) Ciphers

uses a pair of related keys, one for encryption and a different one for decryption, slower than symmetric approach

Authenticators

value included in transmitted message, used to verify authenticity, data integrity of a message and prevent message tampering

Session key

used to secure a session (single episode of communication), each session uses a new session key, typically symmetric keys

Publick Key Infastructure (PKI)

framework for certifying bindings between public keys and identities, defines what key belongs to whom

Firewall

system that typically sits at some point of connectivity between a site it protects and the rest of the network. By default it blocks traffic unless that traffic is specifically allowed to pass through

Techniques for authentication

Authenticator + Timestamp, Authenticator + Nonce

Pretty Good Privacy (PGP)

approach providing security for email. It provides authentication, confidentiality, data integrity, and nonrepudiation

Secure Shell (SSH)

protocol used to provide a remote login service, remotely execute commands and transfer files. Is most often used to provide strong client/server authentication/message integrity and confidentiality

Transport Layer Security (TLS)

standard of Secure Socket Layer (SSL) used to ensure confidentiality, integrity, and authentication in Web transactions

IP Security (IPsec)

framework provides three degrees of freedom: highly modular, many security properties, works for different streams

Highly Modular

allow users to select from a variety of cryptographic algorithms and specialized security protocols

Security Properties

e. g: access control, integrity, authentication, originality and confidentiality