encrypted message such as encrypt a plaintext to prevent from unauthorized access.

example : 'Hello' -> 'Khoor'

individual who specializes in practice and study of techniques to secure communication and data
protection

example : design and analyze cryptographic systems, algorithms, and protocols to ensure the
confidentiality, integrity, and authenticity of information.

a professional person who is practice of analyzing and breaking cryptographic systems to understand
their vulnerabilities.

example : they must find the pattern to decrypt the data

set of algorithms and protocols designed to secure communication and protect the confidentiality,
integrity, and authenticity of information.

example : RSA algorithm

Confidentiality - to keep the data secret

Authentication - preventing unauthorized access and impersonation.
Integrity - message cannot be altered
Non-repudiable - Only sender could have created the message
malicious activities perform when certain conditions are met

make sure your software is updated and don't download any file from unknown page

hidden entry points that allows unauthorized user access the system

use two-factor-authentication to reduce the risk of unauthorized access

replicate itself and exploiting security vulnerabilities in the system

use anti-virus software and make sure it is updated

threat of disrupting the availability of computer systems

EXAMPLE : Denial of Service (DoS) attack

unauthorized access to monitoring of communication between two parties.

EXAMPLE : An attacker intercepts on unencrypted Wi-Fi between a user's device and a router

unauthorized manipulation of data during storage or transmission

EXAMPLE : A hacker gains access to a database

creation of false data or objects

EXAMPLE : A hacker fabricates fake login and attempts to gain

unauthorized access to a system
columnar : tulis key pastu
letak nombor mana yang
huruf yang datang dulu

vernam : ikut huruf

resistance to cryptanalysis - resistant to various cryptanalysis techniques.

versatility - can be used for any type of data, symmetric key algorithm suitable for encrypting binary data

modern cryptographic - still relevant in the concept of the one-time pad

1. DIGITAL SIGNATURE
2. PASSWORD STORAGE
3. EMAIL AUTHENTICATION
stream ciphers block cipher
- more complex - simple
- uses only confusion - uses confusion and diffusion
- fast - slow
- less secure when the same key used multiple times - more secure even the same key is used multiple times
uses higher length key sizes

most widely used commercial and open source solutions

most secure security protocol as it is implemented in both hardware and software.

easy to implement
1 x 12
2x6
3x4
4x3
5x?

e=5

cari sampai dapat nombor bulat

m^e mod n
11^5 mod 21

c=2

c^d mod n

2^5 mod 21

= 11
-Physical Layer (Layer 1):

Security Precautions:
Restricted Access: Control physical access to networking equipment, data centers, and other critical infrastructure.
Surveillance: Implement surveillance systems to monitor physical security.
Environmental Controls: Ensure environmental controls (temperature, humidity) to prevent hardware damage.

-Data Link Layer (Layer 2):

Security Precautions:
MAC Address Filtering: Restrict access based on MAC addresses to prevent unauthorized devices from connecting to
the network.
VLAN Segmentation: Use Virtual LANs to segregate network traffic and improve security.
Port Security: Limit the number of MAC addresses that can be connected to a switch port.

-Network Layer (Layer 3):

Security Precautions:
Firewalls: Implement firewalls to control incoming and outgoing traffic.
Intrusion Detection and Prevention Systems (IDPS): Monitor network traffic for suspicious activities and take action
accordingly.
Virtual Private Network (VPN): Use VPNs for secure remote access and encrypted communication over the internet.

-Transport Layer (Layer 4):

Security Precautions:
Transport Layer Security (TLS): Encrypt data in transit using protocols like HTTPS for web traffic.
Secure Socket Layer (SSL): Ensure secure communication for applications that use SSL/TLS.
Access Control Lists (ACLs): Use ACLs to control access at the transport layer.\

-Session Layer (Layer 5):

Security Precautions:
Session Tokens: Use secure session tokens for authentication and authorization.
Session Timeout: Implement session timeouts to automatically log out inactive users.
Secure Cookies: Ensure secure handling of session cookies to prevent session hijacking.

-Presentation Layer (Layer 6):

Security Precautions:
Data Encryption: Implement encryption and encoding techniques for secure data presentation.
Secure File Formats: Use secure file formats to prevent vulnerabilities related to file parsing.
Content Security Policies: Implement security policies to control the types of content that can be displayed.

-Application Layer (Layer 7):

Security Precautions:
Authentication Mechanisms: Implement strong user authentication mechanisms.
Authorization Controls: Enforce proper access controls to restrict user permissions.
Regular Software Updates: Keep applications and software up-to-date to patch vulnerabilities.