Scribd
Upload
3 views

assignment 2 crypto

The document provides an overview of several key security protocols including SSL, Proxies, IPSEC, HTTPS, and PKI, which are essential for secure communication over the internet. SSL establishes encrypted connections, while Proxies act as intermediaries to enhance privacy. IPSEC secures IP communications, HTTPS ensures secure web transactions, and PKI manages public key distribution for encryption and authentication.

Uploaded by

lawrencechikopa1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
3 views

assignment 2 crypto

The document provides an overview of several key security protocols including SSL, Proxies, IPSEC, HTTPS, and PKI, which are essential for secure communication over the internet. SSL establishes encrypted connections, while Proxies act as intermediaries to enhance privacy. IPSEC secures IP communications, HTTPS ensures secure web transactions, and PKI manages public key distribution for encryption and authentication.

Uploaded by

lawrencechikopa1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

SSL
SSL (Secure Sockets Layer) is a security protocol used to establish a secure and encrypted
communication channel between two devices over the internet. It uses cryptography to secure the
data transmission and ensure privacy and integrity of the data being exchanged. SSL can be used
for a variety of purposes including secure web browsing, secure email communication, and secure
data transfer. When using SSL, it is important to use a trusted certificate authority to verify the
identity of the server and ensure the authenticity of the SSL certificate being used.

It uses a combination of public and private key encryption to establish a secure connection
between a client and a server. When a user tries to access a website with SSL, the server responds
with its SSL certificate which includes the public key for encryption. The browser uses this public
key to create a unique session key that is used for encrypting all data that is transmitted to and
from the server. This ensures that data such as passwords, credit card numbers, and other sensitive
information is kept secure during transmission.

2. PROXIES
Proxies in the context of cryptography refer to intermediaries that stand between a user and a
target website or service. Proxies can provide additional security and privacy by hiding the user's
IP address and encrypting the communication with the target server. There are different types of
proxies, such as forward proxies and reverse proxies, each with its own specific functionality.
When using a proxy, it's important to ensure that the proxy is trustworthy and doesn't introduce
any vulnerabilities to the communication.

A forward proxy is used by clients to access resources from servers. On the other hand, a reverse
proxy is used by servers to handle requests from clients. The main difference is the direction of the
proxy: forward proxies handle requests from clients to servers, while reverse proxies handle
requests from servers to clients.

3. IPSEC
IPSEC (Internet Protocol security) is a protocol suite that is used for securing Internet Protocol
(IP) communication by authenticating and encrypting each IP packet in a data stream. There are
two main protocols used within IPSEC: Authentication Header (AH) and Encapsulating Security
Payload (ESP). AH provides authentication and data integrity for IP packets while ESP provides
confidentiality for IP packets. IPSEC can be used for securing communications between two hosts,
between a host and a network, or between two networks.

It is commonly used in virtual private network (VPN) technology to protect data that is
transmitted over a public network, such as the Internet. It provides end-to-end security, which
means that it protects the entire communication session and not just the data transmission. In
summary, IPSEC is a crucial technology for securing online communication and ensuring the
privacy and security of sensitive information.
4. HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP. It ensures secure
communication between a client and a server, by using encryption and authentication provided by
cryptography. HTTPS ensures that the data transmitted between the client and server cannot be
read, manipulated or intercepted by third parties. It also ensures that the client is communicating
with the intended server and not an imposter. As a best practice, websites should use HTTPS to
protect the privacy and security of users.

HTTPS, or Hypertext Transfer Protocol Secure, works by encrypting the data transferred between
a web server and a client's browser. This encryption is done using SSL/TLS (Secure Sockets
Layer/Transport Layer Security) protocols to establish a secure connection. When a user requests a
webpage, the server sends a certificate to the browser to authenticate its identity. The browser
verifies the certificate, then generates a session key, which is used to encrypt all transactions
between the browser and server. This ensures that any data exchanged, such as login information
or credit card details, cannot be intercepted and read by third parties.

5. PKI
PKI stands for Public Key Infrastructure, which is a system that is used to securely exchange
digital information between two or more parties. In cryptography, PKI is used to manage and
distribute public keys, which are used for encryption and decryption of messages. PKI is a
complex process that involves generating and distributing digital certificates, which are essentially
digital documents that verify the identity of the parties involved in the communication. PKI helps
to ensure the confidentiality, integrity, and authenticity of digital information exchanged.

In PKI, a user has a pair of keys - a private key and a public key. The public key is freely available
to anyone while the private key is kept secret. When the user wants to send an encrypted message
to another user, they use the recipient's public key to encrypt the message. The recipient can then
use their private key to decrypt the message. This ensures that only the intended recipient can read
the message. Additionally, PKI can also be used for authentication, where the sender's private key
is used to sign a message, and the recipient's public key is used to verify the signature. This helps
ensure that the message was actually sent by the claimed sender, and has not been tampered with
during transmission.

You might also like