9618 Computer Science
AS Content
Chpater 1 Information representation
1.1 Data representation
1.2 Multimedia
1.3 Compression
Chapter 2 Communication
2.1 Networking
2.2 The internet
Chpater 3 Hardware
3.1 Computers and their components
3.2 Logic Gates and Logic Circuits
Chapter 4 Processor Fundamentals
4.1 Central Processing Unit (CPU) Architecture
4.2 Assembly Language
4.3 Bit manipulation
Chapter 5 System Software
5.1 Operating Systems
5.2 Language Translators
Chapter 6 Security, privacy and data integrity
6.1 Data Security
6.2 Data Integrity
Chpater 7 Ethics and Ownership
7.1 Ethics and Ownership
Chapter 8 Databases
8.1 Database Concepts
8.2 Database Management Systems (DBMS)
8.3 Data Definition Language (DDL) and Data Manipulation Language (DML)
Chapter 9 Algorithm Design and Problem-solving
9.1 Computational Thinking Skills
9.2 Algorithms
Chapter 10 Data Types and Records
10.1 Data Types and Records
10.2 Arrays
10.3 Files
10.4 Introduction to Abstract Data Types (ADT)
Chapter 11 Programming
11.1 Programming Basics
11.2 Constructs
11.3 Structured Programming
Chapter 12 Software Development
12.1 Program Development Life cycle
12.2 Program Design
12.3 Program Testing and Maintenance
A2 Content
Chapter 13 Data Representation
13.1 User-defined data types
13.2 File organisation and access
13.3 Floating-point numbers, representation and manipulation
Chpater 14 Communication and internet technologies
14.1 Protocols
14.2 Circuit switching, packet switching
Chpater 15 Hardware
15.1 Processors, Parallel Processing and Virtual Machines
15.2 Boolean Algebra and Logic Circuits
Chapter 16 Operating System
16.1 Purposes of an Operating System (OS)
16.2 Translation Software
Chpater 17 Security
17.1 Encryption, Encryption Protocols and Digital certificates
Chpater 18 Artificial intelligence (AI)
18.1 Artificial Intelligence (AI)
Chapter 19 Computational thinking and problem solving
19.1 Algorithms
19.2 Recursion
Chapter 20 Further programming
20.1 Programming Paradigms
20.2 File Processing and Exception Handling
Mr. Theo
-
+
首页
17.1 Encryption, Encryption Protocols and Digital certificates
**Plain text**: A The original data to be transmitted as a message **Cipher text:** the result of applying an encryption algorithm to data. **Encryption:** the making of cipher text from plain text. can be used: - When transmitting data over a network. - It is a routine procedure when storing data within a computing system. **Public key:** A key that is shared between the user and sender for encryption of the data and verifying digital signatures. **Private key:** - A private key is the unpublished/secret key/never transmitted anywhere - It has a matching public key - It is used to decrypt data that was encrypted with **its** matching public key. # Reasons for using key cryptography - To ensure the message is authentic // came from a trusted source - To ensure that only the intended receiver is able to understand the message - To ensure the message has not been altered during transmission - Non-repudiation, neither the sender or receiver can deny the transmission occurred # Methods of key cryptography that can be used - Symmetric - Asymmetric ## Symmetric key encryption when there is just one key used to encrypt and then decrypt. The sender and the receiver of a message share the secret key. ## Asymmetric encryption ### Process - The message to be sent is encrypted using the recipient’s public key. // The message to be sent is encrypted using the sender’s private key. - The message is decrypted using the recipient’s private key. // The message is decrypted using the sender’s public key. ### Purpose - To provide better security by using a public key and a private key - One of the keys is used to encrypt the message, the matching key is used to decrypt the message. ## Differences between symmetric and asymmetric encryption - Symmetric cryptography uses a single key to encrypt and decrypt messages, Asymmetric cryptography uses two. - The symmetric key is shared, whereas with asymmetric, only the public key is shared (and the private key isn’t). - … the risk of compromise is higher with symmetric encryption and asymmetric encryption is more secure. - Symmetric cryptography is a simple process that can be carried out quickly, but asymmetric is much more complex, so slower. - The length of the keys in symmetric encryption are (usually) shorter than those for asymmetric (128/256 bits v 2048 bits). # Quantum cryptography ## the purpose - to produce a virtually unbreakable encryption system / send virtually un-hackable secure messages … - …using the laws / principles of quantum mechanics / properties of photons - detects eavesdropping … - …because the properties of photons change - to protect security of data transmitted over fibre optic cables - to enable the use of longer keys. # Benefits - Any eavesdropping can be identified (as the state will be changed) - Integrity of the key once transferred can be guaranteed (cannot be copied and decrypted at a later date) - Longer/more secure keys can be exchanged - Provides security based on laws of physics rather than mathematical algorithms, so more secure. - To protect the security of data transmitted over fibre optic cables. - Virtually unhackable. - The performance of quantum cryptography is continuously improved, making it suitable for most valuable government/industrial secrets. - Longer keys can be used - Eavesdropping can be detected ## Drawbacks - Limited range - requires dedicated fibre (optic) line and specialist hardware - cost of dedicated fibre (optic) line and specialist hardware is expensive - polarisation of light may be altered whilst travelling down fibre optic cables - Lacks many vital features such as digital signature, certified mail, etc. - High cost of purchasing / maintaining equipment required. - Currently only works over relatively short distances. - Error rates are relatively high as technology is still being developed. - Polarisation of light can change during transmission. - Allows criminals and terrorists to hide their communications. # Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols ## Purpose - The SSL and TLS protocols provide communications security over the - internet / network - they provide encryption - They enable two parties to identify and authenticate each other and communicate with confidentiality and integrity. ## How SSL/TLS protocols are used when a client-server communication is initiated - An SSL/TLS connection is initiated by an application which becomes the client - The application which receives the connection becomes the server - Every new session begins with a handshake (as defined by the (SSL/TLS) protocols) - The client requests the digital certificate from the server // the server sends the digital certificate to the client - The client verifies the server’s digital certificate and obtains the server’s public key - The encryption algorithms are agreed - The symmetric session keys are generated / defined # Digital certification ## How a digital certificate is obtained - enquiry made to Certificate Authority (CA) - enquirer’s details checked by CA - if enquirer details verified by CA then public key is agreed - CA creates/issues certificate that includes the enquirers public key - encrypting data sent to/by CA with the CA’s public/private key - The organisation requests a certificate from a Certificate Authority (CA) - The organisation may send their public key to CA - The organisation gathers all the information required by the CA in order to obtain their certificate, which includes information to prove their identity - The CA verifies the organisation’s identity - The CA generates / issues the certificate including the organisation’s public key (and other information). ## How a digital signature is produced before the message is sent - The message is hashed with (the agreed hashing algorithm) to produce a message digest - The message digest is then encrypted with the sender’s private key to form the digital signature ## How the digital signature can be checked - The message together with the digital signature is decrypted using the receiver’s private key - The digital signature received is decrypted with the sender’s public key to recover the message digest sent - The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message digest of the message received - The two message digests are compared - … if they are the same the message has not been altered // if they are different the message has been altered
Theo
2025年5月30日 13:36
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
Word文件
PDF文档
PDF文档(打印)
分享
链接
类型
密码
更新密码
有效期