From 58ad3c7c17672cacfce13734d6d9183488ba65ce Mon Sep 17 00:00:00 2001
From: Aaron Shafovaloff <ashafovaloff@instructure.com>
Date: Wed, 8 Jul 2020 07:00:32 -0600
Subject: [PATCH] WIP

---
 6.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/6.md b/6.md
index 7ac9627..03a8120 100644
--- a/6.md
+++ b/6.md
@@ -28,6 +28,8 @@
   - Weak: WEP, DES (56-bit keys)
   - Strong: PGP, AES
 - Key exchange ([James Messer](https://www.youtube.com/watch?v=5c_Yed71tvU&list=PL5ysgoFoCpZEM8cboeHdRDePc2bOU9CN1&index=122))
+  - Out-of-band key exchange. Not over the 'net. Not practical.
+  - Common to do in-band key exchange with additional encryption. "Use asymmetric encryption to deliver a symmetric key." (Messer)
 - Digital signatures
   - Sign with private key, verify with public key
   - Useful for proving integrity of message and for authenticating the source
@@ -42,6 +44,9 @@
 - Obfuscation
 - Stream vs. block ([James Messer](https://www.youtube.com/watch?v=7J2XbZNNF4A&list=PL5ysgoFoCpZEM8cboeHdRDePc2bOU9CN1&index=124))
 - Key strength ([Jason Dion](https://www.udemy.com/program/comptia-security/learn/2015076/lecture/13219766#overview))
+  - "Large keys tend to be more secure." (Messer)
+  - "128-bit or larger symmetric keys are common." (Messer)
+  - Asymmetric encryption: "Complex calculations of prime numbers. Larger keys than symmetric encryption. Common to see key lengths of 3,072 bits or larger." (Messer)
 - Session keys
 - Ephemeral key
 - Secret algorithm