Week 07 - Secure Data Transmission (L17-L20) Flashcards
What is encryption?
Modify data in a way that only the correct recepient can read the data.
Which three things are recquired for encryption?
Data, key, encryption algorithm
What is Cryptography?
Is the science of data encryption
What is VPN?
Virtual Private Network. Allows secure communication over an insecure network.
Explain what is meant by a social engineering attack on a password.
Psychological manipulation / Technique to bring a person to a point to tell sensitive information.
What are the two main encryption methods? Explain Adv/Disadv?
- Secrect key
- Public Key
What is a VPN concentrator?
Dedicated device for a VPN endpoint. Isolates encryption/decryption method to this device. Very CPU intense.
Why is encrpytion used (4 reasons)?
Confidentiality: data can only be read by correct person
Integrity: data has not been changed
Authentication: Recipient can verify that messages is from correct sender
Nonrepudiation: Sender cannot deny sending the message
What are two authentication methods for VPN?
IPSec, SSL
What is a Point to Point link?
A connection between to single network nodes. Can be computers or routers. Used for example with VPN to create a secured encrypted channel between to routers.
Name some VPN protocols
IPSec, SSL
What is TLS and How does key establishment works in TLS?
Transport Layer Security, used for https traffic. Public key is used to exchange secret key. Different secret key for each session => Session key.
How do digital signatures work? What is the main risk and how is it solved?
Sender creates hash with his private key, Recepient can create hash with public key of sender.; Risk: man-in-the-middle; Solution: Trusted third party to ensure authenticity
Describe encoding, encryption and hashing?
Encoding: Encoding data is a processing of transform data from one form to another. E.g. convert ASCII to unicode or hex numbers.
Encryption: Data protection by applying a mathematical algorithm.
Hashing: Creation of a checksum.
