March 8
More discussion of internet security and encryption.
1. Review what we did last time:
- hash key
- symmetric key (i.e. AES, DES, many others)
- public/private key (RSA, others)
- encryption : only one private key can read message
- digital signature : only one private key could have encoded (part of) message
2. Look at Wireshark captures and compare:
3. Who uses https and why ?
4. What is a "certificate"?
- signed public key in a particular format
- wikipedia: Web of trust
- one common use: access to secure web servers - each needs own "trusted" public/private pair
- cost of a certificate?
- hosting limitation: need to have own IP address ... disucss why in terms of TCP/IP, SSL, HTTP protocols
5. Discuss encrypted email: Davey & me last night
6. Discuss ssh, sftp, ...
- Is your commandline fu strong?
- You can use public/private keys instead of passwords for access to remote computers.
- Where do your personal public/private keys live?
- Answer : your private & public in ~/.ssh/ on your laptop.
- Your public in ~/.ssh/ on other computers you want to connect to.
- Your public in repositories like pgp.mit.edu
- Possibility of "man-in-the-middle" attacks (other computers pretending to be one you want.)
- Answer: public/private keys for computers start ssh session
- "ls -al /etc/ssh*"
asides
