Encryption - Kerberos
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
Encryption - Kerberos
by M.D.Mufambisi
::
Rate this Message:
Hi people.
I have a question on encryption. When say a sentence such as "my name is bruno" is encrypted, to say ciphertext "sakjkg6*672khkhkjhs jhkhaskh" and sent to my friend stan....who then decrypts it....back to "my name is bruno". Stan will be able to tell that he has succesfully decrypted the ciphertext because he is human and the resultant decrypted text makes sense to him right? Now in the instance of kerberos, where there are no humans but computers or services.....how does a service know that it has succesfully decrypted ciphertext? I have seen that PGP can tell that a text is succesfully decrypted. How does it do this? I hope my question is clear. Regards ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
|
|
|
Re: Encryption - Kerberos
by Edd Burgess
::
Rate this Message:
It might also be worth noting that Kerberos is not itself an encryption
method. Kerberos is an identity authentication protocol defined by a series of messages, it is built upon hash and cipher function primitives. When a ciphertext is passed over a network or a key exchange of some kind occurs, the network stack ensures end to end integrity in a variety of ways, so the decryption which happens high up the stack in the presentation layer can assume the values it is working with are what were sent to it - whether or not they are correct is not the business of the encryption layer, if you see what I mean. -Edd On Mon, October 26, 2009 16:46, Radmilo Racic wrote: > Encryption only provides a confidentiality so even a human would not > know if the text has been properly decrypted without an integrity check. In > other words, a human or a service can check a hash/MAC/digital signature > to ensure that the integrity of the text. > > Kerberos does indeed offer integrity service (optionally) through a > one-way hash that is sent along the plaintext. > > Hopefully this answers your question. > > > Cheers, > -- Radmilo > > > On Mon, Oct 26, 2009 at 9:46 AM, Radmilo Racic <rracic@...> wrote: > >> >> Encryption only provides a confidentiality so even a human would not >> know if the text has been properly decrypted without an integrity >> check. In other words, a human or a service can check a >> hash/MAC/digital signature to ensure that the integrity of the text. >> Kerberos does indeed offer integrity service (optionally) through a >> one-way hash that is sent along the plaintext. Hopefully this answers >> your question. Cheers, >> -- Radmilo >> On Sat, Oct 24, 2009 at 2:23 AM, M.D.Mufambisi <mufambisi@...> >> wrote: >> >>> >>> Hi people. >>> >>> >>> I have a question on encryption. When say a sentence such as "my name >>> is bruno" is encrypted, to say ciphertext "sakjkg6*672khkhkjhs >>> jhkhaskh" and sent to my friend stan....who then decrypts it....back >>> to "my name is bruno". Stan will be able to tell that he has >>> succesfully decrypted the ciphertext because he is human and the >>> resultant decrypted text makes sense to him right? Now in the instance >>> of kerberos, where there are no humans but computers or >>> services.....how does a service know that it has succesfully decrypted >>> ciphertext? I have seen that PGP can tell that a text is succesfully >>> decrypted. How does it do this? I hope my question is clear. >>> >>> Regards >>> >>> >>> --------------------------------------------------------------------- >>> --- >>> Securing Apache Web Server with thawte Digital Certificate >>> In this guide we examine the importance of Apache-SSL and who needs an >>> SSL certificate. We look at how SSL works, how it benefits your >>> company and how your customers can tell if a site is secure. You will >>> find out how to test, purchase, install and use a thawte Digital >>> Certificate on your Apache web server. Throughout, best practices for >>> set-up are highlighted to help you ensure efficient ongoing >>> management of your encryption keys and digital certificates. >>> >>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be >>> 442f727d1 >>> ---------------------------------------------------------------------- >>> -- >>> >>> >> > > ------------------------------------------------------------------------ > Securing Apache Web Server with thawte Digital Certificate > In this guide we examine the importance of Apache-SSL and who needs an SSL > certificate. We look at how SSL works, how it benefits your company and > how your customers can tell if a site is secure. You will find out how to > test, purchase, install and use a thawte Digital Certificate on your > Apache web server. Throughout, best practices for set-up are highlighted > to help you ensure efficient ongoing management of your encryption keys > and digital certificates. > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f > 727d1 > ------------------------------------------------------------------------ > > > ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
RE: Encryption - Kerberos
by Peter Van Eeckhoutte (corelan)
::
Rate this Message:
When it comes down to determining whether encrypted data was decrypted properly :
most API's/libraries will throw an exception when an attempt is made to decrypt something with the wrong key... So when you apply this logic into the presentation layer of the application, you can easily determine whether something was decrypted correctly or not. ____________________________________________________ Peter Van Eeckhoutte peter.ve@... ____________________________________________________ My Blog : http://www.corelan.be:8800 (IPv4 and IPv6) Twitter : http://www.twitter.com/corelanc0d3r RIPE Handle PVE50-RIPE a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums ____________________________________________________ -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of Edd Burgess Sent: dinsdag 27 oktober 2009 11:25 To: Radmilo Racic Cc: M.D.Mufambisi; security-basics; pen-test@... Subject: Re: Encryption - Kerberos It might also be worth noting that Kerberos is not itself an encryption method. Kerberos is an identity authentication protocol defined by a series of messages, it is built upon hash and cipher function primitives. When a ciphertext is passed over a network or a key exchange of some kind occurs, the network stack ensures end to end integrity in a variety of ways, so the decryption which happens high up the stack in the presentation layer can assume the values it is working with are what were sent to it - whether or not they are correct is not the business of the encryption layer, if you see what I mean. -Edd On Mon, October 26, 2009 16:46, Radmilo Racic wrote: > Encryption only provides a confidentiality so even a human would not > know if the text has been properly decrypted without an integrity check. In > other words, a human or a service can check a hash/MAC/digital signature > to ensure that the integrity of the text. > > Kerberos does indeed offer integrity service (optionally) through a > one-way hash that is sent along the plaintext. > > Hopefully this answers your question. > > > Cheers, > -- Radmilo > > > On Mon, Oct 26, 2009 at 9:46 AM, Radmilo Racic <rracic@...> wrote: > >> >> Encryption only provides a confidentiality so even a human would not >> know if the text has been properly decrypted without an integrity >> check. In other words, a human or a service can check a >> hash/MAC/digital signature to ensure that the integrity of the text. >> Kerberos does indeed offer integrity service (optionally) through a >> one-way hash that is sent along the plaintext. Hopefully this answers >> your question. Cheers, >> -- Radmilo >> On Sat, Oct 24, 2009 at 2:23 AM, M.D.Mufambisi <mufambisi@...> >> wrote: >> >>> >>> Hi people. >>> >>> >>> I have a question on encryption. When say a sentence such as "my name >>> is bruno" is encrypted, to say ciphertext "sakjkg6*672khkhkjhs >>> jhkhaskh" and sent to my friend stan....who then decrypts it....back >>> to "my name is bruno". Stan will be able to tell that he has >>> succesfully decrypted the ciphertext because he is human and the >>> resultant decrypted text makes sense to him right? Now in the instance >>> of kerberos, where there are no humans but computers or >>> services.....how does a service know that it has succesfully decrypted >>> ciphertext? I have seen that PGP can tell that a text is succesfully >>> decrypted. How does it do this? I hope my question is clear. >>> >>> Regards >>> >>> >>> --------------------------------------------------------------------- >>> --- >>> Securing Apache Web Server with thawte Digital Certificate >>> In this guide we examine the importance of Apache-SSL and who needs an >>> SSL certificate. We look at how SSL works, how it benefits your >>> company and how your customers can tell if a site is secure. You will >>> find out how to test, purchase, install and use a thawte Digital >>> Certificate on your Apache web server. Throughout, best practices for >>> set-up are highlighted to help you ensure efficient ongoing >>> management of your encryption keys and digital certificates. >>> >>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be >>> 442f727d1 >>> ---------------------------------------------------------------------- >>> -- >>> >>> >> > > ------------------------------------------------------------------------ > Securing Apache Web Server with thawte Digital Certificate > In this guide we examine the importance of Apache-SSL and who needs an SSL > certificate. We look at how SSL works, how it benefits your company and > how your customers can tell if a site is secure. You will find out how to > test, purchase, install and use a thawte Digital Certificate on your > Apache web server. Throughout, best practices for set-up are highlighted > to help you ensure efficient ongoing management of your encryption keys > and digital certificates. > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f > 727d1 > ------------------------------------------------------------------------ > > > ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
RE: Encryption - Kerberos
by Ryan Thomas-4
::
Rate this Message:
Sender: Hash plaintext, Encrypt plaintext, send encrypted text plus hash to recipient.
Recipient: Decrypt text, hash decrypted text, compare resulting hash to hash from sender. They should be the same, if not, something went wrong. -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of Edd Burgess Sent: Tuesday, October 27, 2009 3:25 AM To: Radmilo Racic Cc: M.D.Mufambisi; security-basics; pen-test@... Subject: Re: Encryption - Kerberos It might also be worth noting that Kerberos is not itself an encryption method. Kerberos is an identity authentication protocol defined by a series of messages, it is built upon hash and cipher function primitives. When a ciphertext is passed over a network or a key exchange of some kind occurs, the network stack ensures end to end integrity in a variety of ways, so the decryption which happens high up the stack in the presentation layer can assume the values it is working with are what were sent to it - whether or not they are correct is not the business of the encryption layer, if you see what I mean. -Edd On Mon, October 26, 2009 16:46, Radmilo Racic wrote: > Encryption only provides a confidentiality so even a human would not > know if the text has been properly decrypted without an integrity check. In > other words, a human or a service can check a hash/MAC/digital signature > to ensure that the integrity of the text. > > Kerberos does indeed offer integrity service (optionally) through a > one-way hash that is sent along the plaintext. > > Hopefully this answers your question. > > > Cheers, > -- Radmilo > > > On Mon, Oct 26, 2009 at 9:46 AM, Radmilo Racic <rracic@...> wrote: > >> >> Encryption only provides a confidentiality so even a human would not >> know if the text has been properly decrypted without an integrity >> check. In other words, a human or a service can check a >> hash/MAC/digital signature to ensure that the integrity of the text. >> Kerberos does indeed offer integrity service (optionally) through a >> one-way hash that is sent along the plaintext. Hopefully this answers >> your question. Cheers, >> -- Radmilo >> On Sat, Oct 24, 2009 at 2:23 AM, M.D.Mufambisi <mufambisi@...> >> wrote: >> >>> >>> Hi people. >>> >>> >>> I have a question on encryption. When say a sentence such as "my name >>> is bruno" is encrypted, to say ciphertext "sakjkg6*672khkhkjhs >>> jhkhaskh" and sent to my friend stan....who then decrypts it....back >>> to "my name is bruno". Stan will be able to tell that he has >>> succesfully decrypted the ciphertext because he is human and the >>> resultant decrypted text makes sense to him right? Now in the instance >>> of kerberos, where there are no humans but computers or >>> services.....how does a service know that it has succesfully decrypted >>> ciphertext? I have seen that PGP can tell that a text is succesfully >>> decrypted. How does it do this? I hope my question is clear. >>> >>> Regards >>> >>> >>> --------------------------------------------------------------------- >>> --- >>> Securing Apache Web Server with thawte Digital Certificate >>> In this guide we examine the importance of Apache-SSL and who needs an >>> SSL certificate. We look at how SSL works, how it benefits your >>> company and how your customers can tell if a site is secure. You will >>> find out how to test, purchase, install and use a thawte Digital >>> Certificate on your Apache web server. Throughout, best practices for >>> set-up are highlighted to help you ensure efficient ongoing >>> management of your encryption keys and digital certificates. >>> >>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be >>> 442f727d1 >>> ---------------------------------------------------------------------- >>> -- >>> >>> >> > > ------------------------------------------------------------------------ > Securing Apache Web Server with thawte Digital Certificate > In this guide we examine the importance of Apache-SSL and who needs an SSL > certificate. We look at how SSL works, how it benefits your company and > how your customers can tell if a site is secure. You will find out how to > test, purchase, install and use a thawte Digital Certificate on your > Apache web server. Throughout, best practices for set-up are highlighted > to help you ensure efficient ongoing management of your encryption keys > and digital certificates. > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f > 727d1 > ------------------------------------------------------------------------ > > > ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
| Free embeddable forum powered by Nabble | Forum Help |
