Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- KKKK
- 2222
- TTTT
- AA88
- Cryptography is the study of techniques used for secure communication
- For information security you need to be able to store passwords or exchange
- information such as messages securely between computers which relies on
- cryptography to keep the information safe.
- Before the digital age cryptography primarily referred to the encryption and
- decryption of messages to and from text intended to be indecipherable except
- by the intended recipients.
- With the computer era cryptography is much more math-heavy.
- Various encryption models or protocols were designed for
- transmission of electronic data including the Data Encryption Standard by IBM.
- Following their work, an encryption algorithm is considered secure enough if
- it is mathematically difficult enough to decode.
- The computational hardness assumption assumes that attackers or eavesdroppers
- don't have unlimited computing resources to decode your communications.
- With symmetric-key cryptography the sender and receiver of a message use the
- same key to encrypt and decrypt a message. This can make it difficult when
- trying to make messages secure among many people as every distinct message
- between a pair of users or group of users would need a distinct key.
- In public-key cryptography, a public key is used to encrypt data while a private
- key is used to decrypt it; the two keys are mathematically related while also
- not simply being able to be determined from the other one.
- hashing is a type of encryption that scrambles input and cannot be reversed easily,
- however, by using something called rainbow tables, password crackers
- store the output of many common passwords put through common hashing algorithms
- allowing weak passwords to be reverse-looked up in these tables.
- secure messaging apps such as telegram automatically use cryptography to make
- sure your information is secure.
- when working with cryptography the goal is closely tied to information security:
- you want to be able to make sure users can only access data they have permission
- to access with data confidentiality,
- you want to make sure users are who they say they are;
- you want to make sure that data is not lost when encrypting it
- and for some applications you want to make sure some user actions or messages have
- a signature attached that proves it was sent by a specific person:
- for example, if I agree to pay someone for a service over electronic communication
- and sign it digitally, I shouldn't be able to go back and say that I never made
- an agreement.
- defensive strategies to avoid cryptography include
- not using websites that store passwords in anything other than plain text
- as websites use encryption to prevent anyone from seeing your password.
- even if they "store" your password in a database, it's going to look
- like jibberish
- in fact, most of the internet uses encryption to a degree
- but maybe "how do I avoid cryptography?" isn't the question
- we shouldn't be asking here
- to avoid cryptographic vulnerabilities, companies should
- implement well-tested algorithms instead of designing their own
- such as AES, RSA or SHA-256.
- data should be secure not only during transmission but also during storage
- as message sending is not the only time data can be vulnerable.
- companies also should keep track of machine identities and signatures
- so hackers cannot create encrypted tunnels to hide in.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement