Lecture on network secutiry and the theory of public key
(Chapter 3 of Textbook)
Secrect Key
*a key for encryption is also for decryption
*fast encryption and decryption
*problem with key distribution
*problem with keeping many keys
Public Key
*private key and public key
*public usually posted on an open directory
*private key must be kept in absolute private to oneself
*good for encryption and signature
Hash function
*fixed length of 128 or 256 bits
*fingerprint
do Lab Hash
Digital Signature
* privated key encrypted fingerprint of a plain text
*transmitted along with the plain text for verification
Man-in-the-middle attack
Digital Certificate
* Public Key signed with Certificate Authority
SSL (Secure Socket Layer)
* Using Digital Certificate, Digital Signature, Public Key Encryption, Hash (Message Digest)
* Instead of encrypting the sender's original text, only the session key generated by the sender is encrypted by the receiver's public key.
* The session key is valid throughout a session and not any longer.
* SSL is proposed by Netscape, Inc.
* https is actually http enhanced by SSL. https uses port 443 while http uses port 80.
範圍: 課本Chap. 3
訂閱:
張貼留言 (Atom)
沒有留言:
張貼留言