by Roedy Green ©1996-2009 Canadian Mind ProductsThere are many digital signing and encryption protocols. Here is a summary based on a table on page 218 of Web Security & Commerce.
 |
recommend book⇒Web Security & Commerce | |
| paperback | ||
|---|---|---|
| ISBN13: | 978-1-56592-269-3 | |
| ISBN10: | 1-56592-269-7 | |
| publisher: | O’Reilly  | |
| published: | 1997-06-01 | |
| by: | Simson Garfinkle and Gene Spafford | |
| System | What is it? | Algorithms | Provides |
|---|---|---|---|
| DNSSEC | Secure Domain Name System | RSA, MD5 | Authentication, integrity |
| IPsec and IPv6 | Low-level protocol for encrypting IP packets | Diffie-Hellman and others | Confidentiality (optional), authentication, integrity |
| JCE | Java Cryptographic Extension API from Sun | RSA (signature and encryption), RC2, RC5, SHA-0, SHA-1, MD5, DES, ECB, CBC, IDEA, Blowfish, Twofish. | Allows Java to encrypt and sign files |
| Kerberos | Network security service for securing higher-level applications | DES | Email passwords, Telnet logins, Confidentiality, authentication |
| PCT | Protocol for encrypting TCP, IP transmissions. | RSA, MDS, RCZ, RC4, and others | Confidentiality, authentication, integrity, nonrepudiation |
| PGP | Application program for encrypting electronic mail | IDEA, RSA, MD5 | Email signing and encryption, File encryption, Confidentiality, authentication, integrity, nonrepudiation |
| S-HTTP | Protocol for encrypting HTTP requests and responses | RSA, DES, and others | Confidentiality, authentication, integrity, nonrepudiation; however, it’s obsolete |
| S/MIME | Format for encrypting electronic mail | User-specified | E-mail signing and encryption, Confidentiality, authentication, integrity, nonrepudiation |
| SET and CyberCash | Protocols for sending secure payment instructions over the Internet | RSA, MDS, RC2 | Confidentiality of credit card numbers, but nothing else; integrity of entire message; authentication of buyer and seller; nonrepudiation of transactions |
| SSH | Encrypted remote terminal | RSA, Diffie-Hellman, DES, Triple-DES, Blowfish, and others | Telnet encryption and login, Confidentiality, authentication |
| SSL v3 | Protocol for encrypting TCP/IP transmissions | RSA, RCZ, RC4, MD5, and others | Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation |
| TLS 1 | Protocol for encrypting TCP/IP transmissions | a 128-bit improvement on SSL v3. Handles all the SSL v3 protocols including RSA, RCZ, RC4 and MD5. | Opera browser, Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation |
| Asymmetric Key | Uses private and public keys for encryption and signing | RSA, DSA and DiffieHellman | Code signing, encryption, authentication. DSA is the Digital Signature Alorithm, not used for encryption. |
| Symmetric Key | Uses only secret keys for encryption. | DES, Blowfish, TripleDES | encryption, authentication. Same key used for encryption must be used for decryption. |
Your Java security is only as good as the OS security backing it up. These two websites will probe your OS for security holes and report them back to you. www.DSLREPORTS.com (pay) and spinrite.com (free). When I ran the SpinRite report my hair stood on end about all the information NT was blabbing to the universe without my permission.
Windows NT/2000 has over 1000 known security holes. There are ways of plugging some of them. Stat is a tool for managing this giant piece of Swiss cheese.
 |
 Please email your feedback for publication, errors, omissions, broken/redirected link reportsand suggestions to improve this page to Roedy Green :  | ||
| Canadian Mind Products | 
 |
||
| mindprod.com IP:[65.110.21.43] | |||
| Your face IP:[38.103.63.62] |  | ||
| You are visitor number 13,231. | |||
| You can get a fresh copy of this page from: | or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror) | ||
| http://mindprod.com/jgloss/security.html | J:\mindprod\jgloss\security.html | ||
