GCGA Ch. 10 Using Cryptographic Protocols (ST) Flashcards
(4 cards)
Encryption/decryption of emails using digital signatures
When using digital signatures with email: The sender’s private key encrypts (or signs). The sender’s public key decrypts. A digital signature provides authentication (verified identification) of the sender, non-repudiation, and integrity of the message.
Sending email & digital signatures
Senders create a digital signature by hashing a message and encrypting the hash with the sender’s private key. Recipients decrypt the digital signature with the sender’s matching public key. When encrypting email: The recipient’s public key encrypts. The recipient’s private key decrypts. Many email applications use the public key to encrypt a symmetric key, and then use the symmetric key to encrypt the email contents.
S/MIME
used to secure email with encryption and digital signatures. It uses certificates and depends on a PKI. When deploying, use port 587 for SMTP-over-TLS and port 993 for IMAP-over-TLS.
Encrypting traffic & TLS
When encrypting website traffic with TLS: The website’s public key encrypts a symmetric key. The website’s private key decrypts the symmetric key. The symmetric key encrypts data in the session.
