Cryptography is the cornerstone of secure communication. Encryption ensures that information remains confidential during transmission and storage.
Symmetric Encryption:
- Utilizes a single key for both encryption and decryption.
- Example: Using the
opensslcommand for symmetric encryption with AES:
openssl enc -aes-256-cbc -in plaintext.txt -out ciphertext.encAsymmetric Encryption:
- Involves a pair of public and private keys for encryption and decryption.
- Example: Generating an RSA key pair with
openssl:
openssl genpkey -algorithm RSA -out private_key.pem
openssl rsa -pubout -in private_key.pem -out public_key.pemHash functions create fixed-size outputs (hashes) from variable-size inputs. Digital signatures use asymmetric cryptography to verify the authenticity and integrity of messages.
Hash Functions:
- Example: Computing an SHA-256 hash with
openssl:
openssl dgst -sha256 file.txtDigital Signatures:
- Example: Generating a digital signature with
openssl:
openssl dgst -sha256 -sign private_key.pem -out signature.sig file.txtCertificate Authorities (CAs)
Public Key Infrastructure (PKI) relies on Certificate Authorities (CAs) to issue and manage digital certificates.
Issuing Certificates:
-
Certificate Signing Request (CSR): Generate a CSR with
openssl:openssl req -newkey rsa:2048 -keyout private_key.pem -out csr.pem
-
CA Signing: A CA signs the CSR, producing a digital certificate.
Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), provide secure communication over the internet.
Configuring SSL/TLS:
- Example: Configuring an Nginx server with SSL:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private_key.key;
# Additional SSL configurations...
}Secure the Future. Learn Cybersecurity.