Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
10 views7 pages

Unit 4 Css

The document outlines various cryptographic concepts including symmetric and asymmetric encryption, decryption, authentication, and digital signatures. It emphasizes the importance of secure key exchanges, message authentication codes, and public key infrastructure in ensuring data integrity and confidentiality. Additionally, it discusses the application of these techniques in electronic payment systems and secure communications.

Uploaded by

Jitendra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views7 pages

Unit 4 Css

The document outlines various cryptographic concepts including symmetric and asymmetric encryption, decryption, authentication, and digital signatures. It emphasizes the importance of secure key exchanges, message authentication codes, and public key infrastructure in ensuring data integrity and confidentiality. Additionally, it discusses the application of these techniques in electronic payment systems and secure communications.

Uploaded by

Jitendra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

1.

Symmetric Encryption
1. Uses the same key for both encryption and decryption.
2. Faster than asymmetric encryption because of simpler
algorithms.
3. Common algorithms include AES, DES, and Blowfish.
4. The key must be securely shared between sender and
receiver.
5. Vulnerable to attacks if the key is intercepted.
6. Suitable for encrypting large volumes of data.
7. Often used in applications like secure data storage and
file transfer.
8. Requires a secure mechanism for key exchange.
9. Does not provide non-repudiation since both parties have
the same key.
10. Ensures confidentiality but needs additional
techniques for authentication.

2. Decryption
1. The reverse process of converting encrypted data back to
its original form.
2. Requires the same key (symmetric) or a private key
(asymmetric) for success.
3. Errors in key or algorithm make decryption impossible.
4. Decryption speed depends on the algorithm used.
5. Secure decryption ensures the integrity and
confidentiality of data.
6. Commonly implemented in HTTPS, VPNs, and email
systems.
7. Used in both real-time communication (e.g., video calls)
and stored data.
8. Unauthorized decryption attempts can trigger alerts in
secure systems.
9. Relies on proper key management to prevent breaches.
10. Supports end-to-end encryption for secure
communication.

3. Public Key Cipher


1. Uses two keys: a public key (shared) and a private key
(secret).
2. Public keys encrypt data, and private keys decrypt it.
3. Enables secure communication without pre-sharing a
key.
4. Common algorithms include RSA and ECC (Elliptic
Curve Cryptography).
5. Slower than symmetric encryption due to complex math
operations.
6. Often used for secure key exchanges and digital
signatures.
7. Supports non-repudiation since only the private key
holder can decrypt.
8. Public keys are shared freely, while private keys are kept
confidential.
9. Vulnerable to attacks if private keys are not adequately
protected.
10. Forms the basis of Public Key Infrastructure
(PKI).

4. Authentication
1. Verifies the identity of a user, device, or system.
2. Ensures that only authorized entities can access sensitive
data.
3. Common methods include passwords, biometrics, and
tokens.
4. Cryptographic techniques like hashing enhance password
security.
5. Two-factor authentication (2FA) adds an extra security
layer.
6. Public and private keys are used in authentication for
secure systems.
7. Digital certificates validate the authenticity of websites
and servers.
8. Prevents impersonation attacks and unauthorized access.
9. Relies on protocols like OAuth and SAML for secure
user authentication.
10. Critical for online banking, e-commerce, and secure
messaging.

5. Message Authentication Codes (MACs)


1. Ensures the integrity and authenticity of a message.
2. Combines a secret key with a hashing algorithm to create
a MAC.
3. The receiver recalculates the MAC and compares it to
detect tampering.
4. Commonly used algorithms include HMAC (Hash-based
MAC).
5. Prevents attacks like man-in-the-middle and replay
attacks.
6. Faster than digital signatures but requires shared secret
keys.
7. Does not provide non-repudiation as both parties share
the same key.
8. Common in financial transactions and secure
communication protocols.
9. Easy to implement in lightweight systems like IoT
devices.
10. Works well with symmetric encryption for end-to-
end security.

6. Key Exchanges
1. Allows two parties to share a secret key securely over an
insecure channel.
2. The Diffie-Hellman algorithm is a common key
exchange protocol.
3. Asymmetric encryption is often used to exchange
symmetric keys.
4. Key exchange ensures confidentiality even if the channel
is compromised.
5. Vulnerable to attacks like man-in-the-middle without
authentication.
6. Session keys are frequently exchanged for temporary
encryption needs.
7. Public Key Infrastructure (PKI) supports secure key
exchange mechanisms.
8. Secure key exchanges are critical for HTTPS and VPN
connections.
9. Modern algorithms like ECDH (Elliptic Curve Diffie-
Hellman) are more efficient.
10. Regularly rotating keys improves security against
long-term attacks.
7. Steganography
1. Hides information within another file (e.g., image, audio,
or video).
2. Focuses on concealment rather than encryption.
3. Common methods include altering pixel values in images
or audio signals.
4. Useful for covert communication without raising
suspicion.
5. Vulnerable to detection with advanced forensic tools.
6. Often combined with encryption for added security.
7. Does not change the appearance or size of the carrier file
significantly.
8. Applications include watermarking and secure document
sharing.
9. Can be misused for malicious purposes, like hiding
malware.
10. Tools like Steghide and OpenPuff facilitate
steganographic practices.

8. Digital Signatures
1. Verifies the authenticity and integrity of a message or
document.
2. Created using the sender’s private key and a hash of the
message.
3. The receiver uses the sender’s public key to validate the
signature.
4. Ensures that the message has not been tampered with.
5. Provides non-repudiation since only the sender can
create the signature.
6. Widely used in email, software distribution, and
contracts.
7. Relies on secure key management to prevent misuse.
8. PKI supports the issuance and validation of digital
signatures.
9. Vulnerable if private keys are compromised or poorly
managed.
10. Common standards include DSA (Digital
Signature Algorithm) and RSA.

9. Public Key Infrastructure (PKI)


1. PKI is a framework for managing public and private keys
securely.
2. Includes Certificate Authorities (CAs) to issue and
verify digital certificates.
3. Certificates bind a public key to an entity (e.g., website
or user).
4. Enables secure communication, authentication, and data
integrity.
5. Relies on protocols like SSL/TLS for secure connections.
6. Supports key lifecycle management, including renewal
and revocation.
7. PKI is critical for online trust, like in HTTPS and email
encryption.
8. A compromised CA can disrupt trust across many
systems.
9. Use tools like OpenSSL for generating and managing
certificates.
10. Ensures compliance with security standards for
secure operations.

10. Electronic Payment Systems


1. Use cryptographic techniques to secure transactions
online.
2. Relies on protocols like SSL/TLS for secure data
transmission.
3. Digital signatures verify the authenticity of payment
requests.
4. Encryption protects sensitive details like card numbers
and CVVs.
5. Tokenization replaces sensitive data with unique tokens
for security.
6. Secure payment gateways handle transactions between
merchants and banks.
7. Fraud detection systems analyze transaction patterns to
prevent misuse.
8. Public Key Infrastructure (PKI) ensures the integrity of
payment systems.
9. Authentication methods like 3D Secure or OTP add extra
security layers.
10. Common examples include credit cards, UPI,
PayPal, and mobile wallets.

You might also like