Encryption
Big picture - Why
Basics
Ciphers
Key exchange
Identity verification - public key crypto
Key points:
Now users can send messages that only the intended recipient can read.
They can use this system to prove that they are who they say they are.
Problems:
This is SLOW. Not good for lots of data
How do you know the public key you have is actually from the right person?
Hashing
Certification
Real world - HTTPS
Passwords
History
Multi-national Companies' Encryption Policies
Rememebr, questions may cover:
passwords
HTTP(S)
any major development in encryption (e.g. private / public key)
policies, or practices of a multi-national technology corporation*
* The multi-national technology corporation must be from the following list: Apple, Microsoft, Amazon, Google (including Waymo), Meta (including Facebook), Tencent (including WeChat), ByteDance (including TikTok).
Candidates can ONLY choose from the list of corporations provided. They only need to choose one corporation.
Where it is not possible to know the corporation’s policies or procedures, questions will be of the “how might / should” type.
Google
A Summary
When you use Google Cloud your data is encrypted in transit and at rest to protect the data.
- Encryption in transit - used to protect data that is traveling over the internet or travelling within Google's own infrastructure. Google uses TLS
- Encryption at rest - used to protect data that is stored on a disk (including SSDs) or backup media.
MicroSoft
Amazon
Apple
A human and not a technical response to Apple's announcement of end-to-end encryption
Wall Street Journal's more technical take on Apple's end-to-end encryption