Part 1:
Answer the following questions by filling in the blank using the proper technology or cryptography terms you have learned in class:
1. SSL certificates type of certificate is used to provide security on Web sites.
2. PKI is the most common public key encryption systems and, in most cases, this relies on manual trust and key distribution.
3. Message authentication code provides authentication or proves integrity of a digital message. 4. SHA-1 encryption scheme was broken and was replaced with a third round version of itself.
5. RSA is the first algorithm suited to both signing and encryption, and it is now widely used in e-commerce and other public key systems. 6. The entity that issues certificates is a Certificate Authority
7. The document to check to verify whether a certificate has been revoked is Certificate Revocation List.
8. Each bit of length determines the number of keys.
9. Currently, 128 bit certificates are commonly used for web communications.
10. Triple DES provides 112 bits of security, despite using a 168 bit key.
11. Thawte, Verisign, and Comodo are all examples of SSL certificates.
12. Hiding data in images is an example of Steganography
13. Data Encryption Standard (DES), ROT13, and Enigma are all examples of algorithm for the encryption of electronic data
14. A digitally signed email provides authentication.
15. A digitally encrypted e-mail provides privacy /security
Part 2:
Message-Digest algorithm 5 (MD5) that the University uses has significant weaknesses that can be exploited by attacks. Attackers can launch attacks against X.509 digital certificates signed using the MD5 hashing algorithm, to generate additional digital certificates. Vulnerability in the Internet Public Key Infrastructure (PKI) can allow rogue Certification Authority (CA) certificate trusted by all common web browsers. Rogue Certification Authority (CA) certificate, can impersonate websites and other site using HTTPS. MD5 "collision uses this hash function can expose the security infrastructure of the web to realistic threats. Attackers can generate cryptographic tokens to appear as authentic tokens.
Since the University uses a Cisco ASA firewall device which can create and sign digital certificates for users and systems they should use SSL is a cryptographic protocol to create certificates for critical systems in some departments. SSL is a cryptographic protocol used to create a secure, encrypted connection over the Internet by verifying the identity of a server using a digital certificate system.
Currently the system is usable but caveats should it be replaced.
You May Also Find These Documents Helpful
-
In this lab, you applied common cryptographic techniques to ensure confidentiality, integrity, and authentication. You created an MD5sum and SHA1 hash on a simple text file on a Linux virtual machine and compared the hash values of the original files with those generated after the file had been modified. Next, you used GnuPG to generate an encryption key pair and encrypted a message. Finally, you used the key pairs to send secure messages between two user accounts on the virtual machine and verified the integrity of the received files.…
- 392 Words
- 2 Pages
Good Essays -
Match common encryption algorithms and methods with the scenarios representing real-world business applications and requirements.…
- 606 Words
- 3 Pages
Good Essays -
Verify the integrity of the output of common cryptographic and hashing tools to determine whether an encrypted message is legitimate or whether it has been modified…
- 559 Words
- 3 Pages
Satisfactory Essays -
This lab demonstrated how hashing tools can be used to ensure message and file transfer integrity and how encryption can be used to maximize confidentiality. Common hashing and encryption tools, including MD5, SHA1, and GnuPG, were used. You used GnuPG to generate both a public and private key and a secret key for encryption only.…
- 517 Words
- 3 Pages
Good Essays -
The vulnerability that has been discovered has a primary affect to a cryptosystem and a secondary affect to a cryptosystem. The vulnerability in question is a weakness in the MD5 algorithm that would allow for collisions in output. As a result, attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic.…
- 675 Words
- 2 Pages
Good Essays -
Match common encryption algorithms and methods with the scenarios representing real-world business applications and requirements.…
- 406 Words
- 2 Pages
Good Essays -
8 True or False: Cryptography is a mechanism for accomplishing confidentiality, integrity, authentication, and nonrepudiation.…
- 620 Words
- 3 Pages
Good Essays -
Encryption is method of scrambling data in some manner during transmission. In periods of war, the use of encryption becomes paramount so those messages are not intercepted by the opposing forces. There are a number of different ways to protect data during transmission, such as Substitution (character for character replacement) in which one unit (usually character) of cipher text (unintelligible text or signals produced through an encryption system) is substituted for a corresponding unit of plain text (the intelligible text or signals that can be read without using decryption), according to the algorithm in use and the specific key.…
- 877 Words
- 3 Pages
Powerful Essays -
Hash ____ are mathematical functions that create a hash value, also known as a message digest, by converting variable-length messages into a single fixed-length value.…
- 1195 Words
- 17 Pages
Good Essays -
There are numerous techniques that the Information Technology industry can use in order to substantiate an entities identity, have the ability to authenticate that entity and provide the appropriate authorization for that entity to have access to a networks resource. There are many diverse techniques that are obtainable to accomplish this task.…
- 630 Words
- 3 Pages
Good Essays -
A secure and efficient protocol is used, ECC elliptic curve cryptography a public key cryptography…
- 470 Words
- 2 Pages
Good Essays -
e. ___Encryption______ is the use of an algorithm to scramble data into a format that can be read only by reversing the algorithm.…
- 594 Words
- 3 Pages
Good Essays -
2) KeyGenSer(GP): Taking GP as an data or the input, this algorithm generates a private and public key combine (skS,pkS) for the data/information server.…
- 259 Words
- 2 Pages
Satisfactory Essays -
3) The HTTP and HTTPS protocols are often used to access email using a web browser.…
- 408 Words
- 2 Pages
Satisfactory Essays -
Public key infrastructure (pki) certificates that enable cardholders to "sign" documents digitally, encrypt and decrypt emails, and establish secure online network connections.…
- 1716 Words
- 7 Pages
Good Essays