Nothing to hand in
Use internet resources (possibly including Chapter 5 of
Anderson's Security Engineering, 2e)
to make sure you can answer the following questions.
- What's the difference between symmetric and asymmetric encryption algorithms? Be able
to name at least two examples of each.
- Of what does an RSA public key consist? Same question for the private key. What's the
required mathematical relationship between the two?
- Given an RSA public key, how do you encrypt a message? Given an RSA private key and
a message encrypted with the corresponding public key, how do you obtain the original message?
- What's a public key infrastructure (PKI), and why would you want one?
- What is a cryptographic hash function, and what is one used for? What properties
does it need to have? Be able to name at least two.
- What is a message authentication code (MAC), and what is one used for? What properties
does it need to have? Be able to name at least two.
As we dive into SSH and
TLS over the next week or so, we'll be
constantly thinking about threats and their mitigation.
The cryptographic concepts in the questions above will be relevant to the
discussion of these threats.