Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
5 Cards in this Set
- Front
- Back
|
principles and terminology of message security
|
(Privacy, Integrity, Authentication)
|
|
|
Privacy
|
use cryptographic algorithms
|
|
|
Integrity
|
How can you be assured that an original, encrypted message was not modified or substituted during transmission?
- Message Digest sent along with the original Upon receipt, the receiver also creates a message digest of original message and compares it to the one received - Encrypting a message digest with the sender’s private key creates a DIGITAL SIGNATURE - an electronic means of authentication. |
|
|
Authentication
|
Certificate Authority (CA) – a trusted agency which issues digital certificates after first verifying the information in a certificate request from the private key owner of a key pair
|
|
|
Problems Using SSL Servers
|
- doesn't protect your site against hackers - it only encrypts data in transit between client and server
- Cannot use current network IDS to audit or monitor SSL transactions - Popular security scanners don't check SSL-enabled servers - Vulnerable to Bucket Brigade / Man-in-the-Middle attacks |
