1. Digital Rights Management Digital Rights Management, or DRM software mechanisms, provide content owners with the technical ability to prevent the unauthorised use of their content. DRM uses encryption technology to render content inaccessible to those who do not possess the necessary license to view the information. Apple and many other subscription-based music services do use DRM technology to encrypt…
Month: August 2020
Security+ Course – 6.6 Cryptanalytic attacks
1. Brute Force Attacks Brute-force attacks are the simplest form of attack against a cryptographic system. In a brute-force attack, the attacker simply guesses repeatedly at the encryption key until he or she stumbles upon the correct value for the key and gains access to the encrypted information. Brute-force attacks can take a very long time to complete successfully, if…
Security+ Course – 6.5 Public Key Infrastructure (PKI)
1. Trust Models Requirements for Symmetric Key Exchange: The 2 parties must be confident that they are really communicating with each other and not an imposter The 2 parties must be confident that nobody is eavesdropping on the key exchange Asymmetric Cryptography Users don’t need to share their private keys Users can share their public keys freely Eavesdropping protection isn’t…
Security+ Course – 6.4 Key Management
1. Key Exchange In symmetric encryption, the sender and receiver share a single secret key that nobody else should know. Before the sender and receiver can begin to communicate using a symmetric algorithm, they must somehow agree upon and exchange the shared secret key that they will use for that communication session. Problems with Key exchange EG: Alice and Bob…
Security+ Course – 6.3 Asymmetric Cryptography
1. Rivest-Shamir-Adleman (RSA) Asymmetric cryptography solves issues of scalability by giving each user a pair of keys for use in encryption and decryption operations. The RSA algorithm was one of the earliest asymmetric cryptographic algorithms and it is still used today. It was published in 1977. There’s a lot of complex maths involved in creating that key pair, but the…
Security+ Course – 6.2 Symmetric Cryptography
1. Data Encryption Standard (DES) DES was designed by IBM in the 1970’s Intended to serve as a federal encryption standard. Up until that point different agencies used different encryption algorithms. This caused issues with security because all of those algorithms weren’t thoroughly tested, and interoperability because different agencies couldn’t easily communicate with each other How DES Works DES uses…
Security+ Course – 6.1 Encryption
1. Understanding Encryption Cryptography is the use of mathematical algorithms to transform information into a form that is not readable by unauthorised individuals. Cryptography does, however, provide authorised individuals with the ability to transform that encrypted information back into readable form. Encryption: converts information from its plaintext form into an encrypted version that is unreadable. This is known as ciphertext…