> For the complete documentation index, see [llms.txt](https://chunhthanhde.gitbook.io/google-learning-programs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://chunhthanhde.gitbook.io/google-learning-programs/google-it-support-professional-certificate/course-5-it-security-defense-against-the-digital-dark-arts/module-2-pelcgbybtl-cryptology/4.cryptography-applications/3.cryptography-in-action.md). # Cryptography in Action 🔒💻 ## **HTTPS and TLS** 🌐🔐 * **HTTPS**: * Secure version of HTTP (Hypertext Transfer Protocol). * Utilizes SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to encrypt HTTP traffic. * Ensures encrypted communication over the internet, protecting data from eavesdroppers, verifying both parties, and maintaining data integrity. * **TLS**: * A protocol for secure communications beyond just web browsing (e.g., VoIP calls, email, instant messaging, Wi-Fi security). * **Functions**: 1. **Secure Communication**: Protects data from potential eavesdroppers. 2. **Authentication**: Verifies the identity of communicating parties (typically the server to the client). 3. **Integrity**: Ensures messages are not lost or altered in transit. * **TLS Handshake**: * **ClientHello**: Client initiates connection with supported TLS version and cipher suites. * **ServerHello**: Server responds with selected protocol version and cipher suite, transmits its digital certificate. * **Certificate Validation**: Client checks the server's certificate for validity and hostname. * **ClientKeyExchange**: Establishes a shared secret for symmetric encryption. * **ChangeCipherSpec**: Signals the switch to secure communication. * **Finished Messages**: Verifies successful completion of the handshake and secure channel establishment. * **Forward Secrecy**: * Ensures session keys remain secure even if private keys are compromised. ## **SSH (Secure Shell)** 🔐🖥️ * **Overview**: * Secure network protocol for accessing network services over unsecured networks. * Commonly used for remote command-line login. * Replaces unsecured protocols like Telnet, rlogin, and rexec. * **Features**: * Uses public key cryptography for remote machine authentication. * Supports various key exchange mechanisms and symmetric encryption ciphers. * Can tunnel arbitrary network ports and traffic over the encrypted channel. * **Public Key Authentication**: * User generates a key pair, distributing the public key to systems for authentication. * SSH verifies the public key against the private key, which remains secure with the user. ## **PGP (Pretty Good Privacy)** 📧🔐 * **Overview**: * An encryption application for authenticating data and ensuring privacy. * Commonly used for encrypted email, disk encryption, and file protection. * Developed by Phil Zimmermann in 1991 as a tool for secure communications among activists. * **Historical Context**: * Faced legal challenges due to U.S. export restrictions on encryption technology. * Zimmermann creatively challenged restrictions by publishing the source code in a printed book, protected by the First Amendment. * Investigation closed in 1996 without charges. * **Security**: * Highly secure, comparable to military-grade encryption. * Historically used RSA algorithm, later replaced by DSA to avoid licensing issues. 🔒🗝️ --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://chunhthanhde.gitbook.io/google-learning-programs/google-it-support-professional-certificate/course-5-it-security-defense-against-the-digital-dark-arts/module-2-pelcgbybtl-cryptology/4.cryptography-applications/3.cryptography-in-action.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.