|Lesson 6|| Fending off an attack|
|Objective||Define encryption types that are used to fend off attacks. |
Fending off DOS Attack
You have implemented a cryptosystem to protect your e-commerce site, but you may want to ensure that the site remains secure from even the most sophisticated hackers. Though many vendors offer techniques that can dissuade even though most
sinister hacker, you should have a basic understanding of what those techniques are; this lesson provides you with that overview.
How to fend off attack
How do you fend off these various forms of attack?
Different "strengths" of encryption provide the means to foil attempted security breaches.
A commonly discussed but frequently misunderstood aspect of cryptography is the strength of encryption.
What constitutes "strong encryption," which is protected by U.S. export laws?
What level of encryption is required for various security needs? How do you determine the effective strength of different types of encryption?
These questions are addressed below.
Finally, there are three basic encryption types, which typically vary based on how they use keys.
The three encryption types include private or symmetric encryption, public or asymmetric encryption, and one-way encryption. They are described in the FlipBook below.
A private key might be compared to your house key, and a public key likened to your house number.
You give access to the first only to those you know and trust. The second is publicly available information.
- In symmetric or private-key encryption, both parties to the communication most passes a single secret or private key
- Private-key encryption is a paradox: 1) to use this encryption, a secure channel has to exist between the two parties to transfer the shared key
- Asymmetric, or public-key encryption as it is more commonly called, allows parties previously unknown to each other to conduct a transaction
- The public key is published and widely disseminated, while the private key is kept secret.
- Because communication decryption requires only public keys, which are widely available anyway, secret keys need no longer be exchanged RSA
- One-way encryption, as its name implies, is encryption that prevents the resulting cipher from being decrypted.
- Historically these functions have been used for storing items such as passwords on Windows and Unix systems.
Encryption strength is based on three primary factors:
Note: For the most reliable security, rely on industry-standard algorithms that have been tested and tried over time by cryptography experts.
Any new or proprietary formula should be viewed with significant distrust until it has been verified in the commercial realm.
- Strength of the algorithm (or encryption procedure) Algorithm strength determines how difficult it is to mathematically reverse the encrypted information. The strongest
algorithms make it nearly impossible to reverse the information with anything short of a brute force attack.
- Secrecy of the key: The second factor, the secrecy of the key, is a logical but sometimes overlooked factor in encryption strength. No
algorithm, however strong, can protect you from compromised keys. Thus, the safety of your encrypted data is directly tied to how secret the key remains.
- Length of key
In terms of encryption and decryption formula application, the key length is determined in bits.
Adding a bit to the length of the key does not increase its possibilities by two but, rather, doubles them.
In the next lesson, you will learn about authentication.