Essays on Encryption

Introduction

Throughout human history, there is an array of revolutionary technological innovations. One such innovation is cryptography that brought about a revolution in the society by facilitating privately encrypted messages. I got very much interested in this technology after learning that all the secured data transaction is encrypted. There are majorly two basic types of encryption used asymmetric and symmetric key encryption.

What is RSA encryption?

Symmetric key encryption has one weakness that its integrity is dependent on the exclusive sharing of its private keys. Here, different encryption scheme is needed that is asymmetric or public key encryption. Public key cryptography is a mathematical Continue reading...

Telnet is a network protocol used in LAN or via the web to provide bi-directional interactive text-oriented communication framework using virtual terminal connection. Data is interspersed in-band with Telnet control information, usually in an 8-byte oriented data communication over TCP. Telnet program runs on a computer and connects you PC to a server on the network. Commands are entered into Telnet program and can execute them as if they were entering them directly on the server console. This implies that you can control the server and communicate with other servers on the network.
Telnet traffic refers to a user Continue reading...

Security and hacking

We had the privilege of hosting a guest speaker who gave us a lecture on “security and hacking” on the 20th day of November. The scope of the lecture was security on the internet and privacy. For IT enthusiast the speaker was very interesting as he linked theory with the real world experiences. He first introduced Robert Schifreen who is a self-proclaimed hacker. The captivating Robert reaffirmed the fact that with the internet revolution, we are all connected in one way or another; it is now easier than ever to talk to anybody irrespective of their geographical positioning. Also Continue reading...

General definition

Public-key algorithm of cryptography, sometimes names as asymmetric cryptography. It is a class of cryptographic algorithms which uses two separate keys, one of which is known only by one side (secret or private) another one is available for publicity (public).
These 2 keys are different, but they are connected with some mathematical operations. The public key is usually used to encrypt(code) data or to verify and confirm a digital signature. The private key is used to decode (decrypt) data or to create a digital signature.
The term asymmetric describes this algorithm because different keys are used to run Continue reading...

Apple Inc. is a well-known giant in the computer technology world. It is one of the leaders in the industry. Continuous implementation of innovations enables this company to acquire the sympathy of millions of customers all over the world. The release of a new product is always accompanied by an enormous interest of both consumers and media. That is why it is of a great importance for such huge company to keep the information provided by their customers in safety and security.
During two years Apple has faced severe security problems with the iOS 7. Anyone who had technical Continue reading...

Introduction

Cryptography is a mathematical technique for encrypting and decrypting data. Cryptography enables one to store and transmit sensitive information across public insecure networks so that no one else can access the information apart from the authorized persons, i.e., the sender and the intended recipient (Martin, 2012). Cryptography uses a cryptographic algorithm. A cryptographic algorithm is a mathematical function used during the encryption and decryption process. The algorithm works together with a key to transform plaintext into encrypted text. The security of encrypted information depends on two things: the secrecy of the key used and the strength of the cryptographic Continue reading...

The symmetric and asymmetric key encryptions are different operations,which functions in different circumstances, for different applications and different attack models. Therefore, it is not sensible enough to say that either symmetric or asymmetric is better than the other in terms of computer system and data security. If some measurable security could be available, then it could have been easy to tell which key is better. However, this measure is not simple to describe ( Sudha, 2012).
The encryption key length or size defines the number of bits of the given security key that is employed in the algorithm of Continue reading...

Introduction

In the current age, both individuals and organisations find themselves depending so much on digital information. Most of this information is critical in the day to day operations of the parties involved. Such sensitive information can be abused if it lands in the wrong hands. That is the reason cryptography or the science of encryption is designed to help protect vital information.

Best Practice in Applying Cryptography

Policy and Technology
The primary goal of policy and technology is to enable a framework in which to provide the much required information. To achieve this, the application of good policies in combination with the best technology Continue reading...

A security risk within the context of data communication is described as any action of inaction that poses a threat to the integrity and security of data communicated between a sender and a receiver. Security threats in communication are all too real and pervasive and mischief makers always try to exploit the vulnerabilities of system design and architecture in order to perpetrate illegal activities. As the waves of the threats increase, different methods and techniques are also deployed in order to guarantee the security and integrity of data exchange. Some of the techniques involve the protection of networks from Continue reading...

Abstract

Finding the correct balance between security, cost effectiveness and ease of use presents a major headache for the Metropolitan Police Service (MPS). This is because maintaining a large workforce and clerical staff for the purposes of managing database and internal systems can be a costly practice. MPS staff also require different log in details for the different accounts they hold in different job roles. This paper examines different approaches such as Enterprise Identity Mapping (EIM), Public Key Infrastructure (PKI) and RSA encryption and how they may be utilized in the MPS context.

Question 1

- Technologies for managing multiple identities of Continue reading...

Internet Protocol Security

IPsec is the short abbreviation for Internet Protocol Security which is referred to as the protocol suite used in securing the Internet Protocol (IP) network communications through encrypting and validating each IP packet (data sent over the internet) of a communication session. Internet Protocol security comprises procedures and protocols used in establishing a reciprocated authentication or verification procedure between artificially intelligent agents at the commencement of the interconnection period and the intercession of cryptographic keys to be used by the network user during the given time lease period (Black, 2000).
Internet Protocol security can be used in guarding data Continue reading...

Attackers are becoming more and more sophisticated and utilize highly sophisticated techniques to compromise critical information infrastructure that supports networks and information flow. In order for attacks to be successful, attackers are devising new mechanisms of promoting anonymity and evading detection.
- Promoting anonymity
Network attacks are classified into interactive attacks where perpetrator is concerned with stealing information from another user of the network or non-interactive where a perpetrator uses malicious software to instill denial of service attacks on other members of the network.

The two most common methods of used by attackers include,

- Stepping stones chains
- IP-spoofing
- Stepping stone chains
Stepping stone chains involves indirect Continue reading...

Cloud security is a rising issue in the world of cloud computing at this time. In the recent months, many cloud computing service providers have experienced various incidences of breaches and hacks into their cloud platforms, leaving client’s private information and data insecure and prone to theft. In light of this, Transputec can enhance their Cloud Document Management – Intelefile service with features that augment their cloud services portfolio to ensure the safety of their client’s data.

Data Encryption (Transport Layer Security)

Data is the most important part of any organization. In the case of any breach in the organization’s data, the Continue reading...

Public Key Infrastructure is a system that allows the integration of a number of carrying services that are in one way or the other related to cryptography. PKI ensures integrity, provides confidentiality, access control, a system of authentication and also non-repudiation - in which both parties, the sender and receiver cannot deny either sending the message or receiving it in future. (Srinivasan, 2008)
Basically, PKI is an aggregation of processes, technologies and policy of organizations that facilitate the use of public key cryptography in ways as to enhance the verification of the authenticity of public keys (BCS, 2013)
The Continue reading...

Proof of Submission in an Electronic Mail System

Proof of submission is the ability of the sender to ascertain to the receiver that the email message has left his control. To achieve these, the sent email is stored in the senders out box and is passed on to the mail server. The mail server has a private, public key pair, calculates a message digest of the body of the email, and its metadata such as the time received and its identity. The mail server then signs the mail by encrypting the digest with its private key and sends the result to the sender of the email.

Non-Repudiation in an Electronic Mail System

This Continue reading...

Transport Level Security

- This level of security exists below the application layer. It mostly comprises of the secure socket layer and the transport layer security.
- Secure Socket Layer (SSL)
- According to Kizza (2009), the Secure socket layer is a cryptographic system applied in the Explorer and Netscape browsers. It is used to manage the security of message transmission in the Internet (Newman, 2009).
- The SSL uses a public key that can be utilized by anyone and a private key only known by the recipient of the message (Newman, 2009).
- It is designed to offer encrypted end-to-end data Continue reading...

Technology

With reference to cryptography, block cipher is a mode of operation to provide information services like authenticity and confidentiality. It is meant for cryptographic transformations such as encrypting or decrypting the data/information of groups of fixed length referred to as a block. There is an unvarying transformation specified by a symmetric key. For bits of data that exceeds the size of a block, cipher’s block operation has to be applied repeatedly. Block cipher works on units of fixed block sizes, but messages may come in varying lengths. In that case the final Continue reading...

Choose two technical controls and discuss how they are used to protect the CIA of information systems: Confidentiality, integrity and availability (CIA)
Information security is a practice that aims at defending and protecting the CIA properties or values of information. This is done through avoiding the potential attacks that can be availed on information, either when moving or stored information. Such includes unauthorized access and other active attacks that aim at manipulating the original text hence compromising on integrity. A compromise on the availability of information is made possible by denial of service attacks.
As concerns information security, confidentiality Continue reading...

Abstract

The document below is an outline essay on the following topics:
Basic concepts in number theory and finite fields, Divisibility and the division algorithm, the euclidena algorithm, modular artithmetic, groups, rings and fields, finite fields of the form, polynomial arithmetic, Finite fields of the form, Advance encryption standard, The origins AES, AES Structure, AES round functions and AES Key expansion.

Essay

Divisibility
Mathematics involves many rules as well as formulae which are followed to derive the exact outcomes. One such mathematic term is ‘divisibility’. When a number is able to divide with another number without any reminder, it is known Continue reading...

Abstract

The use of encryption and decryption techniques for securing communication is as old as the art of communication. Technically, a code is used instead of data which is a signal for intent to keep data secret. In order to recover the contents from an encrypted signal, accurate decryption key is needed. The key is basically an algorithm that is used to reverse the work of the encryption technique and get original form of data. There is always a potential threat from hackers to decode encrypted signal, to avoid such issues specialized intellectuals have worked hard and defended these threats Continue reading...

Introduction

Encryption can be defined as a process in which messages or the information are encoded in such a manner that hackers or eavesdroppers will not be able to access it. These encoded messages and information can only be read by the parties who are authorized in this respect. In encryption, the information or message (referred as plaintext) is encrypted by using an algorithm of encryption, turning the text into unreadable cipher text. This is generally done by an encryption key, which enumerates the way of encoding the text. A party, who has been authorized for encoding; however, is capable Continue reading...

Fundamentals of Cryptography

1) Jason sends a message to Kristin using public key encryption.

a) What key will Jason use to encrypt the message?

b) What key will Kristin use to decrypt the message?

c) What key will Kristin use to encrypt the reply?

What key will Jason use to decrypt the reply?
Asymmetric Encryption his Private Key

2) What characteristics would make an encryption absolutely unbreakable? What characteristics would make an encryption impractical to break?

Classic encryption utilize ciphers to code plaintext into ciphertext using a secret coding and decoding process. The effectiveness of this process varies depending on the type Continue reading...

Disseminating Organizational IT Security and Troubleshooting Best Practices

Part 1
Memo: Action Plan
Attn: All Employees
The strategy to improve security of the company’s IT infrastructure in response to a recent series of enterprise network systems breaches is a multi-level plan for controlling risk to data and operations. The deployment of the IT user authentication plan will ensure that designated user access to the network is effective enough to sustain future security breaches; and including threats posed by social engineering. The Action Plan outlines the : 1) wireless encryption; and 2) designated user credential process, as well as cloud data storage and the company’s contingency Continue reading...

With the help of information technology, a company can store vast amounts of data, perform complex operations, and conduct business in a much more expedient way with fewer personnel. However, with that opportuntiy comes risk; computer hackers can wreak havoc on a business’ network, leading to stolen information, corrupted data, and compromised business. If a company does not take appropriate steps to guard their networks, they can fall prey to all manner of hacking attempts. Luckily, there are detailed and comprehensive steps you can take to secure your information and maintain an information secure workplace. With the help of Continue reading...

Risk assessment

With the continued attacks and potential damage that can be found on the internet, there is a need to have risk assessment for ABC. This will help the company to be aware and put measures for the risks that the computer network might undergo. Risk assessment is establishing two capacities of the risk, the magnitude of the potential loss and the probability that the loss will happen. Risk assessment is a pace in the risk management process. A business has to have policies in position to classify and handle risks. At ABC, Inc., the design of the system network Continue reading...

COMPUTER SECURITY AND CRYPTOGRAPHY

INTRODUCTION

Computer security is very vital in the setting of any organization. The organizations’ information systems need to be protected from both physical and software attacks. The physical attacks can include: theft, fire and natural disasters. Software attacks can include but not limited to: viral attacks, hacking and any other form of intrusion into the organization’s information systems. Computer security should be prioritized in every organization that wants to be successful in its activities. There are several ways of protecting information and data in the computer systems at different levels. One of the most Continue reading...

Data Encryption Standard

The Data Encryption Standard (DES) represents a secret key encryption scheme, which was officially selected as the Federal Information Processing Standard for the USA by the National Bureau of Standards (today National Institute of Standards and Technology - NIST) in 1976 (Davies & Price, 1989). Later it was distributed on the international level and enjoyed by a great number of people. It is based on 56-bit key, which today is regarded as not sufficient due to the fact that it can be rather easily cracked with the use of brute force (Schneier, 2004). There is also evidence that the cipher Continue reading...

Question A: Introduction to Privacy and Privacy Protection

Technological developments and enhancements have facilitated the digital migration of both big and small business enterprises (Curtis, 2013). A lot of communication is done online, with these business enterprises developing and maintaining websites where they provide information regarding their businesses. Technology has also led to the emergence of electronic marketing (e-commerce) solutions where buyers and sellers engage in business transactions over a virtual market (Curtis, 2013). The websites of these enterprises also contain highly sensitive data and information that forms the backbone of their success and existence. Increased technological advancement has in turn increased the sophistication of cyber-criminal activities, Continue reading...

Which multi-user database will be capable of handling the needs of Centre for Disease Control (CDC)?

Databases are very important and essential in any organization. They help a company or an institution to maintain their records in a more organized form. SQL database system is very useful in managing and maintaining the records about a particular event of institution. Center for Disease Control (CDC) has a very elaborate and an all inclusive database management system that handled data and information pertaining to millions of disease causing organisms and their remedies. The company needs a very strong multi-user database system that can be able to handle the new disease species that are being discovered and also Continue reading...

Abstract

This paper seeks to make an evaluation of the business practices of three e-commerce websites, renttherunway.com, weartodaygonetomorrow.com and bellybumpboutique.com. The evaluation is on the security of the sites, confidentiality of information collected on the sites and an analysis on how well the sites handle the impact of international issues.

The three websites deal with rental of women clothing, with weartodaygonetomorrow.com offering purchase options not available in the other two websites. Bellybumpboutique.com specializes in rental of fashionable wear for expectant mothers. The main objective of the websites is to offer clothing rental for garments Continue reading...

Wireless Security in large Enterprises:

Abstract:
The Wireless Local Area Network (WLAN) industry is the newest and fastest growing networking technology in the market, overcome only by its security limitations. WLAN technology is now recognized, accepted and adopted by organizations worldwide. Many governments and companies now realize the competitive advantage gained by deploying wireless technologies in workplaces. Wireless technologies continue to evolve and provide milestone advancements in bandwidth, speed and security. However, large scale enterprises are reluctant to adopt wireless networks due to perceived security issues and risks posed to organizations.
WLAN is a disruptive technology with various security constraints. The WLAN industry today Continue reading...

Most users would not follow the listed guideline because most of them want to have easy to remember passwords, one would wish to use his phone number or spouse name because they are guaranteed not to forget, unlike long passwords short passwords are much easier to memorize and incase it is forgotten it might not take long before its remembered.

Changing of passwords every time might look cumbersome in order to avoid this user might be tempted to only use the same kind of password all the time. Use of the same password every time a user logs in Continue reading...

The Fifth Amendment and Compelled Decryption

The first example is actually two cases that look at different sides to the same question, namely can a party be compelled to reveal the encryption passphrase to his computer or mobile device. In re Boucher, a federal case out of Second Circuit in Vermont, was the first case to address this this question. In Boucher, the defendant’s (Boucher) laptop was inspected as he returned from a trip to Canada. The laptop was on when it was inspected which allowed customs officials to see images of alleged child pornography on an open browser page. Boucher was arrested for Continue reading...

Introduction

Invading the privacy of businesses, institutions, and people, social engineering creates criminal acts using telephones, illegally accessing private information via computer accounts called "hacking", stealing bank account information, as well as eavesdropping are social engineering crimes. Two types of social engineering exist, including, human and technological based (Peltier, 2010). Social engineering uses deception, manipulating people into giving them personal information including social security and bank account numbers (Halles, 2008). Social engineers use tactics to extract private information including appealing to people's vanity, authority, look, over peoples' shoulders while Continue reading...

There has been an epidemic in computer security breaches in healthcare service organizations which has been rising more than 32% over the years. These cost an estimated 6.5 billion per year. Moreover, study conducted by the Ponemon Institute found that nearly 96 % of all the healthcare providers who participated in this study feel they have had at least one data breach earlier primarily due to employee sloppiness, including stolen computer devices (Premier Inc, 2014), third party errors, unintentional employee actions like:Nurses logging in with their passwords and leaving the system open and runningOfficials and Doctors displaying their password, * Fax Continue reading...

Issue in Information System Operation Management (ISOM) Database security

Introduction
Increase in the use of internet has increased the vulnerabilities of databases for many corporations. Many organizations operate and maintain their brands through ensuring that databases containing client information is well protected. According to Bertino and Sandhu (1), the proliferation of web-based applications increases the risk of exposure of databases. Database security has been a challenge since the beginning of use of databases in the 1970s.
Every effort to improve technological advancement has led to an increase in the attacks on databases. Recent cases have been reported of hackers accessing private information from different databases of different organizations. Continue reading...

Effectiveness of the cyber-security technologies/policies

In the financial sector, the security of its payment and customer information is fundamental to the operation of the company. Financial institutions must review security risks of its customers, its information resources and policies applicable to them. The review provides a platform to put in place control measures to combat failures and security breaches. This information is essential for periodical updating, reporting and review to both internal boards and external regulators. Reducing regulatory and security complexities in an industry under continuous threat remains an ongoing and costly challenge. Some of the cyber-security technologies or policies employed by Mistral Bank Continue reading...

Abstract:

The issue on privacy in the 21st century is a current dilemma for the public as everything can now be seen online and is on digital format. May it be simple personal profiles to highly sensitive data such as grades, credit card information, and security clearances can be accessed online. While automation and digitalized data is now common to improve a person’s daily need for information, privacy becomes a serious topic to consider since anyone can get the information they need and for some, they would take steps mimic a person’s identity and steal sensitive data for Continue reading...

The connectivity of a computer to other of networks that allows communication with other computers presents many risks to the computer. According to Kallol Bagchi, (2003), internet security involves mechanisms and procedures taken to protect and secure files and data in the computer connected to the internet against intrusion by other internet users. The internet being insecure mediums of exchanging information presents high-risk attacks which results in loss of data or files, destruction of computer software or access of information by unwanted or unknown computer users. To protect the transfer of date via internet several methods such as encryption have been employed. (p. 686) Continue reading...

OVERVIEW

An international pharmaceutical company is headquartered in New York, NY and has other six operational locations. The corporate headquarters in New York has 1000 employees while the other centers have a considerable number of employees and remote workers. San Diego has 250 employees, Houston has 750 employees in central research, Madrid has 500 employees, India has 50, and London has 150 while China has 300 employees and 500 remote sales workers. There is a diverse computing department with no universal standard. There is a combination of devices and operating systems in place. There are also different data center centers Continue reading...