Professional Documents
Culture Documents
that only those for whom it is intended can read and process it.
Symmetric algorithm: If there is just one key for encrypting and decrypting, the algorithm is
called symmetric.
Asymmetric algorithm: If there are two different keys, each of which can be used only to
encrypt data or only to decrypt it, the algorithm is called asymmetric. If an algorithm is
asymmetric, one person publishes a key and accepts messages encrypted with that key. Anyone
can encrypt a message, but only the person who owns the other key can decrypt it. This is how
online stores, banks, etc., work.
http://www.garykessler.net/library/crypto.html
There are two basic techniques for encrypting information: symmetric
encryption (also called secret key encryption) and asymmetric encryption (also
called public key encryption.)
https://support.microsoft.com/en-us/kb/246071
Generally asymmetric encryption schemes are more secure because they require both a
public and a private key. Certainly with symmetric encryption you have to worry about
secure key exchange but as far as I can tell there's no inherent reason why one must be
more secure than the other.
Especially given that the asymmetric part is often just used for the key exchange and then
the actual data is encrypted with a symmetric algorithm.
So, am I missing something or can a general statement like this really be made about which
is more secure.
There is no way to directly compare them. I would point out the only thing we can say is secure is one
time truly random pad based XOR stream cipher (which is symmetric), however key exchange is a major
problem. We can also say that we can, in theory, break RSA and El Gammel (the two main asymmetric)
algorithms) with quantum computing, we just haven't built the device to actually do it..
For the same key size typically the asymmetric encryption (especially RSA) is less secure. Of course in
practice you offset this by using larger keys.
.Public-key, or asymmetric, cryptography also emerged in the mid-1970s.Publickey ciphers use a pair of keys: the public key that gets shared with other
people, and a corresponding private key that is kept secret by its single owner.
For example, Alice can create a key pair and share the public key with Bob and
anyone else who might want to send her a secret message. Bob can encrypt a
message to Alice by using her public key, and Alice can decrypt it using her
private key.
One disadvantage of symmetric-key algorithms is the requirement of a shared secret key, with both
parties holding the same copy at each end. In order to ensure secure communications between
everyone in a group of n people a total of n(n - 1)/2 keys are needed, which is the total number of
possible communication channels.[1] To limit the impact of a potential discovery by a cryptographic
attacker, they should be changed regularly and kept secure during distribution and in service. The
process of selecting, distributing and storing keys is known as key management, and is difficult to
achieve reliably and securely.
2 para
Cloud computing is a term for the delivery of hosted services over the Internet.
The cloud in cloud computing was the symbol network engineers used to
illustrate unknown domains and large networks of servers located elsewhere.
Using the power of other computers somewhere on the Internet thats what
cloud computing is all about.
Cloud computing is just hosted computer services, said Pascal Schuback, a
program coordinator for the King County, Wash., Office of Emergency
Management. It is simply using the power of other computers on the Internet.
Emergency managers use a cloud every day without thinking twice to: check
email, collaborate with applications like SharePoint, access social and
professional networks, watch videos on YouTube, or use almost anything from
Google.
Cloud computing is not new. What is new is how its being applied. What it can
do for emergency management is make the job a lot easier.
Like everything else, there are pros and cons to delivering services via cloud
computing.
One big advantage is the cost. The individual user needs only a
terminal/monitor/modem with some limited local storage and access to the
Internet. Commercial software packages vanish in favor of subscriptions to the
programs or services needed. The agency doesnt need a room full of servers,
and IT departments shrink because the data center doesnt exist.
http://www.emergencymgmt.com/disaster/How-Cloud-Computing-Can-BenefitDisaster-Response.html
Conventional Encryption involves transforming plaintext messages into ciphertext messages that are to be
decrypted only by the intended receiver. Both sender and receiver agree upon a secrete key to be used in
encrypting and decrypting. Usually the secrete key is transmitted via public key encryption methods.
Conventional encryption ciphers rely on a single key for both encryption and decryption. Modern
protocols will use a private key for encryption and a different public key for decryption. These two
keys are mathematically related in a fashion that allows them to encrypt/decrypt the same data
successfully.
Deduplication copies bring a lot of benefits for cloud computing, we have a one more major
issue which is security. Security issues should be eliminated or high security standards must be
followed when data is being handled in cloud environment. Normally, we follow the basic
encryption-decryption algorithm to encrypt the data while transferring and decrypting the data
while receiving. The drawback in this technique is that different users may form different
encryption keys through which deduplication are not efficiently possible. So, we propose a new
technique called
Hybrid Cloud: This model comprised both the private and public cloud models where
organization might run non - core application in a public cloud, while maintaining core
applications and sensitive data in- house in a private cloud.
Complexity of Security Aspects
When we think about security of organizations core IT infrastructure there is need to provide
security at network level, host level, application level and when we talk about data security two
aspects are included data transmission security and data storage security.
The cloud security issues deals with all the challenges associated with securing an organizations
core IT infrastructure at the network, host, and application levels as well as the vulnerabilities
and attacks related to the data security including: Data-in-transit, Data-at-rest, Processing of data
including multitenancy, Data lineage, Data provenance, Data lock-in, .
USE OF CRYPTOGRAPHY IN CLOUD COMPUTING
In cloud computing the users can upload their information to the centralized large data centers
where management of data and services are not trustworthy because information is uploaded by
the users into cloud data centers not encrypted hence that is accessed by everyone For better
security of cloud data centers the information is encrypted by the users by using cryptography
techniques before uploading into the cloud data centers. The cryptography is the art and science
of achieving security by encoding messages to make them non- readable. The original plain text
message is in simple English language that can be understood by everyone. The codified
message by cryptographic techniques is called as ciphertext message
cloud computing is such a technology with the help of which you can store your data not
only in your computer but on an online network as well. It is just like if you have
connected to the internet and you are uploading some files on a data sharing websites.
These websites are the best example of cloud computing. If you will save your date only
in your hard drive then you will lose all your data when your hard drive will suddenly
stop working. Something like this may not happen with you but it happens with many
people. If you want to keep your data save even when your hard drive is out of order
then you must use cloud computing.
The biggest benefit of using this technology is that, you are not only storing your data in
your computer but you are also storing it at such place from where you can access it at
any time. There are certain software programs that can help you to do this. All you will
have to do is toinstall cloud computing software in your computer and store all your
important data with the help of that software. Once you will store your data in that
software, it will be automatically uploaded on the internet and stored in a cloud
computing network. Now, whenever you need to use that data again, you can get
access to it with the help of internet.
If you are traveling and you forgot to take your PC with your then you will be afraid
about using the data that you had saved in your PC. However, if you will be using cloud
computing then you will not have to worry about data being lost because you
can download that data from the cloud network very easily. you will just need another
computer and an internet connection to retrieve all your data and do your work.
Author Bio:- Crystal J. Briscoe is from Self Test Engine. Looking for 642-993 exam
help? Lets take advantage of Self Test Engine 642-994 training and pass your IT
exams on first try.