Encryption Notes
From CSEP590TU
Revision as of 05:00, 8 November 2004 by John.naegle (talk | contribs)
Contents
Overview
Quotes
- "The level of information security sought in any particular situation should be commensurate with the value of the information and the loss, financial or otherwise, that might occur" [1]
- "Cryptography, over the ages, has been an art practised by many who have devised ad hoc techniques to meet some of the information secuirty requirements" http://www.cacr.math.uwaterloo.ca/hac (page 6)
- "The objectives of information security cannot solely be achived through mathematical algorithms and protocols alone, but required procedural techniques and abidance of laws to achive the desired result" http://www.cacr.math.uwaterloo.ca/hac (page 2)
Uses of Encryption
Information Security
- Encryption is one means to achive information security
Objectives
Information has many objectives.
- Privacy
- Data Integrity
- Entity Authentication (Identification)
- Message Authentication
- Signature
- Authorization
- Validation
- Access Control
- Certification
- Timestamping
- Witnessing
- Receipt
- Confirmation
- Ownership
- Anonymity
- Non-repudiation
- Revocation [2] (page 3)
|
|
|
- Cryptography isn't the only means of providing information security, but rather one set of techniques [3] (page 4)
- The digital age has changed information security dramatically. In the paper age, making thousands of indistinguishable copies copies of was much more difficult. In a digitial society, a means to ensure information security that is independent of the physical medium is required - security must rely on the digital information itself.[4] (page 3). Alteration and creation of digitial data is also easy.