Cryptography

Assignment Requirements
Part 1:
Answer the following questions by filling in the blank using the proper technology or cryptography terms you have learned in class:
1. SSL certificates type of certificate is used to provide security on Web sites.

2. PKI is the most common public key encryption systems and, in most cases, this relies on manual trust and key distribution.

3. Message authentication code provides authentication or proves integrity of a digital message. 4. SHA-1 encryption scheme was broken and was replaced with a third round version of itself.

5. RSA is the first algorithm suited to both signing and encryption, and it is now widely used in e-commerce and other public key systems. 6. The entity that issues certificates is a Certificate Authority

7. The document to check to verify whether a certificate has been revoked is Certificate Revocation List.

8. Each bit of length determines the number of keys.

9. Currently, 128 bit certificates are commonly used for web communications.

10. Triple DES provides 112 bits of security, despite using a 168 bit key.

11. Thawte, Verisign, and Comodo are all examples of SSL certificates.

12. Hiding data in images is an example of Steganography

13. Data Encryption Standard (DES), ROT13, and Enigma are all examples of algorithm for the encryption of electronic data

14. A digitally signed email provides authentication.

15. A digitally encrypted e-mail provides privacy /security

Part 2:

Message-Digest algorithm 5 (MD5) that the University uses has significant weaknesses that can be exploited by attacks. Attackers can launch attacks against X.509 digital certificates signed using the MD5 hashing algorithm, to generate additional digital certificates. Vulnerability in the Internet Public Key Infrastructure (PKI) can allow rogue Certification Authority (CA) certificate trusted by all common web browsers. Rogue Certification Authority (CA) certificate, can impersonate websites and other site using HTTPS. MD5 "collision uses this hash function can expose the security infrastructure of the web to realistic threats. Attackers can generate cryptographic tokens to appear as authentic tokens.

Since the University uses a Cisco ASA firewall device which can create and sign digital certificates for users and systems they should use SSL is a cryptographic protocol to create certificates for critical systems in some departments. SSL is a cryptographic protocol used to create a secure, encrypted connection over the Internet by verifying the identity of a server using a digital certificate system.
Currently the system is usable but caveats should it be replaced.