From the course: Threat Modeling: Repudiation in Depth
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Cryptographic defenses
From the course: Threat Modeling: Repudiation in Depth
Cryptographic defenses
- [Instructor] Let's distinguish digital signatures from electronic ones. Both are ways to sign things. An electronic signature is what a website does to make a cheesy little graphic version of your signature. A digital signature uses public key cryptography and in that sense, the use of a digital signature with public key cryptography is a mathematically unambiguous statement. This private key was used in a mathematical operation on this document. We use RSA and other asymmetric algorithms for this and call it a signature and in many ways, it's very strong non-repudiation. It's often done with a hash of the document or message. A cryptographic hash is a function that's designed to be easy to compute and hard to predict. Any change to the input should permute the entire output. It's sometimes called a one-way function or a trap door to capture that one-way nature. A hash takes any amount of input and produces a…