<– 4 – Storing Data: Spreadsheets and Databases | 6 – The Internet –>
Learning Objectives
After completing this unit students will be able to:
- Identify different ciphers and their pros and cons: caesar, random substitution, vigenere
- Demonstrate why encryption is important in computing
- Describe secret key (symmetric) and public/private key (asymmetric) encryption
- Understand the uses of RSA and Diffie-Hellman encryption
- SSL/TLS, Digital Certificate (CA)
- Understand one-way functions and simple modular algebra and how they relate to encryption
- Describe some basic types of security threats such as phishing, SQL Injection, dictionary attacks, and types of malware
- Understand what makes a good password (length)
- Describe why a hash is useful in passwords
- Understand how salts help in defending against rainbow table attacks
- Describe the role of social engineering in most major breaches in recent history
- Recognize when heuristic techniques are necessary/Indicate when problems are computationally hard (Traveling Salesman Problem)
- Describe how Big O notation affects the efficiency of computational tasks
- Be familiar with P vs. NP problems
- Understand the importance of the halting problem
Suggested Reading
- Blown to Bits, Chapter 5 – Secret Bits. pp 161-193
- Blown to Bits, Chapter 6 – Balance Toppled pp 195-228
- Nine Algorithms that Changed the Future, Chapter 4 – Public Key Encryption. pp 32-46
- Nine Algorithms that Changed the Future, Chapter 9 – Digital Signatures. pp 109-125
- Nine Algorithms that Changed the Future, Chapter 10 – What is Computable. pp 174-198
Important Videos
- The Imitation Game
- Encryption and Public Keys – Code.org
- Cryptography – Crash Course to CS
- Public Key Encryption
- SHA – Secure Hashing
- Passwords and Hash Functions Explained
- RSA Encryption Algorithm
- Diffie-Hellman Key Exchange
- Enigma Machine
- Flaw in Enigma
- Big O Notation
- Big O Notation with Derek Banas
- P vs. NP
Important Vocab
- Asymmetric key encryption – a different key is used to encrypt and decrypt a message
- Backdoor – a secret way to bypass traditional access to a device or network
- Botnet – a large network of internet-robots called bots controlled by a command-and-control server, often used for DDoS attacks
- Caesar Cipher – a shift cipher where each letter is shifted the same amount
- Cipher – a pair of algorithms that give details on how to encrypt and decrypt the data
- Computationally hard – a problem that takes too long even for a computer to find the exact solution
- DDoS – distributed denial-of-service attack, hackers flood a site with fake request making all the site’s resources unavailable for legitimate users
- Decryption – the reverse process of encryption
- Digital Certificate – a trusted third-party file that verifies a site as legitimate
- Digital signature – an electronic signature that, by using public key, can be verified authentic
- Encryption – taking text and converting it so it is illegible
- Hacker – anyone who uses their technological skills to solve problems. A malicious security hacker exploits weakness on a computer or network and can steal or disrupt data
- Hashing – the process of running data through a one-way function that takes data of varying sizes and returns a unique fixed length value
- Heuristic approach – an approach that gives results that are “good enough” when an exact answer is not necessary
- Key – in cryptography, a shared secret to make encryption harder to crack
- Logic bomb – code that has been placed into software that waits to run until specific conditions are met
- Malware – malicious software intended to cause damage to a computer or network
- Modular arithmetic – using the remainder when dividing, also known as clock arithmetic
- Multi-factor authentication (MFA) – using two or more methods for verifying a user
- NP problem – nondeterministic polynomial time, a problem that can be verified, but not solved, in polynomial time
- One-way Function – a problem that is easy in one direction and difficult in the other
- P problem – polynomial time, a problem that can both be solved and verified in polynomial time
- Phishing – using “bait” to trick a user into handing over sensitive information like usernames, passwords, or credit card numbers
- Private Key – a shared secret needed to decrypt a message
- Public Key – a system that allows a key to be publicly published
- Salting – adding a random set of characters to a password before it is hashed to protect against rainbow table attacks
- Spear phishing – a type of phishing attack that targets a specific person or group using pre-existing knowledge
- SSL – Secure Sockets Layer, issues digital certificates for websites
- Substitution Cipher – a cipher where a letter is mapped or swapped with another letter in the alphabet
- Symmetric Key Encryption – the same key is used both to encrypt and decrypt a message
- TLS – Transport Layer Security, issues digital certificates for websites
- Traveling Salesman Problem (TSP) – an NP-hard problem that, when given distances between pairs of cities, seeks to map out the shortest route between many cities and return back to the original city
- Trojan Horse – malware disguised to hide its true intent
- Two-factor Authentication (2FA) – a subset of MFA where exactly two methods for verifying a user are implemented
- Virus – a program that infects other programs and usually spreads to other programs or computers by copying itself repeatedly
- Worm –a standalone piece of malware that can disrupt a network by copying itself repeatedly without human interaction
<– 4 – Storing Data: Spreadsheets and Databases | 6 – The Internet –>