Signature Assignment

docx

School

Massachusetts Institute of Technology *

*We aren’t endorsed by this school

Course

3

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

8

Uploaded by ocollo91

Report
1 Signature Assignment Student Institution Department Course Instructor Date
2 Signature Assignment PKI Infrastructure PKI is now the standard for managing encryption-based security in businesses. To be more specific, the most popular method of encryption in use today makes use of a pair of keys: a public key that can be used by anyone to encode a message and a private key, also referred to as a secret key that should be known to only one person (Konoplev, Busygin, & Zegzhda, 2018). Anyone, anywhere, with the right equipment, may use these keys. To better manage encryption keys, PKI security was initially developed in the 1990s with the assistance of digital certificates and their associated infrastructure. To ensure continued safety, these PKI certificates establish the true identity of a private key's owner. These certificates serve as a kind of identification in the virtual world, much as a driver's license or passport do in the physical world (Konoplev, Busygin, & Zegzhda, 2018). Today, public key infrastructure (PKI) is used in a variety of contexts, including digital signatures, authenticating Internet of Things devices, and SSL certificates on websites to ensure that users are sending data to the correct destination. Since PKI is such a dense topic, you may be skeptical that it can genuinely encrypt data. The short response is "yes," since this is the correct answer. In its most basic form, PKI is a centralized hub for the secure transmission of secret data and the protection of personal identities (Konoplev, Busygin, & Zegzhda, 2018). PKI is most useful when digital security is necessary, and encryption plays a crucial part in this. PKI encrypts data using the keys it creates on the spot. Two cryptographic keys, one public and one private, are required for the system to function properly. These keys, whether public or private, are used to encrypt and decode secret
3 information. PKI uses a two-key encryption scheme to protect data in transit by giving both parties a set of keys to encrypt and decode data electronically. The digital equivalent of shaking hands, the shared private key, is safeguarded by symmetrical encryption. All parties engaged in an exchange must have this secret key in order to encrypt and decode messages sent between them (Papageorgiou et al., 2020). This private information might be in the format of a password or a random string of characters or numbers (RNG). Asymmetric encryption, sometimes known as "public key cryptography," is an emerging method of security. One public key and one private key are used in asymmetric encryption. Using the private key, you may decrypt data that was encrypted using the public key (Papageorgiou et al., 2020). You may generate a public key for the party reporting to you, allowing them to encrypt their data in transit, and then use your private key to decode it. Digital certificates are used to produce public keys, and they include crucial information about the key's owner. It is possible to generate your own digital certificate or to apply for one from an outside source, known as a Certificate Authority (Papageorgiou et al., 2020). To combat fraudulent activity and malicious code, Certificate Authorities verify the identities of users and/or servers. Digital Signatures A digital signature is a cryptographic method for verifying the origin and integrity of a digitally transmitted message, program, or document. It is the electronic version of a physical signature or seal, but with far higher levels of protection built right in (Ezra et al., 2022). To prevent forgery and impersonation in electronic correspondence, digital signatures were developed.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 Electronic documents, transactions, or communications may have their authenticity, authorship, and status verified with the use of digital signatures. As an added bonus, they may also be used to verify that a signer has received and read all relevant documentation (Liu & Shue, 2021). Digital signatures are recognized as legally binding in many nations, along with the United States, in the same way as handwritten document signatures are. Public-key cryptography, often known as asymmetric cryptography, is the foundation for digital signatures. Two keys, one private and one public, are produced using a public key method like RSA (Rivest-Shamir-Adleman), which are mathematically connected to one another (Liu & Shue, 2021). Public-key cryptography uses two independently verifiable cryptographic keys to create a trustworthy digital signature. Signature-related information is encrypted by the signer using their private key and can only be decrypted using the signer's public key. If the receiver is unable to access the document using the signer's public key, this indicates either an issue with the document itself or with the signature (Ezra et al., 2022). It is via this method that digital signatures are verified as genuine. All participants in a digital signature transaction must have faith that the signer has safeguarded the signature's private key. Without the owner's knowledge, an imposter might forge digital signatures using the private key to make it seem as if they were authorized by the owner.
5 Figure 1: Digital Signature Process VPN Authentication The Cloud requires authentication of all clients upon their first connection. It is consulted while deciding whether or not to allow a client to access to a Client VPN endpoint. The steps involved in authenticating a user on the client and server sides are as follows: First, a client connects to a server. In response, the server will show the client its own certificate authority (CA) chain: A. If the client's copy of the CA cert doesn't match the one sent by the server, the connection is closed. B. If the server's cert doesn't match the client's, the connection is C. The client's certificate must not be on a certificate revocation list (CRL) if the client intends to use one. If the user has its own keypair, step three is as follows: A. The client delivers its cert chain to the server; B. The server checks this cert against its copy of the CA cert; C. If the server's validation of the client cert failures, the connection is terminated. D. If the server makes use of a CRL, the certificate being supplied must not be in the revoked list. If the client is set up to transmit usernames and passwords to the servers, it does so through the now-authenticated TLS connection. When the server is set up to handle authentication information, as in condition, then: A. Unless explicitly enabled, the client must have previously given credentials. B. The application or plugin is launched to do the authentication check
6 C. If the authentication check passes, the client is informed that the auth was refused, and the link is closed. If the server employs a ccd (client-config-dir), then: A. The session is closed if the client with the specified name is in the disconnected clients list. The named client is required to have a ccd entry if ccd-exclusive is used, or else the connection would be closed. Both parties' authentications are finalized at this stage. Figure 2: Client and Server VPN Authentication Encryption/ Decryption Algorithms Messages and files may be encrypted to make them unintelligible to anybody except the intended recipient. In order to protect sensitive information, encryption methods are used to jumble it before it is sent over a secure channel and then decrypted using a secret key. By using encryption, sensitive data is protected both while in storage and in transit (Zeebaree, 2020). Anyone who does not have permission to see the information will merely see random bytes. Algorithms, sometimes called ciphers, are a set of rules or guidelines for encrypting data. The
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
7 efficacy of encryption is dependent on factors such as key size, functionality, and the characteristics of the cryptosystem being used. It takes two keys to operate an asymmetric cryptographic system, also called a public- private key system. Although the private key is kept under wraps, the public key is made accessible to anybody who has a legitimate need for it (Chowdhary et al., 2020). This particular key is referred to as "public." Due to the mathematical relationship between the cryptographic keys, the private key associated with a given public key may decode only data encrypted with that public key. The United States government and many other institutions use the Advanced Encryption Standard (AES) as their go-to encryption technique (Chowdhary et al., 2020). While its 128-bit implementation is very effective, AES may also be used with more robust encryption keys of 192 or 256 bits. Except for brute-force attacks, which try to read messages by trying every conceivable combination in a weaker cipher (such as 128, 192, or 256 bits), AES is widely thought to be invulnerable to any kind of attack.
8 References Chowdhary, C. L., Patel, P. V., Kathrotia, K. J., Attique, M., Perumal, K., & Ijaz, M. F. (2020). Analytical study of hybrid techniques for image encryption and decryption. Sensors , 20 (18), 5162. Ezra, P. J., Misra, S., Agrawal, A., Oluranti, J., Maskeliunas, R., & Damasevicius, R. (2022). Secured communication using virtual private network (VPN). Cyber Security and Digital Forensics , 309-319. Konoplev, A. S., Busygin, A. G., & Zegzhda, D. P. (2018). A blockchain decentralized public key infrastructure model. Automatic Control and Computer Sciences , 52 (8), 1017-1021. Liu, Y., & Shue, C. A. (2021, November). Avoiding VPN Bottlenecks: Exploring Network-Level Client Identity Validation Options. In International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness (pp. 280-300). Springer, Cham. Papageorgiou, A., Mygiakis, A., Loupos, K., & Krousarlis, T. (2020, June). DPKI: a blockchain- based decentralized public key infrastructure system. In 2020 Global Internet of Things Summit (GIoTS) (pp. 1-5). IEEE. Zeebaree, S. R. (2020). DES encryption and decryption algorithm implementation based on FPGA. Indones. J. Electr. Eng. Comput. Sci , 18 (2), 774-781.

Related Documents

_wgu_course_c838___managing_cloud_security_exam-299.pdf
Information Technology Systems.docx
_wgu_course_c838___managing_cloud_security_exam-46.pdf
ITT 340 Legal Ethical Issues of Social Engineering.docx
C841 Task 2 Template (IHP4).docx
Banff National Park of Canada Energy Conservation.edited.edited.docx
BSBWHS411 - Assessment Task 1 v1.2 (1).docx
Business_Intelligence_and_Dashboards_assessment_202324_-_Tagged.pdf
LX20231119-1986.docx
Revanth ML 2.docx
LD7008- Assignment 2(1).docx
Question 1.docx