IPSec. Internet Protocol security (IPSec) is used to encrypt IP traffic. The IP Security (IPsec) architecture comprises a suite of protocols developed to ensure the integrity, confidentiality and authentication of data communications over an IP network. IPSec may be used in three different security domains: virtual private networks, application-level security and routing security. IPsec is […]
Providing Confidentiality with Encryption Confidentiality ensures that data is only viewable by authorized users. Encryption provides confidentiality of data, including data at rest (any type of data stored on disk) and data in transit (any type of transmitted data). Symmetric encryption uses the same key to encrypt and decrypt data. As an example, Remote Authentication […]
Password salting adds additional characters to passwords before hashing them, and prevents many types of attacks, including dictionary, brute force, and rainbow table attacks. In cryptography, a salt is random data that is used as an additional input to a one-way function that “hashes” a password or passphrase. Salts are closely related to the concept […]
Encryption is the translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher […]
Diffie Hellman is an algorithm used to establish a shared secret between two parties. It is primarily used as a method of exchanging cryptography keys for use in symmetric encryption algorithms like AES. The algorithm in itself is very simple.
In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document used to prove ownership of a public key.
A Public Key Infrastructure (PKI) is a group of technologies used to request, create, manage, store, distribute, and revoke digital certificates. A PKI allows two entities to privately share symmetric keys without any prior communication.
When using digital signatures with email: The sender’s private key encrypts (or signs). The sender’s public key decrypts. A digital signature provides authentication (verified identification) of the sender, nonrepudiation, and integrity of the message. Senders create a digital signature by hashing a message and encrypting the hash with the sender’s private key. Recipients decrypt the […]
Symmetric encryption uses the same key to encrypt and decrypt data. As an example, Remote Authentication Dial-In User Service (RADIUS) uses a shared key for symmetric encryption. AES is a popular symmetric block encryption algorithm, and it uses 128, 192, or 256 bits for the key. DES is an older, symmetric block encryption algorithm. 3DES […]
Diffie-Hellman is a key-exchange protocol, and RSA is an encryption/signing protocol.