150 likes | 236 Views
Security. Meredith Friedman CS 111.01. Aspects of Security. Privacy. The concept of confidentiality; Only sender and receiver should have access to contents of a transmission. Authentication. Assures the recipient knows who the sender is, and where the information is coming from. Integrity.
E N D
Security Meredith Friedman CS 111.01
Privacy • The concept of confidentiality; Only sender and receiver should have access to contents of a transmission.
Authentication • Assures the recipient knows who the sender is, and where the information is coming from.
Integrity • The idea that a transmission is received in exactly the same way it was sent.
Nonrepudiation • A guarantee that the sender is aware of what they are doing, and takes full responsibility. A secure server is able to prove who sent a message.
Encryption • Privacy requires that a message be encrypted at the sender site and decrypted at the receiver site so that a potential intruder cannot understand its contents.
Types of Encryption • Secret Key Encryption • Public Key Encryption • Combination (Secret and Public Key)
Secret Key Encryption • When the sender uses a secret key, an encryption algorithm encrypts the data. • The receiver uses the same key with a decryption algorithm to decrypt the data. • Data, when not encrypted, are called plaintext, encrypted data are called ciphertext • Secret Key Encryption algorithms are also called Symmetric Encryption Algorithms because the same secret key is used in both directions of communication.
Pros and Cons • More efficient than Public Key Encryption • Each pair of users must have a secret key – so if 1 million people want to communicate, they need to have a half-trillion secret keys. • Distribution of keys between parties can be difficult
Public Key Encryption • This method uses 2 keys: a private key kept by the receiver, and a public key that is announced to the public (i.e. via the internet). • The most common public-key algorithm is named after its inventors: Rivest-Shamir-Adleman (RSA) Ecryption.
Pros and Cons • Less keys needed- using Public Key Encryption, it would only take 2 million keys for 1 million people to communicate. • The algorithm for a public key usually has very large numbers, so converting plain text from cipher text can take a long time. • For this reason Public Key Encryption is not usually used for large amounts of text.
Combining the Two • You can combine the advantages of Secret Key (effciency) and Public Key (easy distribution of keys) algorithms. • The public key is used to encrypt the secret key, while the secret key is used to encrypt the message.