Read about the different types of encryption, tunneling protocols, e-mail encryption protocols, and Public Key Infrastructure
Category: Cryptography
Methods of Authentication: PPP, AAA, and EAP
How do we authenticate when we login to another device or an application? It's much more than just entering a username and password, right? Well, there are actually many ways to authenticate! I'll discuss some of the main ones we use and what goes on behind the scenes. Point-to-Point Protocols (PPP) If you're familiar with ...
Kerberos Authentication
Kerberos is a Single Sign-On (SSO) authentication protocol developed by the Massachusetts Institute of Technology in the 1980s. It is also a written standard in RFC 4120. As an SSO technology, users don't have to worry about entering different login credentials every time they access a resource. If we didn't have SSO technology, it wouldn't ...
Understanding the CIA Triad
No, I'm not referring to the Central Intelligence Agency, I'm referring to the three security principles: Confidentiality, Integrity, and Availability. In the cybersecurity world, these 3 principles are our core security goals. Confidentiality We keep sensitive and personal information "confidential," that is, the confidentiality principle enshrouds itself in preventing the unauthorized disclosure of data. We ...
Decrypting HTTPS Traffic
Hypertext Transfer Protocol over SSL (https) is pretty decent security. This is because https uses the Secure Sockets Layer (SSL) encryption scheme to pass keys between two parties over the Internet. These days, however, most of our Web servers are utilizing Transport Layer Security (TLS 1.2), which is an updated version of SSL 3.0. Therefore, ...
How Does HTTPS Work? The TLS Handshake Explained
http is inherently vulnerable to MitM attacks because client-server communication is transmitted in plaintext over the Internet. This makes http sessions vulnerable to MitM, Session Hijacking, and other dangerous attacks. To remediate this vulnerability, security researchers created https, which stands for Hypertext Transfer Protocol over SSL encryption. Note: Since 2008, we've been using TLS 1.2, ...
The Cybersecurity Man 