Difference between revisions of "IT-Security"
Jump to navigation
Jump to search
Samerhijazi (talk | contribs) (→KeyStore/TrustStore) |
Samerhijazi (talk | contribs) (→Ref.) |
||
| Line 4: | Line 4: | ||
* https://badssl.com/ | * https://badssl.com/ | ||
* https://www.learninjava.com/convert-p12-to-jks-and-pem-to-jks/ | * https://www.learninjava.com/convert-p12-to-jks-and-pem-to-jks/ | ||
| + | =hashing= | ||
| + | == Cryptographic Hash Functions (for Security & Authentication) == | ||
| + | * '''MD5''' – 128-bit hash (not secure, but still used for checksums) | ||
| + | * '''SHA-1''' – 160-bit hash (deprecated for security purposes) | ||
| + | * '''SHA-2''' (includes multiple versions): | ||
| + | ** '''SHA-224''' – 224-bit | ||
| + | ** '''SHA-256''' – 256-bit (widely used, secure) | ||
| + | ** '''SHA-384''' – 384-bit | ||
| + | ** '''SHA-512''' – 512-bit | ||
| + | * '''SHA-3''' – Modern alternative to SHA-2, available in different sizes | ||
| + | * '''BLAKE2''' – Faster and more secure than SHA-2 (BLAKE2b, BLAKE2s) | ||
| + | * '''BLAKE3''' – Even faster and more efficient than BLAKE2 | ||
| + | |||
| + | == Password Hashing Algorithms (for Secure Password Storage) == | ||
| + | * '''bcrypt''' – Adaptive hashing function with salt (widely used for passwords) | ||
| + | * '''scrypt''' – Memory-intensive, better resistance against brute-force attacks | ||
| + | * '''Argon2''' – Winner of the "Password Hashing Competition," secure and efficient | ||
| + | |||
| + | == Non-Cryptographic Hash Functions (for Fast Hashing) == | ||
| + | * '''CRC32''' – 32-bit checksum (used for file integrity checks) | ||
| + | * '''MurmurHash''' – Very fast hash function for hash tables | ||
| + | * '''CityHash''' – Optimized for speed in large datasets | ||
| + | * '''xxHash''' – Extremely fast hash function for streaming data | ||
=Cryptographic (Keys & Certificates)= | =Cryptographic (Keys & Certificates)= | ||
Revision as of 16:33, 6 March 2025
Contents
Authentication
Ref.
- https://www.learninjava.com/easy-guide-to-ssl/
- https://badssl.com/
- https://www.learninjava.com/convert-p12-to-jks-and-pem-to-jks/
hashing
Cryptographic Hash Functions (for Security & Authentication)
- MD5 – 128-bit hash (not secure, but still used for checksums)
- SHA-1 – 160-bit hash (deprecated for security purposes)
- SHA-2 (includes multiple versions):
- SHA-224 – 224-bit
- SHA-256 – 256-bit (widely used, secure)
- SHA-384 – 384-bit
- SHA-512 – 512-bit
- SHA-3 – Modern alternative to SHA-2, available in different sizes
- BLAKE2 – Faster and more secure than SHA-2 (BLAKE2b, BLAKE2s)
- BLAKE3 – Even faster and more efficient than BLAKE2
Password Hashing Algorithms (for Secure Password Storage)
- bcrypt – Adaptive hashing function with salt (widely used for passwords)
- scrypt – Memory-intensive, better resistance against brute-force attacks
- Argon2 – Winner of the "Password Hashing Competition," secure and efficient
Non-Cryptographic Hash Functions (for Fast Hashing)
- CRC32 – 32-bit checksum (used for file integrity checks)
- MurmurHash – Very fast hash function for hash tables
- CityHash – Optimized for speed in large datasets
- xxHash – Extremely fast hash function for streaming data
Cryptographic (Keys & Certificates)
- SSL & TLS are the same. SSL is the old name. TLS is the updated version of SSL.
- X.509 Certificates encoding formats and file extensions.
- (PKCS) Public Key Cryptography Standards >>> are binary files. These are the newer format of .pfx files. #12 is the 12th version of the standard.
- (PEM) Privacy Enhanced Mail >>> are text file alternative to PKCS format.
- We can use .pem for all artifacts. It is recommended to use for certificate (.cer, .crt) and for public or private keys (.key).
* Base64-ASCII: PEM >>> *.pem, *.crt, *.cer, *.key * Base64-ASCII: PKCS#7 >>> *.p7b, *.p7c * Binary: DER >>> *.der, *.cer * Binary: PKCS#12 >>> *.pfx, *.p12
KeyStore/TrustStore
- KeyStore: holds onto certificates that identify us.
- TrustStore: holds onto certificates that identify others.
- Until Java 8, the default KeyStore-Format is JKS. Since Java 9, the default KeyStore-Format is PKCS12.
- Java has bundled a TrustStore called cacerts and it resides in the $JAVA_HOME/jre/lib/security directory
* Certificate: .crt, .pem * Certificate Chain: .crt, .cer, .pem * Public Key: .key, .pem * Private Key: .key, .pem
