Using Crypto to Mitigate Threats

Previous page
Table of content
Next page

Using Crypto to Mitigate Threats

There is a small set of cryptographic design concepts you can use to mitigate threats identified in your system design phase. Table 8-3 is not meant to be exhaustive, but it will give you an idea of the technologies at your disposal.

Table 8-3. Common Cryptographic Solutions to Threats

Threat

Mitigation Technique

Example Algorithms

Information disclosure

Data encryption using a symmetric cipher.

RC2, RC4, DES, 3DES, AES (was Rijndael)

Tampering

Data and message integrity using hash functions, message authentication codes, or digital signatures.

SHA-1, SHA-256, SHA-384, SHA-512, MD4, MD5, HMAC, RSA digital signatures, DSS digital signatures, XML DSig

Spoofing

Authenticate data is from the sender.

Public key certificates and digitial signatures


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2001
Pages: 286
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
CISSP Exam Cram 2
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Documenting Software Architectures: Views and Beyond
Programming Microsoft ASP.NET 3.5
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy