Information Security Resources

Entries for the ‘Cryptography’ Category

How to Generate a Digital Certificate for S/MIME (Secure MIME) email Communication

For most S/MIME compatible email clients, you must obtain a PKCS12 format certificate before you can upload your private key and/or others’ public key for secure email communication. The first way you can do this is, of course, to apply such a certificate from a trusted Certificate Authority (CA), such as VeriSign. But can you […]

Leave a Comment

Public Key Infrastructure: Using Self Generated Public and Private Key Pairs to communicate Without PKI

Can we use self generated Public and Private Keys to communicate without Public Key Infrastructure? Originally, you can use PGP (Pretty Good Privacy) freeware to communicate freely. PGP freeware can be downloaded here: However, since they have recently taken down the freeware for the Windows platform, I’ll show you how to use another piece […]

Leave a Comment

How to Use TrueCrypt (USB Data Encryption) on a Computer without Administrative Rights

Referring to my post about TrueCrypt, I mentioned a disadvantage of using this software — you cannot use it on a computer without administrative rights. Actually, there is a third-party GUI interface program that can be run on a computer without administrator rights, and you are still able to access the container file of TrueCrypt […]

Comments (1)

Public Key Infrastructure: Certificate Authority and Its Role in PKI: An Example

Public Key Infrastructure is also named PKI. What is the role of Certificate Authority in PKI? Before we talk on this, let’s discuss the term “trust”. The operation of Public Key Infrastructure strongly depends on “trust”.  And this is also related to the application of asymmetric cryptography technique. To illustrate this, let’s suppose Bob wants […]

Comments (1)

Hide Information in a Picture File? Yes, Using Steganography

The term steganography refers to the technique of hiding information within a certain “writings” or anything transmitted with your communication system in such a way that no one other than the intended recipient knows there is a hidden message. This technique differs from cryptography, which encrypts the message in order to prevent someone from gaining […]

Leave a Comment

USB Data Encryption and Decryption on a Computer without Administrator Rights?

As I promised in the post about a data encryption utility called TrueCrypt, I am going to show you another utility that can be used to encrypt portable data on a USB drive. Unlike TrueCrypt, in which you must have administrative rights to activate the program for accessing the encrypted data, this program allows you […]

Comments (1)

How to Keep your Portable Data from Being Stolen

Do you worry about your data from being stolen if you lost your USB thumb drive or other portable data storage? Here is a free solution. Try TrueCrypt. TrueCrypt is an open sourced project providing a simple solution to encrypt your USB data (or actually data in any other movable or internal storage of your […]

Comments (9)

Cryptography – Revisited

Cryptography, or cryptology, derived from the Greek words for “hidden” writing or speaking, is the practice and study of hiding information. Until modern times, cryptography referred almost exclusively to encryption, the process of converting ordinary information (plain text) into unintelligible gibberish (confidentiality). Cryptography is now considered to be a branch of both mathematics and computer […]

Leave a Comment

XOR and the One-Time Pad

Some of my students have asked why we always use XOR (Exclusive OR) in encrypting plaintext into ciphertext. To answer this question, please take a look first at the output of the various combinations of inputs for XOR function. Input A Input B A XOR B 1 1 0 1 0 1 0 1 1 […]

Leave a Comment

DNS – Domain name system security issues

Domain Name System (DNS) is the magical ability of Internet hosts to translate the machine-readable IP address numbers like to something meaningful to humans, like A sophisticated hierarchical database system in the Internet is required to accomplish this task. One of the core components of that system is the DNS server, which serves […]

Leave a Comment