Cryptography and Network Security

  1. Network Security Applications
    1. Email Security
      1. Email Security Threats
        1. Email Interception
          1. Email Modification
            1. Phishing Attacks
              1. Spear Phishing
                1. Whaling
                2. Email Spoofing
                  1. Header Manipulation
                    1. Domain Spoofing
                    2. Malware Distribution
                      1. Attachment-based Malware
                    3. Email Security Mechanisms
                      1. Email Encryption
                        1. Digital Signatures for Email
                          1. Secure Email Protocols
                          2. Pretty Good Privacy (PGP)
                            1. PGP Architecture
                              1. Hybrid Cryptosystem
                                1. Compression
                                2. PGP Operation
                                  1. Message Encryption
                                    1. Digital Signatures
                                      1. Key Management
                                      2. Key Management in PGP
                                        1. Key Generation
                                          1. Key Distribution
                                            1. Web of Trust
                                              1. Key Servers
                                            2. S/MIME
                                              1. S/MIME Architecture
                                                1. PKCS Standards
                                                  1. Certificate-based Security
                                                  2. S/MIME Functions
                                                    1. Signed Messages
                                                      1. Encrypted Messages
                                                        1. Signed and Encrypted Messages
                                                        2. Certificate Management
                                                          1. Certificate Acquisition
                                                            1. Certificate Validation
                                                              1. Certificate Storage
                                                          2. IP Security (IPsec)
                                                            1. IPsec Overview
                                                              1. IPsec Goals
                                                                1. IPsec Benefits
                                                                  1. IPsec Applications
                                                                  2. IPsec Architecture
                                                                    1. Security Associations (SAs)
                                                                      1. SA Parameters
                                                                        1. SA Database
                                                                          1. SA Establishment
                                                                          2. Security Policy Database (SPD)
                                                                            1. Policy Rules
                                                                              1. Traffic Selectors
                                                                              2. IPsec Modes
                                                                                1. Transport Mode
                                                                                  1. Tunnel Mode
                                                                                2. Authentication Header (AH)
                                                                                  1. AH Protocol
                                                                                    1. Header Format
                                                                                      1. Authentication Coverage
                                                                                      2. AH Processing
                                                                                        1. Outbound Processing
                                                                                          1. Inbound Processing
                                                                                          2. Use Cases
                                                                                            1. Authentication Only
                                                                                              1. Integrity Protection
                                                                                            2. Encapsulating Security Payload (ESP)
                                                                                              1. ESP Protocol
                                                                                                1. Header and Trailer Format
                                                                                                  1. Encryption Coverage
                                                                                                  2. ESP Processing
                                                                                                    1. Outbound Processing
                                                                                                      1. Inbound Processing
                                                                                                      2. Encryption and Authentication
                                                                                                        1. Combined Mode Operations
                                                                                                          1. Separate Encryption and Authentication
                                                                                                        2. Internet Key Exchange (IKE)
                                                                                                          1. IKE Protocol
                                                                                                            1. IKEv1
                                                                                                              1. IKEv2
                                                                                                              2. IKE Phases
                                                                                                                1. Phase 1
                                                                                                                  1. Main Mode
                                                                                                                    1. Aggressive Mode
                                                                                                                    2. Phase 2
                                                                                                                      1. Quick Mode
                                                                                                                    3. Key Management
                                                                                                                      1. Key Generation
                                                                                                                        1. Key Exchange
                                                                                                                          1. Key Refresh
                                                                                                                      2. Web Security
                                                                                                                        1. Web Security Threats
                                                                                                                          1. Eavesdropping
                                                                                                                            1. Passive Monitoring
                                                                                                                              1. Traffic Analysis
                                                                                                                              2. Man-in-the-Middle Attacks
                                                                                                                                1. SSL Stripping
                                                                                                                                  1. Certificate Spoofing
                                                                                                                                  2. Phishing Attacks
                                                                                                                                    1. Website Impersonation
                                                                                                                                      1. Credential Harvesting
                                                                                                                                      2. Cross-Site Scripting (XSS)
                                                                                                                                        1. Reflected XSS
                                                                                                                                          1. Stored XSS
                                                                                                                                            1. DOM-based XSS
                                                                                                                                            2. Cross-Site Request Forgery (CSRF)
                                                                                                                                              1. SQL Injection
                                                                                                                                                1. Session Hijacking
                                                                                                                                                2. Secure Sockets Layer (SSL)
                                                                                                                                                  1. SSL Protocol Stack
                                                                                                                                                    1. SSL Record Protocol
                                                                                                                                                      1. SSL Handshake Protocol
                                                                                                                                                        1. SSL Change Cipher Spec Protocol
                                                                                                                                                          1. SSL Alert Protocol
                                                                                                                                                          2. SSL Handshake
                                                                                                                                                            1. Client Hello
                                                                                                                                                              1. Server Hello
                                                                                                                                                                1. Certificate Exchange
                                                                                                                                                                  1. Key Exchange
                                                                                                                                                                    1. Finished Messages
                                                                                                                                                                    2. SSL Record Protocol
                                                                                                                                                                      1. Fragmentation
                                                                                                                                                                        1. Compression
                                                                                                                                                                          1. MAC Computation
                                                                                                                                                                            1. Encryption
                                                                                                                                                                          2. Transport Layer Security (TLS)
                                                                                                                                                                            1. TLS Versions
                                                                                                                                                                              1. TLS 1.0
                                                                                                                                                                                1. TLS 1.1
                                                                                                                                                                                  1. TLS 1.2
                                                                                                                                                                                    1. TLS 1.3
                                                                                                                                                                                    2. TLS Handshake Protocol
                                                                                                                                                                                      1. Full Handshake
                                                                                                                                                                                        1. Abbreviated Handshake
                                                                                                                                                                                          1. Session Resumption
                                                                                                                                                                                          2. TLS Record Protocol
                                                                                                                                                                                            1. Record Format
                                                                                                                                                                                              1. Encryption Methods
                                                                                                                                                                                              2. Cipher Suites
                                                                                                                                                                                                1. Key Exchange Algorithms
                                                                                                                                                                                                  1. Authentication Algorithms
                                                                                                                                                                                                    1. Encryption Algorithms
                                                                                                                                                                                                      1. MAC Algorithms
                                                                                                                                                                                                      2. Perfect Forward Secrecy
                                                                                                                                                                                                        1. Ephemeral Key Exchange
                                                                                                                                                                                                          1. DHE and ECDHE
                                                                                                                                                                                                        2. Hypertext Transfer Protocol Secure (HTTPS)
                                                                                                                                                                                                          1. HTTPS Operation
                                                                                                                                                                                                            1. HTTP over TLS
                                                                                                                                                                                                              1. Port 443
                                                                                                                                                                                                              2. Certificate Validation
                                                                                                                                                                                                                1. Certificate Chain Verification
                                                                                                                                                                                                                  1. Hostname Verification
                                                                                                                                                                                                                    1. Certificate Pinning
                                                                                                                                                                                                                    2. HTTPS Security Features
                                                                                                                                                                                                                      1. Encryption
                                                                                                                                                                                                                        1. Authentication
                                                                                                                                                                                                                          1. Integrity

                                                                                                                                                                                                                    Previous

                                                                                                                                                                                                                    6. Digital Signatures and Authentication Protocols

                                                                                                                                                                                                                    Go to top

                                                                                                                                                                                                                    Next

                                                                                                                                                                                                                    8. Wireless Network Security