Lesson Notes
Encryption
Module 1: Foundations. Pure theory—encryption fundamentals, symmetric vs asymmetric, TLS/HTTPS, protecting data in transit, how encryption defeats MITM. Builds on MFA and first line of defence.
Module 1: Foundations — Encryption
This lesson is pure theory—no labs or commands. Encryption protects data so that only the intended recipient can read it. On the network, TLS/HTTPS ensures that a MITM sees ciphertext, not plaintext credentials or data.
1. Why Encryption Is Needed
The network is untrusted. A MITM on the path can sniff unencrypted traffic (e.g. HTTP). Encryption provides confidentiality (only endpoints can read the data) and integrity (tampering can be detected). Without encryption, passwords and sensitive data sent in the clear can be captured and abused.
2. Symmetric vs Asymmetric Encryption
Symmetric encryption uses one key to encrypt and decrypt (e.g. AES-256); it is fast for bulk data. Asymmetric encryption uses a public key to encrypt and a private key to decrypt (RSA, ECDH); it is used for key exchange and digital signatures. In TLS, the client and server use asymmetric crypto to agree on a symmetric session key, then use that key to encrypt application data.
3. TLS/HTTPS Handshake (Simplified)
(1) Client Hello with supported ciphers. (2) Server Hello and certificate so the server proves its identity (CA-signed). (3) Key exchange (e.g. ephemeral Diffie-Hellman) to derive a session key—Perfect Forward Secrecy means past sessions cannot be decrypted if the key is later compromised. (4) Application data encrypted with an AEAD cipher (e.g. AES-GCM). On HTTP the victim might send pass=secret in the clear; on HTTPS the same data is ciphertext and a MITM cannot use it.
4. Common Pitfalls and Best Practices
Weak or deprecated ciphers (e.g. RC4, SSLv3) are broken or vulnerable (e.g. POODLE). Missing HSTS can allow downgrade to HTTP. Self-signed certificates have no CA trust; users often click through warnings. Use TLS 1.2 or 1.3, strong ciphers, and HSTS. On public Wi-Fi, a VPN (e.g. IPsec, WireGuard) encrypts the whole stack.
Key Takeaway for Lesson 5
Encryption protects data in transit so that a MITM sees ciphertext. TLS/HTTPS is the standard for web traffic; use it everywhere. Next: history of encryption and how we got to modern standards.