Communication Security (Cryptography, Digital Signatures & PKI)
Chapter notes, video classes, MCQ practice tests and quick-revision one-liners for Information Technology and Digital Banking (Elective) — CAIIB.
One-liners from this chapter
Free sample — 8 of 190 rapid-fire Q&A cards.
Confidentiality — What it guarantees over the wire / Primary cryptographic primitive?
What it guarantees over the wire: Only the intended recipient can read the bytes; Primary cryptographic primitive: Encryption (AES-256 symmetric, RSA/ECC asymmetric)
Integrity — What it guarantees over the wire / Primary cryptographic primitive?
What it guarantees over the wire: The bytes received are bit-for-bit what was sent; Primary cryptographic primitive: Hashing (SHA-256/3) + MAC / HMAC
Availability — What it guarantees over the wire / Primary cryptographic primitive?
What it guarantees over the wire: The channel is usable when needed; Primary cryptographic primitive: DDoS mitigation, redundancy, BGP-anycast, scrubbing
Authenticity — What it guarantees over the wire / Primary cryptographic primitive?
What it guarantees over the wire: The sender is the claimed party (not an imposter); Primary cryptographic primitive: Digital signature + X.509 certificate + PKI
Non-repudiation — What it guarantees over the wire / Primary cryptographic primitive?
What it guarantees over the wire: The sender cannot later deny having sent the message; Primary cryptographic primitive: Digital signature + tamper-evident audit log (IT Act 2000 Sec. 3 / 3A)
Eavesdropping / Sniffing — What the adversary does / Bank-specific impact / Primary defence?
What the adversary does: Passive capture of packets on a shared LAN, Wi-Fi or fibre-tap; Bank-specific impact: CBS replication, telnet to switch, branch Wi-Fi credentials stolen; Primary defence: End-to-end encryption (TLS 1.3) + switch-port security
Man-in-the-Middle (MITM) — What the adversary does / Bank-specific impact / Primary defence?
What the adversary does: Inserts itself between two parties, decrypts/modifies/re-encrypts; Bank-specific impact: Internet-banking session, e-mail re-routing, SWIFT impersonation; Primary defence: Mutual TLS, certificate pinning, HSTS pre-load, DNSSEC
Replay attack — What the adversary does / Bank-specific impact / Primary defence?
What the adversary does: Captures a valid message and re-sends later; Bank-specific impact: Re-running a NEFT debit, re-claiming an OTP; Primary defence: Timestamp + nonce, sequence numbers, IPSec anti-replay window
MCQ practice tests
Chapter-wise mock tests with instant scoring.
PDF study notes
More chapters in Module D - Banking Applications & Digital Banking
Master the full ITDB syllabus
Every chapter of Information Technology and Digital Banking (Elective) — videos, tests, notes and one-liner decks in one place.