WIP

6.md

@@ -28,6 +28,8 @@
   - Weak: WEP, DES (56-bit keys)
   - Strong: PGP, AES
 - Key exchange ([James Messer](https://www.youtube.com/watch?v=5c_Yed71tvU&list=PL5ysgoFoCpZEM8cboeHdRDePc2bOU9CN1&index=122))
+  - Out-of-band key exchange. Not over the 'net. Not practical.
+  - Common to do in-band key exchange with additional encryption. "Use asymmetric encryption to deliver a symmetric key." (Messer)
 - Digital signatures
   - Sign with private key, verify with public key
   - Useful for proving integrity of message and for authenticating the source
@@ -42,6 +44,9 @@
 - Obfuscation
 - Stream vs. block ([James Messer](https://www.youtube.com/watch?v=7J2XbZNNF4A&list=PL5ysgoFoCpZEM8cboeHdRDePc2bOU9CN1&index=124))
 - Key strength ([Jason Dion](https://www.udemy.com/program/comptia-security/learn/2015076/lecture/13219766#overview))
+  - "Large keys tend to be more secure." (Messer)
+  - "128-bit or larger symmetric keys are common." (Messer)
+  - Asymmetric encryption: "Complex calculations of prime numbers. Larger keys than symmetric encryption. Common to see key lengths of 3,072 bits or larger." (Messer)
 - Session keys
 - Ephemeral key
 - Secret algorithm