Cyber Security Course, vol. 1
Symmetric encryption
1 key (Private). Advantages: -fast -strong
HTTP status codes
100 -Informational response that the request was received and understood. 200 -The action requested by the client was received, understood, accepted, and processed successfully. 300 -Client must take additional action to complete the request 400 -Error has been caused by the client. 500 -Server failed to fulfill an apparently valid request.
Asymmetric encryption
2 keys (Public & Private). The keys are mathematically related. Advantages: -better key distribution -scalability -authentication & non-repudiation Disadvantages: -slow -mathematically intensive Https (hyper text transfer protocol secure) has a public and private key. If you encrypt with the private, then you need the public (vice-versa). Algorithms: a. Rivest-Shamir-Adleman (RSA) -asymmetry is based on practical difficulty of factoring the product of 2 large prime numbers, the factoring problem. b. Elliptic curve cryptosystem (ECC) -computing discrete algorithms. c. Diffie-Hellman (DH) -calculating discrete algorithms in finite field. -forward synchrosy. d. El Gamal -calculating discrete algorithms in finite field.
Digital signature
A hash value that is encrypted to the sender's private key which is signed by the receiver. Steps: 1. hash algorithm (sender) 2. hash value 3. sender private key 4. sign the message (receiver) Steps to check if signature is valid: 1. signed message (sender) 2. sender public key 3. hash value (receiver)
AES
Advanced encryption standard. Two strengths: 1. 128-bit 2. 256-bit
HTTPS
Client generates a symmetric session key by using AES and encrypts it with the server's public key. This encrypted key is sent to the web server and they both use this symmetric key to encrypt the data they send back and forth. This is how the secure channel is established.
Cypher suites
Combination of algorithms used for encryption.
Encryption
Confidentiality -privacy. Authentication -knowing if you are the real you. Non-repudiation -cannot later deny that you sent/encrypted a message. Integrity -that the message has not been altered in anyway.
SHA-256
Designed by the NSA. SHA means Secure Hash Algorithm. Computed with 32-bit and 64-bit words.
SSL Strip
Hacker uses a free tool called SSL Strip to change https to http using man-in-the-middle tactics. SSL Stripping occurs in between the time between the browser and the web server. SSL strip acts as a proxy by looking for 302 redirects and links that are https. SSL strip pretends to be the browser when the web server sends back information to the browser.
IP address
IP address is an Internet Protocol address. The address is a unique number that is linked to all online activity you do. IP address changes if you turn your modem or router on and off.
Hash function
Input is used to create the output (digest) using a cryptographic hash function. Can never use the output and convert it back into the input. Hash is not encryption because it cannot be decrypted back to the original text.
Wireshark
Most widely-used network protocol analyzer.
Norse threat map
Real-time map that delivers live, accurate, and unique attack intelligence that helps customers block attacks, uncover hidden breaches and track threats emerging around the globe. Offers a continuously updated torrent of telemetry from the world's largest network of threat intelligence sensors.
SSL
SSL is Secure Sockets Layer. Older encryption protocol. Is insecure.
TLS
TLS is Transport Layer Security. Newer encryption protocol. https is TLS. TLS is most used method for encrypting data on the internet. Uses message authenticating codes (MAC). Symmetric encryption is used. -Private (confidential) -Authenticated -Integrity TLS 1.3 is most secure, but least browser compatible. TLS requires a TLS-enabled server and browser.
Canary Tokens
Tokens have a unique identifier (which is embedded in HTTP URLs or in host-names). When the URL is requested, or host-name resolved, a notification email is sent to the email tied to the token which gives the information of where and when the token was opened.
SSL labs
Website used to see how secure a web site is and what encryption options are offered by it.
WinZip
Windows program that lets you archive and compress files. Also allows encryption using AES.
