tailieunhanh - Chapter 5 – Public Key Infrastructure
So Symmetric key (private key) encryption is fast and nice, but has what MAJOR problem? Symmetric Key encryption, also doesn’t provide integrity concerns ;( Asymmetric Key/public key encryption can be combined with Symmetric Key encryption to solve BOTH problems, but Symmetric Key encryption has what problem of it’s own? | Security+ All-In-One Edition Chapter 5 – Public Key Infrastructure Brian E. Brzezicki Public Key Infrastructure So Symmetric key (private key) encryption is fast and nice, but has what MAJOR problem? Symmetric Key encryption, also doesn’t provide integrity concerns ;( Asymmetric Key/public key encryption can be combined with Symmetric Key encryption to solve BOTH problems, but Symmetric Key encryption has what problem of it’s own? MiM (normal exchange) MiM Attack! (part 1) MiM Attack! Part 2 Public Key Infrastructure Wouldn’t it be nice if some one we could distribute public keys AND be assured that the public key we received was the actual public key of the person we expect to talk to? PKI to the rescue! PKI (109) PKIs are generally concerned with ensuring and managing identity trust, specifically using “digital certificates”. Provides all the components necessary for users to be able to communicate securely in a managed method. Includes hardware, software, policies, services, . | Security+ All-In-One Edition Chapter 5 – Public Key Infrastructure Brian E. Brzezicki Public Key Infrastructure So Symmetric key (private key) encryption is fast and nice, but has what MAJOR problem? Symmetric Key encryption, also doesn’t provide integrity concerns ;( Asymmetric Key/public key encryption can be combined with Symmetric Key encryption to solve BOTH problems, but Symmetric Key encryption has what problem of it’s own? MiM (normal exchange) MiM Attack! (part 1) MiM Attack! Part 2 Public Key Infrastructure Wouldn’t it be nice if some one we could distribute public keys AND be assured that the public key we received was the actual public key of the person we expect to talk to? PKI to the rescue! PKI (109) PKIs are generally concerned with ensuring and managing identity trust, specifically using “digital certificates”. Provides all the components necessary for users to be able to communicate securely in a managed method. Includes hardware, software, policies, services, algorithms and protocols. Enables C, and I of the CIA triad Enables non-repudiation PKIs how do they work? (110) In a PKI you are given a digital certificate, which contains your identity, and a key (public key) people can use to encrypt data securely to you OR verify items that you have digitally signed! However we must have some way of ensuring that the digital certificate has not been “faked” so we have a entity called a Certificate Authority (CA) that digitally signs your digital certificate, proving that the digital certificate is really yours! It is important that users trust the CA, otherwise there is no purpose!!! The entire PKI structure relies upon the fact that the CA can be trusted! If the CA is comprimised the whole PKI is useless. (more) PKIs how do they work? (110) CAs are computer technology entities that issue/sign your digital certificates, however they rely on an entity to actually do a “background” check on you to prove you really are you you say you are before the CA .
đang nạp các trang xem trước
