CST311.4 Module Four

 

CST311.4 Module Four

What I learned this week:

This week consisted of preparing for the midterm as well as the first half of the Security section of our textbook. For reference, a majority of the book associates 2 parties wishing to communicate with one another named Alice and Bob, with one bad actor by the name of Trudy. In order for Alice and Bob to have secure communication, they must have confidentiality, message integrity, end-point authentication and operational security. In order to define how to provide these properties of secure communication we need to delve into a tool primarily used in network security in the form of cryptography.

Cryptography has been around for centuries, dating back to julius caesar and the infamous caesar cipher, which was used in a way to code messages. quite plainly, with cryptography, there is plaintext, which is the intended message to be sent, ciphertext, which is an encrypted version of plaintext, and a key which is used to both encrypt and decrypt ciphertext. Now when it comes to keys there are primarily two types of keys one being symmetric in which both sender(Alice) and receiver(Bob) share a secret key amongst the two parties. Then there are public key systems in which each party hold two keys, one of which is public for all to see, and one of which is private (known only to them). Symmetric keys are quire simple however, in order to establish a symmetric key secure communication must me made in order to initialize the keys existence, which in some cases especially when dealing with the internet is not possible. For public key encryption to work, each party must each have both a public and private key. in order for Alice to encrypt a message and send it to Bob, she would use Bob's public key to encrypt the message, now only Bob will be able to decrypt it as he would use his private key in order to decrypt the message.  There are other ways to encrypt and decrypt while using public key encryption though, such as in order to apply a digital signature or provide message integrity such as applying ones own private key to the message, as it would prove that the sender was the one who sent the message. 

Cryptographic hash functions take an input and compute a fixed-size string known as a hash. One outlook of cryptographic has functions which is unique, is that it is computationally infeasible to find any two different messages x and y such that H(x)=H(y), which means it is highly unlikely for an intruder to substitute one message for another message that is protected by the hash function. Primarily there are two popular hash functions today, which are MD5 and SHA.

In order to ensure message integrity the inclusion of cryptographic hash function and an authentication key can be used. Say Alice creates a message, m, and concatenates a shared secret s with m, generating m+s, which can then be hashed H(m+s) in order to generate a Message Authentication Code(MAC). Alice can then append the original message with H(m+s) and send it to Bob, since Bob knows s, he can apply the hash to the unencrypted message to see if H(m+s) = H(m+s). confirming that the message has been authenticated.

Now another aspect of Public Key encryption is that of Certificate Authorities, as there needs to be some authoring in providing a public key to any participant as there could be Trudies everywhere. Certification Authorities verify that an entity is who it says it is and generates a certificate that binds the public key of the entity to the identity.