15.3 - Cryptography Implementations

 15.3 - Cryptography implementations 

 

Key Terms: 

    • Pretty Good Privacy (PGP) - A popular encryption program that can be used to encrypt texts, emails, files, folders, and disks. 
    • GNU Privacy Guard – An encryption tool used to protect laptops, desktops, USB drives, optical media, and smartphones. 
    • BitLocker – A Windows utility that provides full volume encryption. 
    • Windows Encrypting File System (EFS) - A proprietary encryption function of Windows operating systems. 
    • Secure Sockets Layer (SSL) - An application layer protocol developed for managing security of message transmission over the internet. 
    • Transport layer security (TLS) - A protocol used to establish a secure connection between a client and a server. 
    • OpenSSL – An open-source cryptography toolkit implementing SSL and TLS network protocols and related cryptographic standards. 
    • Keyczar – An open-source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in applications. 

 

Disk Encryption 

Disk encryption is the process of encrypting a whole disk so that all data stored on it is secure. Disk encryption is good for confidentiality and can protect data even when the OS isn’t inactive. Some tools include VeraCrypt, Symantec Drive Encryption, EFS, and BitLocker. 

 

Email Encryption 

Emails can hold a lot of confidential information about a person or company. For this reason, they must be made secure. By using digital signatures, emails can be made confidential and nonreproducible. Some tools include SSL, TLS, OpenSSL, and Keyczar. 

 

GPG 

GPG uses both public and private key encryption. First, GPG generates random numbers that it uses to generate the symmetric key. These random numbers are generated through actions on the computer such as moving the mouse or typing. This key is then used to encrypt the message sent from one computer to another. The symmetric key is encrypted using the receiver's public key and sent along with the encrypted message. This ensures that only the receiver can decrypt the message. PGP is an open-source version of GPG and encrypts data in the same way as GPG. 

Comments

Post a Comment

Popular posts from this blog

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

Useful Core A Acronyms

  Useful core A acronyms     NGO – Non governmental organisation   KPI – Key performance indicator   USP – Unique selling point   CRM – Customer relationship management   Saas – Software as a service   CAB – Change advisory board   SMARTER – Specific, measurable, accurate , realistic, time-bound, evaluate, re-evaluate   IPO – Intellectual property office   RCD – Registered community designs   UCD – Unregistered community designs   TNA – Training needs analysis   PRR – Post project reviews   COBC – Code of business conduct   BCS – British computing society   ML – Machine learning   CVS – Computer vision syndrome   RSI – Repetitive strain injury   DSE – Display screen equipment   HSE – Health and safety executive   ODD – Optical disk drive   RPM – Revolutions per minute   CPU – Central processing unit   RAM – Random access memory   EMI – Electromagnetic inter...
Read more