Wednesday, January 22, 2020

Encoding, encryption, and hashing



Encoding is used for integrity. It ensures the integrity of data when it is transferred through network and systems. It is not actually a security function. It is easily reversible.

Encryption is defined for confidentiality of data or traffic. It is only reversible if you have appropriate keys.

Hashing is a one way operation and output is at a fixed size. Hashing can be used in order to provide message integrity. It is also used for storing passwords in database. Storing hashed password is more secure than storing clear text.

TLS/SSL Vulnerabilities

POODLE:  The SSL 3.0 vulnerability is in the Cipher Block Chaining (CBC) mode. Block ciphers require blocks of fixed length. If data in th...