calofmijuck/blog
1
0
Fork 0
mirror of https://github.com/calofmijuck/blog.git synced 2025-12-06 14:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: adds palatino font family for English inside posts (#87)

Browse Source 
* [PUBLISHER] upload files #85

* PUSH NOTE : 01. Security Introduction.md

* PUSH ATTACHMENT : is-01-cryptosystem.png

* [PUBLISHER] upload files #86

* PUSH NOTE : 01. Security Introduction.md

* PUSH ATTACHMENT : is-01-cryptosystem.png

* feat: font style to palatino
This commit is contained in:
Sungchan Yi
2023-09-13 13:35:16 +09:00
committed by GitHub
parent 8880a4da51
commit fbe6b3fdd2
2 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
_posts/Lecture Notes/Internet Security/2023-09-10-security-intro.md
View File

@@ -149,7 +149,7 @@ There are many ways of achieving security.
## Cryptography
> **Cryptography** is the study of mathematical techniques for securing digital information, systems, and distributed computations against adversarial attacks.^[J. Katz, Introduction to Modern Cryptography]
> **Cryptography** is the study of mathematical techniques for securing digital information, systems, and distributed computations against adversarial attacks.[^1]
**Cryptanalysis** is the study of methods for obtaining the meaning of encrypted information without access to the key.
@@ -183,7 +183,7 @@ There are two choices to achieve the security of a cryptosystem.
But in real life, we use the second method and keep the key secret.
> The cipher method must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience.^[J. Katz, Introduction to Modern Cryptography]
> The cipher method must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience.[^1]
**Kerckhoffs' principle** demands that *security rely solely on the secrecy of the key*. Even if everything about the system is publicly known, except for the key.
@@ -199,7 +199,7 @@ Why? Here are some of the arguments in favor of Kerckhoffs' principle.
## Threat Modeling
What should we consider when we are building secure systems? We should consider what attacks are possible. **Threat modeling** is the process of systematically identifying the threats faced by a system.
What should we consider when we are designing secure systems? We should consider what attacks are possible. **Threat modeling** is the process of systematically identifying the threats faced by a system.
1. Identify the values of assets.
2. Enumerate the *attack surfaces*.
@@ -256,3 +256,5 @@ For blocking eavesdroppers, one could apply HTTPS everywhere or use a VPN. But i
- Applying strong password is not very costly.
- How likely is the attack?
- Attacks from FBI are very unlikely for an average person.
[^1]: J. Katz, Introduction to Modern Cryptography