Cursul 15 - Securitatea rețelelor

1. Primitive criptografice

Criptare simetrică: K, E, D (∀) KD(E(M, K)) = M

Criptare asimetrică: (Kpub, Kpriv) E, D (∀) K (∀) M

                                  D(E(M, Kpub), Kpriv) = M

                                                    și

                                  D(E(M, Kpriv), Kpub) = M


2. One-way-function

HASH(M) -> digest; computațional imposibil să găsești M având digest

HMAC(M, K) = HASH(M | K) -> Message Authentication Code (MAC)

E(M, K) MAC(E(M, K)) = M(C | K) - Encrypt and then MAC


3. Diffie Helman Key Exchange

passive.png passive.png

TRUST ON FIRST USE

passive.png

Public Key Infrastructure (PKT)

HOSTNAME -> PUBLIC KEY

  • entități terțe de încredere

Certification Authority <-> Registration Authority

Certificat PKT -> se face HASH, se adaugă semnătura

  • Document public

  • Cont -> Asocierea HOSTNAME -> PUBKEY

                   -> DATA -> EMIT

                                  -> EXP

                   -> Cine le-a emis


Transport Layer Security

  • APP
  • TLS
  • TCP

HTTPS - folosește TLS, rulează pe portul 443 HTTP - rulează pe portul 40

passive.png passive.png