Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security (Encryption algorithms (Authenticated communication based on…
Introduction
Security policy: provides a statement of the required integrity privacy of shared information and other limits to the allowable usage of a shared resource
-
-
-
Threats from mobile code
Necessary to ensure that the host is secure from any operations that the mobile code undertakes while alowing legitimate operations
-
-
-
Encryption algorithms
-
Public/private key
-
-
-
Sender uses a public key to encrypt message, recipient uses corresponding private key to decrypt the message
-
-
-
-
-
-
Role of encryption
Secrecy + integrity
Secrecy: messages encrypted with a particular key can only be decrypted by a recipient who knows the corresponding decryption key
Integrity: maintained if some redundant info e.g. checksum is included and checked in the encrypted message
Authentication
If keys are held in private, a successful decryption authenticates the decrypted message as coming from a particular sender
Digital signatures
-
Unique to the signer, difficult to forge
-
-
-
Cryptographic algorithms
Block ciphers
-
-
-
-
If using symmetric key with several receivers, can see that the same message is being sent -> information leakage! -> add diff random number at the beginning of each message
-
Stream ciphers
-
-
Encrypt key stream, XOR with data stream
-