Skip to main content
STAGE - Never been refreshed - Debugging On
 
  • CS406: Information Security
    0%

Focus Mode is ON. Click ‘X’ at right bottom to close it.

  • Previous
  • RSA
    General
    Course Syllabus
    Unit 1: Introduction to Information Security
    1.1: The History and Evolution of Information Security
    Information Security History
    Timeline of the History of Information Security
    1.2: Confidentiality, Integrity, and Availability – The CIA Triad
    The CIA Triad
    1.3: Threats, Vulnerabilities, and Risks
    Threats and Vulnerabilities
    The Elements of Security: Vulnerability, Threat, Risk
    1.4: The Risk Management Process
    NIST SP 800-39
    Risk Management
    More on Risk Management
    1.5: The Incident Response Process
    NIST SP 800-61
    Incident Response
    1.6: Security Control
    Security Control
    Security Control Types
    Security Control Functions
    1.7: Defense-in-Depth
    Introduction to Defense-in-Depth
    Defense-in-Depth Example
    Defense-in-Depth
    1.8: Human Behavioral Risks
    The Human Factor
    Humans are the Weakest Link
    Security Awareness, Training, and Education
    Security Threats and the Human Factor
    1.9: Security Frameworks
    Security Frameworks
    Center for Internet Security (CIS) Controls
    Payment Card Industry Data Security Standard (PCI DSS)
    Unit 1 Assessment
    Unit 1 Assessment
    Unit 2: Threats and Attack Modes
    2.1: Threat Terminology
    Threat Terminology
    An Overview of Threats
    Privacy Threats
    2.2: Types of Attacks
    Types of Attacks
    Classifying Threats
    Birthday Attacks
    What is a Botnet?
    More on Botnets
    Man-in-the-Middle Attacks
    Teardrop Attacks
    What is War Dialing?
    More on War Dialing
    Zero-Day Exploits
    2.3: Spoofing Attacks
    Spoofing Attacks
    A Comprehensive Analysis of Spoofing
    Email Spoofing
    Caller ID Spoofing
    IP Address Spoofing
    2.4: Social Engineering
    An Overview of Social Engineering
    Dumpster Diving
    One Man's Trash is Another Man's Treasure
    Shoulder Surfing
    Tailgating
    How to Protect Against Tailgating
    Phishing, Spear-phishing, and Whaling
    Pretexting
    2.5: Application Attacks
    Application Attacks
    Types of Application Attacks
    The Basics of Buffer Overflows
    More on Buffer Overflows
    Time of Check to Time of Use
    Application and Escalation of Privilege
    Escalation of Privilege
    2.6: Web Application Attacks
    Types of Application Attacks
    Cross-Site Scripting
    Examples of Cross-Site Scripting
    How Does XSS Work?
    SQL Injection
    Examples of SQL Injection Attacks
    How Application Flaws Enable SQL Injection
    2.7: Malware attacks
    Common Types of Malware
    Malware Functions
    Computer Viruses, Worms, Trojan Horses, Spyware, and Adware
    The Security Risks of Viruses, Worms, and Trojan Horses
    Types of Trojan Horses
    Logic Bombs
    2.8: Denial of Service (DoS) and Distributed Denail of Service (DDoS)
    Denial of Service (DOS)
    Distributed Denial of Service (DDoS)
    How DoS Attacks Work
    Type of DoS and DDoS Attacks
    Unit 2 Assessment
    Unit 2 Assessment
    Unit 3: Cryptographic Models
    3.1: Cryptographic History
    History of Cryptography
    Classical Cryptosystems
    3.1.1: The Caesar Cipher
    Caesar Cipher
    Caesar Cipher Project
    3.1.2: One-Time Pads
    One-time Pads
    3.2: Goals of Cryptography
    Cryptographic Goals
    Confidentiality and Nonrepudiation
    Confidentiality, Integrity, and Authenticity
    Cryptographic Authentication
    3.3.1: Symmetric Key Algorithms
    Symmetric Key Ciphers
    What is Symmetric Key Encryption?
    3.3.2: Asymmetric Key Algorithms
    Asymmetric Key Ciphers
    What is Asymmetric Encryption?
    3.3.3: Hashing Algorithms
    Cryptographic Hash
    Hashing
    3.4.1: Symmetric Key Algorithms
    Symmetric Key Algorithms
    3.4.1.1: DES
    Data Encryption Standard (DES)
    DES
    3.4.1.2: 3DES
    3DES
    3DES Key Versions
    3.4.1.3: AES
    Advanced Encryption Standard (AES)
    AES Complete Explanation
    3.4.1.4: Ciphers (RC4, RC5, RC6, Blowfish, Twofish)
    Rivest Cipher 4 (RC4)
    More on RC4
    Rivest Cipher 5 (RC5)
    Rivest Cipher 6 (RC6)
    The Blowfish Cipher
    Twofish
    3.4.2: Asymmetric Key Algorithms
    Asymmetric Key Algorithms
    3.4.2.1: RSA
    Public Key Cryptography: RSA Encryption Algorithm
    RSA
    3.4.2.2: DSA
    Digital Signature Algorithm
    3.4.2.3: Pretty Good Privacy (PGP)
    What is Pretty Good Privacy (PGP)?
    Pretty Good Privacy (PGP)
    PGP and the Web of Trust
    3.4.2.4: GPG
    Gnu Privacy Guard (GPG)
    Using GPG with Linux
    3.4.2.5: Diffie-Hellman
    Diffie-Hellman Cryptography
    Diffie-Hellman Protocol
    3.4.2.6: Elliptic-Curve Cryptography
    Elliptic Curve Cryptography (ECC)
    Elliptic Curve Algorithm
    3.5: Hashing Algorithms
    Cryptographic Hash
    3.5.1: Digital Certificates
    Digital Certificates
    Message Digest History
    3.5.2: Message Digest 5 (MD5)
    Message Digest 5 (MD5)
    3.5.3: Secure Hash Algorithm (SHA-0, SHA-1, SHA-2, and SHA-3)
    Secure Hash Algorithm (SHA-0, SHA-1, and SHA-2)
    FIPS PUB 202: SHA-3
    3.5.4: Hashed Message Authentication Code (HMAC)
    Hashed Message Authentication Code (HMAC)
    Unit 3 Assessment
    Unit 3 Assessment
    Unit 4: Access Control
    4.1: Access Control
    Access Control Fundamentals
    Access Control
    4.2: Access Control Terminology
    Least Privilege, Separation of Duties, and Need-to-Know
    Relationship Between Least Privilege and Need-to-Know
    Least Privilege and Privilege Creep
    Least Privilege and Attacks
    Separation of Duties
    Access Control Matrix and Access Control List (ACL)
    Access Control Matrix and Access Control List (ACL) Functionality
    4.3: Access Control Models
    Access Control Models
    4.3.1: Mandatory Access Control (MAC) and Discretionary Access Control (DAC)
    Mandatory Access Control (MAC) and Discretionary Access Control (DAC)
    Comparing MAC and DAC
    Bell-LaPadula Model
    Simple Security, Star Property, and Discretionary Security Property
    Biba Model
    Comparing Bell-LaPadula and Biba Models
    4.3.2: Role-Based Access Control (RBAC)
    Role-Based Access Control (RBAC)
    RBAC Access Control
    4.3.3: Rule-Based Access Control (RB-RBAC)
    Rule-Based Access Control (RB-RBAC)
    RB-RBAC versus the RBAC Model
    Unit 4 Assessment
    Unit 4 Assessment
    Unit 5: Identification and Authentication
    5.1: Identification
    Identification, Authentication, and Authorization
    Authentication and Authorization Basics
    5.2: Authentication Types
    Password Security
    Tokens and Biometrics
    Biometrics
    Security and Accuracy of Biometrics
    5.3: Human Authentication Factors
    Human Factors Used in Authentication
    Authentication Factor Descriptions
    Methods of Authentication
    5.4: Authentication Forms
    Authentication Forms
    Multifactor Authentication
    Authentication
    Mutual Authentication
    5.5: Authentication Protocols: RADIUS, TACACS+, PAP, CHAP, MS-CHAP, and EAP
    Authentication Protocols
    Authentication Services
    Terminal Access Controller Access Control System (TACAS)
    Diameter
    PAP, CHAP, MS-CHAP, and EAP
    5.6: Single Sign-On (SSO)
    Kerberos
    Singe Sign-On (SSO)
    Kerberos Facts
    Kerberos History
    Kerberos Weaknesses
    Kerberos and Lightweight Directory Access Protocol (LDAP)
    Lightweight Directory Access Protocol (LDAP)
    Directory Services Overview
    5.7: Public-Key Infrastructure (PKI)
    Public-key Infrastructure (PKI)
    More on Public-key Infrastructure (PKI)
    Certificate and Registration Authorities
    Certificate Authorities
    Digital Certificate Defined
    Digital Certificate
    Unit 5 Assessment
    Unit 5 Assessment
    Unit 6: Network Security
    6.1: Network Security Design
    Elements and Components of Network Design
    The Importance of Network Segmentation
    Segmentation Helps to Keep Your Network Secure
    Network Security Zoning
    Redundancy
    Redundancy Methods
    6.2: Firewalls
    What is a Firewall and How Does it Work?
    Firewall Basics and Firewall Placement
    Packet Filtering
    Inbound and Outbound Packet Processing
    Stateful Packet Inspection
    Deep Packet Inspection
    Deep Packet Inspection and Routers
    6.3: Wireless Networks
    Introduction to Wireless Networks and Wireless Encryption
    Wireless Network Basics
    More Wireless Basics
    Virtual Ethernet Tunneling
    Risks Associated with BYOD
    6.4: Network Protection
    Honeypots
    Honeypots and Honeynets
    Privacy Issues with Honeypots and Honeynets
    Network Sniffers
    Wireless Sniffing
    Packet Capturing Using tcpdump and Wireshark
    6.5: Web Security
    Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS)
    Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
    Domain Name System (DNS) and Domain Name System Security extensions (DNSSEC)
    Unit 6 Assessment
    Unit 6 Assessment
    Unit 7: Operating System (OS) Security
    7.1: OS Hardening
    System Hardening
    Classic Hardening on Servers
    Log Files and Unnecessary Services and Accounts
    Configuring Accounts
    Why Patching Does Not Happen Sometimes
    Patching Can Be Hard
    System Auditing
    7.2: OS Protection Methods
    What is Antivirus Software?
    Antivirus Versus Antimalware
    7.3: OS Firewalls
    Linux IPtables
    7.4: OS Security Tools
    How Scanners Work
    What is a Vulnerability Assessment?
    Vulnerability Assessment Using SCAP
    Unit 7 Assessment
    Unit 7 Assessment
    Unit 8: Intrusion Detection and Prevention Systems
    8.1: Intrusion Detection Systems (IDS)
    The Basics of Intrusion Detection Systems
    Comparison of IDS and IPS
    Intrusion Detection Systems
    Signature and Anomaly-based IDS
    Signature-based IDS
    Anomaly-based IDS
    Rule-based IDS
    Rule-based IDS Example
    8.2: Network Intrusion Detection Systems (NIDS)
    Network Intrusion Detection
    8.3: Host-based Intrusion Detection Systems (HIDS)
    Host-based Intrusion Detection Systems (HIDS)
    A Review of Intrusion Detection
    8.4: Intrusion Prevention Systems (IPS)
    Intrusion Prevention System
    8.5: System Information and Event Management (SIEM)
    Security Incident and Event Management (SIEM)
    Scanners
    Network Scans
    Web Application Scans
    Splunk for Security
    Unit 8 Assessment
    Unit 8 Assessment
    Unit 9: Privacy Laws, Penalties, and Privacy Issues
    9.1: Electronic Data Privacy Protection
    Data and Protecting the Right to Privacy
    The Right to Privacy
    9.2: Global Privacy Laws
    The Future of a Global Privacy Framework
    Privacy Policies in the Digital World
    The US Privacy Act of 1974
    US Privacy Act and the EU Data Protection Directive
    Health Insurance Portability and Accountability Act of 1996 (HIPAA)
    HIPAA Summary
    European General Data Protection Regulation (GDPR)
    Personal Data and Data Subjects in the GDPR
    Unit 9 Assessment
    Unit 9 Assessment
    Study Guide
    CS406 Study Guide
    Course Feedback Survey
    Course Feedback Survey
    Certificate Final Exam
    CS406: Certificate Final Exam
  • Next
  • Course Catalog
    • All categories
    Arts & Humanities
    • Art History
    • Communication
    • English
    • Philosophy
    • Catalyst IT Test
    • Business Administration
    • Computer Science
    • English as a Second Language
    Professional Development
    • General Knowledge for Teachers
    Science and Math
    • Biology
    • Chemistry
    • Mathematics
    • Physics
    Social Science
    • Economics
    • Geography
    • History
    • Political Science
    • Psychology
    • Sociology
  • Home
  • Specialization Programs
    Specialization Programs MBA Degree Program
  • Help
    Getting Started Help Center & FAQ
Close
Toggle search input
You are currently using guest access
Log in
Course Catalog Collapse Expand
  • All categories
Arts & Humanities
  • Art History
  • Communication
  • English
  • Philosophy
  • Catalyst IT Test
  • Business Administration
  • Computer Science
  • English as a Second Language
Professional Development
  • General Knowledge for Teachers
Science and Math
  • Biology
  • Chemistry
  • Mathematics
  • Physics
Social Science
  • Economics
  • Geography
  • History
  • Political Science
  • Psychology
  • Sociology
Home Specialization Programs Collapse Expand
Specialization Programs MBA Degree Program
Help Collapse Expand
Getting Started Help Center & FAQ
Expand all Collapse all
Skip Table of contents

Table of contents

  • 1. Introduction
  • 2. Operation
    • 2.1. Key Generation
    • 2.2. Encrypting messages
    • 2.3. Decrypting messages
    • 2.4. Signing Messages
  • 3. Security
  • 4. Practical considerations
    • 4.1. Key generation
    • 4.2. Speed
    • 4.3. Key distribution
    • 4.4. Timing attacks
    • 4.5. Adaptive Chosen Ciphertext Attacks
  1. CS406: Information Security
  2. Unit 3: Cryptographic Models
  3. 3.4: Types of Key Algorithms
  4. 3.4.2: Asymmetric Key Algorithms
  5. 3.4.2.1: RSA
  6. RSA

RSA

  • Book
  • Print book
  • Print this chapter
Completion requirements

RSA is an asymmetric algorithm and is attributed to three people but reading this article will explain who developed the algorithm years earlier. When reading this article, try to understand the section on key generation, encrypting messages, decrypting messages, and signing messages. Most importantly, note the speed of RSA in comparison to DES that was discussed in the section on symmetric key encryption. Also note how attacks such as man-in-the-middle and RSA blinding attacks can be avoided.

   

Contact site support
You are currently using guest access (Log in)
Policies
Get the mobile app
Powered by Moodle

© Saylor Academy 2010-2024 except as otherwise noted. Excluding course final exams, content authored by Saylor Academy is available under a Creative Commons Attribution 3.0 Unported license. Third-party materials are the copyright of their respective owners and shared under various licenses. See detailed licensing information. Saylor Academy®, Saylor.org®, and Harnessing Technology to Make Education Free® are trade names of the Constitution Foundation, a 501(c)(3) organization through which our educational activities are conducted.

Privacy Policy Terms & Conditions

Saylor Academy © 2010-2025 except as otherwise noted. Excluding course final exams, content authored by Saylor Academy is available under a Creative Commons Attribution 3.0 Unported license. Third-party materials are the copyright of their respective owners and shared under various licenses. See detailed licensing information. Saylor Academy®, Saylor.org®, and Harnessing Technology to Make Education Free® are trade names of the Constitution Foundation, a 501(c)(3) organization through which our educational activities are conducted.