encryption

"man-in-the-middle" attack (MITM)

-a form of active eavesdropping -attacker makes independent connections w/ victims & relays messages b/w them -victims believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by attacker -simple asymmetric encryption is vulnerable to MITM

certificate

-electronic doc which binds together a public key w/ an identity (e.g. name of organization, address, etc.) -can be used to verify that a public key belongs to an individual -secured by CA's private key -CA's public key is distributed via some secure channels

defense against MITM

-public key infrastructure (PKI) -certificate, digital signature -trusted third party (TTP), certificate authority (CA)

symmetric encryption

-sender & receiver use the same key to encrypt & decrypt data -simple & fast -sender & receiver need to agree on the key in advance

asymmetric encryption

-two keys: public & private -message encrypted by one key can be decrypted ONLY by the other key -the key used to encrypt the message can NOT decrypt the message -complex & slow -sender & receiver do NOT need to agree on the key in advance -public key can be known to public

how does encryption work?

HTTPS: secure communication over Internet -uses a combination of public/private key & symmetric encryption 1. user obtains website's public key 2. user generates a key for symmetric encryption 3. user encrypts symmetric key w/ website's public key 4. website decrypts w/ its private key & obtains the symmetric key 5. then all subsequent communications b/w user & website use symmetric encryption

why encryption?

data transmitted over network in unprotected form can easily be intercepted & captured by sniffer for malicious purposes - prevented by encryption

encryption

the process of transforming info. using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge (often called a key)

key

used to encrypt data