Kerberos

The kerberos provides a secure, single-sign-on, trusted, third party mutual authentication service. 
Kerberos is secure since it never transmits passwords over the network in clear. It is unique in its use of tickets, time-limited cryptographic messages that proves a user’s identity to a given server without sending passwords over the network.
Single-sign-on means that end user only need to log in once to access all network resources that supports kerberos. Once the user has authenticated to kerberos at the start of their login session, their credentials are transparently passed to every other resources they access during the time.
Trusted third party refers to the fact that kerberos works through a centralized authentication server that all systems in the network inherently trust. All the authentications requests are routed via centralized kerberos server.
Mutual authentication ensures that not only is the person behind the keyboard who they claims to be but also proves that the server they are communicating with is who it claims to be. Mutual authentication protects the secrets of sensitive information by ensuring that the service the user is communicating is genuine.
Advertisements

Digital Signatures

Digital Signatures :

A digital signature is used to authenticate the identity of the sender to the receiver to a limited extent in order to verify the integrity of the message. It is necessary to the sender’s public key by the prior knowledge or by trusted third party. A digital signatures is created by using the sender’s private key to hash the entire message. The recipient uses the sender’s public key to verify the integrity of the message. To sign the message, sender append their signature to the end of the message and encrypt using the recipient’s public key.

Recipient decrypt the message using their own private key and verify the sender’s identity and the integrity of the message by decrypting the sender’s digital signatures using the sender’s public key.

Digital Certificate :
It can used to verify the unaltered delivered message and the identity of the sender by the public key. A digital certificate is issued by the a known third party to bind an individual to a public key. The digital signature is digitally signed by the certification authority with it’s private key which provides the confirmation fact who it claims to be.

What is Steganography?

Basically, Steganography means of transmitting the message by hiding in any file like pictures, music, movies, or any file without changing the original file format. It happens somewhat like this.
You hide the message or the private file that you wanna send to your friend X. But it is very private, you are afraid that someone can have during the sending the file. What would you do now? It seems to be a great problem. Here is the solution you hide the file in any of the another file. Insert the file in the file. Now enter the password to encrypt the private file in the host file. The file is encrypted now. If you do open the encrypted file then the result you see is only the host file.

You cannot see the private file. Now you can send the file to your friend X. When X receives the file, He/She can open the file if and only if he know the password. He /She can extract the file without any damage. Suppose a person if receives the file or its copy in the middle he cannot access it. He only accesses the host file. He just have the host file not the file that is inside the host. 

This method of transferring the file by hiding inside the host file without changing the file type of the host file is called steganography. This method is found to be very fruitful.