Askdeveloper Podcast

Information Security 1. Introduction ○ Security by obscurity § Steganography □ Hiding data inside another form of data, like using non-used bits in image to hide a message § Cool, but not practical. § Disadvantages ◊ Algorithm secrecy vs. key secrecy ○ Cryptography is everywhere and yet if done right, you can barely see it. ○ Goals: § Confidentiality □ Secrets stay secret. § Integrity □ Data is not tampered with. § Non-Repudiation □ No party can deny sending messages. § Authentication □ Each party can ensure that the sender is what they expect. ○ Cryptography § Hashing § Encryption § Signing § Protocols ○ Random Number Generators § Extremely important, almost all encryption/hashing strength is affected by how random the random number generator is. § Don't use simple random number, use a cryptographic random number generator with a sophisticated source of entropy. § Pseudorandom number generator § Dual_EC_DRBG random generat