Munish Gandhi (munishgandhi)'s Public Profile in the Diigo Community

More »

Tags

Recent Tags:	strategy(0), ppc(0), annotated(0), innovation(0), social media(0), security(0), google(0), startups(0), india(0), cryptography(0), search(0), numbers(0), tech(0), cloud(0), economics(0), pricing(0), gps(0), logger(0), story(0)
Top Tags:	strategy(25), ppc(18), innovation(8), annotated(7), google(7), security(5), india(5), social media(21), simplicity(6), economics(4)

More »

Recent Bookmarks and Annotations

Web Design Glasgow | Website Design East Kilbride | Website Designer | East Kilbride, Glasgow on 2009-11-07
Hamleys fails to renew web address - Telegraph on 2009-11-05
Twitter / Leo Coombes: Don't forget to renew your ... on 2009-11-05
The Three Dimensions of Social Media ROI | NTEN: The Nonprofit Technology Network on 2009-10-30
Social Media Measurement Lags Adoption - eMarketer on 2009-10-30
Cell Size and Scale on 2009-10-30
Screencasts on 2009-10-01
SEO ranking of US IYPs across 274 cities in 2009 | Net Magellan on 2009-08-17
Introduction to Public-Key Cryptography on 2009-08-09
- Public-key cryptography facilitates the following tasks:
- Encryption and decryption
- 25 more annotations...
- - Tamper detection
  - Authentication allows
  - Nonrepudiation
  - Figure D.1 Symmetric-key encryption
  - highly efficient
  - Figure D.2 Public-key encryption
  - requires more computation and is therefore not always appropriate for large amounts of data.
  - longer keys provide stronger encryption
  - Different ciphers may require different key lengths to achieve the same level of encryption strength.
  - RSA public-key encryption cipher must use a 512-bit key (or longer) to be considered cryptographically strong, whereas symmetric key ciphers can achieve approximately the same level of strength with a 64-bit key
  - Figure D.3 Using a digital signature to validate data integrity
  - An X.509 v3 certificate binds a distinguished name (DN) to a public key. A DN is a series of name-value pairs, such as uid=doe, that uniquely identify an entity--that is, the certificate subject.
  - Every X.509 certificate consists of two sections:
  - The data section includes the following information:
  - version
  - certificate's serial number
  - user's public key
  - DN of the CA
  - period during which the certificate is valid
  - DN of the certificate subject
  - certificate extensions
  - The signature section includes the following information:
  - cryptographic algorithm, or cipher,
  - CA's digital signature
  - The CA's digital signature,
Introduction to SSL on 2009-08-09
- Figure 1 SSL runs above TCP/IP and below high-level application protocols
- Triple DES, which supports 168-bit encryption, with SHA-1 message authentication. Triple DES is the strongest cipher supported by SSL, but it is not as fast as RC4.
- 21 more annotations...
- - RC4 with 128-bit encryption and MD5 message authentication
  - RC4 ciphers are the fastest of the supported ciphers.
  - RC2 with 128-bit encryption and MD5 message authentication
  - RC2 ciphers are slower than RC4 ciphers.
  - DES, which supports 56-bit encryption, with SHA-1 message authentication
  - RC4 with 40-bit encryption and MD5 message authentication
  - Exportable cipher suites
  - No encryption, MD5 message authentication only.
  - Weakest cipher suite
  - data sent using this cipher suite is not encrypted and may be accessed by eavesdroppers.
  - RC4 with 128-bit encryption and SHA-1 message authentication.
  - this cipher is one of the second strongest ciphers after Triple DES
  - This cipher suite is supported by SSL 3.0
  - An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.
  - Figure 2 How a Netwscape client authenticates a server certificate
  - Is today's date within the validity period?
  - Is the issuing CA a trusted CA?
  - Does the issuing CA's public key validate the issuer's digital signature?
  - Does the domain name in the server's certificate match the domain name of the server itself?
  - The server is authenticated.
  - The "man in the middle" is a rogue program that intercepts all communication between the client and a server with which the client is attempting to communicate via SSL. The rogue program intercepts the legitimate keys that are passed back and forth during the SSL handshake, substitutes its own, and makes it appear to the client that it is the server, and to the server that it is the client.

More »

Bookmark Lists

More »

Groups

Munish gandhi havn't joined any group yet.

Munish Gandhi's Profile

More »

Tags

More »

Recent Bookmarks and Annotations

More »

Bookmark Lists

More »

Groups

Recent Visitors (37 visits)

Me elsewhere

Munish Gandhi's Profile

More » Tags

More » Recent Bookmarks and Annotations

More » Bookmark Lists

More » Groups

Recent Visitors (37 visits)

Me elsewhere

More »

Tags

More »

Recent Bookmarks and Annotations

More »

Bookmark Lists

More »

Groups