MIS 5214 - Section 001 - David Lanter
January 27, 2022 by Jose Gomez 24 Comments
Kyuande Johnson says
January 29, 2022 at 11:43 am
What is the difference between a private key and a public key?
zijian ou says
February 1, 2022 at 7:59 am
The private key is used to both encrypt and decrypt the data. This key is shared between the sender and receiver of the encrypted sensitive information. The private key is also called symmetric, being common for both parties. Private key cryptography is faster than public-key cryptography mechanisms.
The public key is used to encrypt, and a private key is used to decrypt the data. The private key is shared between the sender and receiver of the encrypted sensitive information. The public key is also called asymmetric cryptography.
Victoria Zak says
February 1, 2022 at 9:24 pm
This is a great question… knowing the difference between a private and a public key is beneficial. A private key aka secret key is used for encryption and decryption. It is a symmetric key because the only key is to copy or share by another party to decrypt the cipher text. Private keys are a lot faster than a public key. Additionally, the sender and receiver needs to share the same key.
A public key are two keys being used for encryption and another key is used for decryption.. The public key is used to encrypt the plain text to convert it into cipher text and the private key is used by the receiver to decrypt the cipher text to read the message. A public key is known as asymmetrical because there are 2 types of keys as described above.
Andrew Nguyen says
January 29, 2022 at 2:32 pm
One question that I would like to discuss with my classmates would be about the cryptography in general. What are the downsides of using cryptography?
Antonio Cozza says
January 30, 2022 at 3:50 am
I think that the main drawback of stronger encryption methods is the time variable; the more secure a system is in almost every case, the less usable it is in general. In a similar fashion, the stronger the encryption method / the longer the key length is, the longer it will take to encrypt and decrypt the message, making a more time-dependent encryption sequence. Some major exploits have been able to capture and record data during the encryption / decryption process, so it is always something to consider.
Madalyn Stiverson says
February 1, 2022 at 4:13 pm
Ultimately, it’s a trade off between confidentiality/integrity and availability. Cryptography will increase the confidentiality and integrity of the data, but will reduce the availability of it. Users accessing the encrypted data may need to take additional steps such as elevating privilege before being able to read the encrypted data.
Depending on the type of encryption, there’s also the risk of a man in the middle attack.
Patrick Jurgelewicz says
January 29, 2022 at 3:31 pm
IPsec standards provide more security than SSL/TLS, but are also more expensive to implement. In what cases might a company decide to choose SSL/TLS protection over IPsec?
Kelly Sharadin says
January 29, 2022 at 7:44 pm
Im curious if anyone has any examples of utilizing cryptography in their day-to-day. I have been trying to think of examples in my own line of work. Top of my head, my firm really pushes communicating using encrypted out-of-band platforms but I personally do not work directly with cryptography and would be curious if any of my classmates do.
February 1, 2022 at 4:22 pm
I don’t personally work with cryptography, but I do receive a lot of encrypted emails. By encrypting these emails, we’re trading availability for confidentiality and integrity.
Opening these encrypted emails will typically take me to an online login portal. Yet ironically, this website portal is blocked by my company. Meaning I have to request the sender to provide these emails a different way… and that means they’re typically sent in plaintext. Or they’ll send a locked file and call me with the password, which is time consuming and prone to error..
My takeaway from this is that it’s important to make sure your encryption techniques are implemented in a way that they won’t inadvertently be blocked by the recipients’ email and web filters.
Dhaval Patel says
January 29, 2022 at 7:59 pm
What does the process of enabling SSL/TLS look like in a Linux environment?
January 30, 2022 at 1:03 am
How public key encryption can securely provide symmetric session keys？
January 30, 2022 at 3:46 am
Is it likely that the debate over security vs privacy will actually lead to widescale reduced usage of applications / software, etc which enforce strict data privacy and usage policies so that they can sell it recklessly to profit over the average user?
January 30, 2022 at 10:34 am
What are the similarities and differences between digital certificates and drivers’ licenses?
February 1, 2022 at 10:41 am
Hey Madalyn, this is an interesting comparison, as both documents are issued by a trusted entity in order to verify the true identity of someone or something. One major difference is that driver licenses are typically only issued by one entity, the state government, whereas digital certificates can be issued by a number of root certificate providers. Certificate providers also need their own digital certificate, which can lead to interesting situations such as the time Google’s certificate was spoofed possibly by the Iranian government.
kofi bonsu says
February 2, 2022 at 4:41 am
I like your question due to the fact that digital certificate and driver license have following similarities. Digital certificate and drivers’ licenses both are used for the identification of the owner. • Digital certificates ensure the identity of owner of the document and driving license ensure the identity of person
Dan Xu says
January 30, 2022 at 11:50 am
When organizations adopt the concept of functionality, automatic and manual assessments, will all security controls and privacy controls that constitute a security or privacy function be considered？
Vraj Patel says
January 30, 2022 at 3:19 pm
What is the difference between the NIST 800-53Ar4 and the NIST 800-53B?
January 30, 2022 at 8:23 pm
What could create an error on a SSL/TSL Certificate?
January 31, 2022 at 7:58 pm
There are multiple things that could cause an error on the SSL/TSL certificate. However, the couple of things that could cause and error on SSL/TSL Certificate are if the time and date is not set properly on the clients system or if the server is not supporting that service.
January 30, 2022 at 9:01 pm
The probable question that I would share and discuss with my classmates is stated below:
How good are we at building privacy and ethics in using the data? And this question will be discussed thoroughly with all my classmates.
Michael Jordan says
January 30, 2022 at 11:46 pm
Would it be possible for an attacker to hijack or receive a duplicate of an SSL/TLS certificate for a website/organization, since (to my understanding) these certificates are provided by third parties? Isn’t the certificate only as reputable as the third party issuing it?
Olayinka Lucas says
January 30, 2022 at 11:50 pm
I have always wondered and would like to ask if there is any other control for ensuring access controls are more effective than encryption. Years of research point to encryption as the most secure means of access management for data at rest and in transit; however, I would like to know if there are better controls. Secondly, if not encryption, what is another alternative?
Lauren Deinhardt says
February 1, 2022 at 10:06 pm
My question is how would you audit a healthcare organizational system, versus a chain restaurant?
Bernard Antwi says
February 2, 2022 at 6:32 am
What are essential ingredients of the public key directory?
You must be logged in to post a comment.