加密:分为对称加密和非对称加密;讨论非对称加密算法的作用:加密、认证、以及密钥分发
Symmetric encryption occurs when the same key is used for both encryption and decryption, as Figure . This key is called the shared key or session key.
非对称加密算法:
uses Bob’s public key to ensure that only Bob,the intended recipient, can read the message. Because every entity has Bob’s public key, they can use it to encrypt the message. Only Bob has its private key, however, so only he can decrypt the cipher text to receive the original message.
——————————————————————————————————
非对称加密算法的局限性
Although this application of asymmetric encryption is perfectly valid, it suffers from low performance compared to symmetric-encryption algorithms. It is seldom used to encrypt bulk messages; instead, it encrypts a shared key sent from Alice to Bob. This shared key is further used to symmetrically encrypt the bulk of data.
This is a way to achieve key distribution—for example, TLS uses it.
非对称加密算法相比对称加密算法加密实际数据有很低的性能问题,非对称加密算法只用于认证和密钥交换。PKI是基于非对称加密算法,包含数字证书和数字签名,通常用于CA public (CA从适用范围分为public,private,private一般是企业在使用),也就是基于网页浏览器,当然如果企业部署了PKI,在使用一些安全技术的时候比如ipsec *** 或者dot1.x的时候。对于密钥分发,是因为加密实际数据是用到对称加密算法,而对称加密算法的share key是在两个实体中如何获得,就是通过非对称加密算法中的DH组交换。
————————————————————————————————————————————
在PKI的基础原理里谈到了私密性、完整性、真实性、不可否认性
基于非对称加密算法的PKI就可以达到如下:真实性、不可否认性,以及认证。原因如下:
一个实体有CA的公钥,发送者发过来的数字证书由接受者用CA的公钥进行解密,得到一份由CA私钥签名的数字签名和一份发送者得公钥。注意CA只是维护的一份信任关系。此时接受者用收到的公钥加密share key发送给发送者,从而达到了share 可以的交换。而数字签名也到了真实性。不可否认性是实体在向CA注册的时候,CA必须严格审核实体的资格,然后颁发全球唯一的数字证书和数字签名。也就达到了不可否认性。那么由同一个CA颁发的证书,实体之间就有了信任关系。他们都相信CA。好比父母的两个孩子之间的信任关系是基于父母的血缘关系一样。下面是cisco 给的解释。
Because Alice cannot repudiate the computation (only Alice has her private key), this is called a signature. This completely differs from the symmetric cryptosystems, where HMAC can be repudiated.这里的HMAC是message+key的hash值,key是做认证用。
The recipient can then compute the hash of the received message and decrypt the received encrypted hash. If both the computed and the decrypted hashes are identical, there’s reasonable proof of 。接受者可以计算发送者发来的message hash值,并且将加密后的hash值进行解密。如果两个相等。下面这个图和上面的图的区别
? Authentication. Only the owner of the private key, which encrypted the original hash,could have encrypted it. Hence, the originator cannot repudiate his message.只有私钥拥有者才拥有私钥,用私钥加密的hash值,那么就达到了不可否认性。
? Integrity. If the message itself was altered before it reached the recipient, the computed hash would differ from the decrypted one. This would indicate alteration.
Because alteration is detectable, the message is transmitted with integrity.
————————————————————————————————————————————
Key Distribution and Certificates
With asymmetric cryptosystems, key distribution is easier to secure—only the public key of every entity must be distributed, and these are public keys. (Everyone can safely access them without breaching the system.)
The remaining issue is to ensure that Bob’s public key is truly Bob’s public key and not a hacker’s public key. Otherwise, Alice encrypts her message to Bob with a hacker’s public key, and a hacker easily decrypts Alice’s message with his own private key.
The binding of the public key to its owner involves using digital certificates. A digital certificate, typically under the ITU-T X.509 version 3 format, is a small piece of data that contains Bob’s public key and Bob’s name; this piece of data is further digitally signed by an entity trusted by Alice, Bob, and all other entities. This trusted entity is called the certification authority (CA), and it’s the issuer of the certificate.
这段话得意思是如何确保我接受到的确实是发现者的公钥,而不是***伪造的。解决方案就是发送者得公钥是和数字证书绑定在一起的,数字证书内容包含了发送者得公钥、名字等。第三方的机构也就是CA将一些message进行hash后的用自己的私钥进行加密,得到一个数字签名,CA也就是证书的发行者。