Network security’s third lecture saw an introduction to cryptography. We actually spent the first half of the lecture finishing discussion on week 2’s topics.

First off came Private key vs Public key encryption a nice, clear, diagrammatic explanation of the difference can be for here: http://www.wdvl.com/Authoring/Tools/Tutorial/public_vs_private.html

The main difference between the two being that a public key system has both public and private keys. In a private key system, the same key is used for both encryption and decryption. A key issue here is how the key is to be distributed.

A simple example of how public key systems work:

publickey
example of simple public key system (source: lecturenotes3.pdf)

 

The application for private key encryption spread quite wide:

  • Of course there transmission of data over insecure channels
  • Securing stored data (encryption of databases containing credit card details is required by law in Aus)
  • Integrity checks

Applications usually reserved for public key systems:

  • Digital Signatures (non-repudiation)
  • Electronic transactions
  • more on these next week

I particularly look forward to learning more about the TLS/SSL handshake methods and vulnerabilities.