From the course: Threat Modeling: Tampering in Depth

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Crypto

Crypto

From the course: Threat Modeling: Tampering in Depth

Start my 1-month free trial

Crypto

- [Instructor] The strongest defenses for integrity rely on well-implemented cryptography, despite the limitations we've discussed. A cryptographic signature is hard to forge and the integrity of the signature spans systems. If cryptographic defenses aren't feasible, not performant or the files need to change at a frequency that makes managing keys or assigning hard, then you're going to rely on something more privileged to protect you but right now, let's look at crypto. Crypto defenses against tampering are primarily focused on digital signatures, a type of cryptography that uses assymetry keys, keys which are mathematically related. One is kept secret, the other is widely available. There are also message authentication codes and authenticated encryption modes. These use a shared key, that is a symmetric one where each party to the communication has a copy of the same key. Both message authentication codes and…

Contents