CST 311 Week 4 Journal Entry

-

 Security In Computer Networks

This week, we learned about security in computer networks. There are three principles of network security: confidentiality, authentication, and message integrity. Confidentiality involves ensuring that only the sender and receiver understand the message being sent. Authentication involves confirming the identity of both the sender and receiver. Message integrity involves ensuring that the message has not been altered while being transmitted or after it has been transmitted. 

Confidentiality can be obtained by having the user and sender use the same symmetric keys to encrypt and decrypt the messages between them. A symmetric key is a key that both the sender and receiver agree upon. Currently, the Advanced Encryption Standard is used to create symmetric keys. Using this standard, we can process our data and message into 128-bit blocks and use 128, 192, or 256-bit keys to create our symmetric key. 


When deciding on a key to use, the sender and receiver can decide to use a public key. The public key is known to everyone and the sender uses the receiver's public key to encrypt the message. The receiver can then use their private key, only known to them, to decrypt the message. If they use the key in this manner, they are using an asymmetric key. To implement this asymmetric key algorithm, the private key should be able to decrypt the message that was encrypted using the public key, and the private key should be impossible to derive from the public key. The Rivest, Shamir, and Adelson algorithm can be used to create a public and private key pair by using modular arithmetic. 

Message integrity and authentication are implemented by using a message digest. A message digest is created by applying a hash function to a message. The hash is then signed using their private key, thus creating the digital signature. The result is then send to the receiver. The receiver then uses the sender's public key to decrypt the digital signature. This shows the hash that the sender received when they ran it through their hash function. To confirm the sender's identity, the receiver runs the message through a hash function and compares it to the results of the hash when decrypted using the sender's public key. If these hash values match, the sender is authenticated and the integrity of the message is upheld.  

Overall, this week's concept of ciphers was a bit difficult to wrap my head around, especially after the midterm. I have experience with simple ciphers, having taught the subject in a math class. I noticed that I was confusing the process of encrptying and decrpyting a message with the process of authenticating the message and its integrity. I realized that these processes were separate with one coming before the other. The visuals in the reading really helped with understanding the process of authentication and message integrity. 

Comments

Post a Comment

Popular posts from this blog

CST 300 - Week 8

-
 Part 1: Review of other team's final video projects Final Video Project Review # 1: Otter This World The video project from Otter This World is about Genomics. They describe how genomics is important and what advances we have made in this area. The topic is well-covered, and the presentation is clear. They cover each section described at the beginning of the video and provide various videos that go along with those sections. The quality of the research and video project is well done. They provide definitions and statistics with references. The video has a lot of visuals and could have used some slides with text at the beginning of each section. The information is being provided via audio, and there should be some text to supplement it. Also, the General Public video cuts off at the end with no conclusion. The video is engaging and interesting. They made a nice choice of visuals for each section. Team work is evident as each person had a section they covered. Overall, the video is
Read more

CST 300 - Week 5

-
Image
Part 1: Support and Comments on Teammates' Goals Victoria's Comment Guillermo's Comment Part 2: Possible Capstone Ideas Some ideas for capstone that I have are in the area of education with a focus on classroom management and video game design.  My first idea is to create a seating chart generator app for teachers to use in their classrooms. As a teacher, creating a seating chart can be a challenge. Whether you have a challenging class or are just looking to mix seats up, this app will help create the perfect seating chart. The app will give the teacher a variety of options to create a seating chart: individual, partner, or grouping (3 or more). The teacher can create a seating chart or groupings based on current grade in class, on an assignment, IEP requirements, or behavioral issues.  My second idea is to create a school environment application or website. With technology in the classroom becoming more and more popular, students are having to manage their own apps, homewo
Read more

CST 300 - Week 4

-
Image
 Part 1: Educational Goals My primary educational goal in the CS program is to graduate with my Bachelor's in Computer Science in December 2025 with experience in the field from internships and our service learning class. Another goal I have by the end of the program is to create projects that will showcase my experience and skill set and have them on display on my GitHub. Furthermore , my secondary goal is to graduate with my Master's degree  with a focus on Artificial Intelligence or Computer and Network Security.  from Stanford University in December 2027.  Part 2: Career Goals My career goal is to work in the field of computer science as a backend developer in cybersecurity or software development once I graduate from the CS Online program or the Computer Science Master's Degree program at Stanford University. I want to work with a company that strives to create products that will improve the quality of life while keeping user's data safe and secure.  Part 3: Percen
Read more