07/31/18

Layer 5 is application-specific data
Ports tell what program to send to, ex. webpage
- prevents getting confused with the windows
DNS (Domain Name Server)
- certain URL's are reserved e.g. example.com
- like telephone numbers beginning with (555)
- DNS resolver of the XP box sends a query to its configured DNS server, requesting the IP address for www.example.com
- The DNS server that received the initial query checks its zones and finds no zones corresponding to the requested domain name; the DNS server is not authoritative for the example.com domain. It sends an inquiry to a root name server
- If you own a domain, you own all the subdomains
Encryption and Security
- Caesar Cipher
  - rotate the alphabet, map each letter to another
  - ex. A --> D = rot 3
  - to decrypt, use rot -3
  - often use rot 13 if you want to hide data
- Vigenere Cipher
  - A different Caesar shift sipher per letter
    - Say, use 10 shift ciphers
  - Restart sequence of shift ciphers eventually
    - 1st letter, 11th letter, 21th letter, 31th letter, etc.
  - Frequency Analysis still possible
    - On every nth letter of message
  - Often identical words encrypt identically
    - Used to determine number of shift ciphers
- Why Encrypt Communications?
  - Confidentaility
    - Prevent Queen Elizabeth from obtaining evidence
  - Message Intergrity
    - Detect Queen Elizabeth's message alterations
  - Authentication
    - Ensure that message really came from Mary
  - Non-Repudiation
    - Authenticated sender cannot deny transmission
- Symmetry ("Secret Key") Encryption
  - Plaintext to Encrypt to Ciphertext
  - Ciphertext to Encrypt to Plaintext
  - If use same key, is symmetric
- Public-Key Encryption
  - Really Public-and-Private Key
  - generate a matched pair of keys
  - Encrypt with recipient's public key
  - Decrypt with own key
  - PGP - Pretty Good Privacy
  - CANNOT use public key to decrypt
  - Can sign with private key
- Passwords
  - No matter how secure they are if they get stolen they can be used elsewhere
  - What we want is a separate way to verify out identity other than the one you are using
  - Two factor authentication
  - 2FA Basic Idea
    - Provide a different form of identity checking
    - Can use one time password to login
    - Ex. Google texts
  - Can use a device
  - Generally backup methods exist if you lose the key

Google Sites

Report abuse