- Portions of this software may use public key algorithms described in U.S. - Patent numbers and licensed exclusively by Public Key Partners. - Public key cryptography. - Public key tampering. - You publish your public key to the world while keeping your private key secret. - Anyone with a copy of your public key can then encrypt information that only you can read. - It is computationally infeasible to deduce the private key from the public key.. - Anyone who has a public key can encrypt information but cannot decrypt it.. - Public key encryption. - The primary benefit of public key cryptography is that it allows people who have no preexisting security arrangement to exchange messages securely. - Some examples of public-key cryptosystems are Elgamal (named for its inventor, Taher Elgamal), RSA (named for its. - Public key encryption is the technological revolution that provides strong cryptography to the adult masses. - Remember the courier with the locked briefcase handcuffed to his wrist? Public-key encryption puts him out of business (probably to his relief).. - public key private key. - PGP combines some of the best features of both conventional and public key cryptography. - Once the data is encrypted, the session key is then encrypted to the recipient’s public key. - This public key-encrypted session key is transmitted along with the ciphertext to the recipient.. - with public key. - The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption.. - Conventional encryption is about 1,000 times faster than public key encryption. - Public key encryption in turn provides a solution to key distribution and data transmission issues. - In public key cryptography, the bigger the key, the more secure the ciphertext.. - However, public key size and conventional cryptography’s secret key size are totally unrelated. - A conventional 80-bit key has the equivalent strength of a 1024-bit public key. - A conventional 128-bit key is equivalent to a 3000-bit public key. - While the public and private keys are related, it’s very difficult to derive the private key given only the public key. - A major benefit of public key cryptography is that it provides a method for employing digital signatures. - Thus, public key digital signatures provide authentication and data integrity. - private key public key. - One issue with public key cryptosystems is that users must be constantly vigilant to ensure that they are encrypting to the correct person’s key. - In a public key environment, it is vital that you are assured that the public key to which you are encrypting data is in fact the public key of the intended recipient and not a forgery. - A digital certificate is information included with a person’s public key that helps others verify that a key is genuine or valid. - A public key.. - it vouches only that the signed identity information goes along with, or is bound to, the public key.. - Every user in a public key system is vulnerable to mistaking a phony key (certificate) for a real one. - Validity is confidence that a public key certificate belongs to its purported owner. - Validity is essential in a public key. - You could require your intended recipient to physically hand you a copy of his or her public key. - Any PGP user can validate another PGP user’s public key certificate. - PGP assumes that if you own the private key, you must trust the actions of its related public key. - There are three levels of trust you can assign to someone else’s public key:. - In a public key cryptosystem, you don’t have to protect public keys from exposure. - But it’s important to protect public keys from tampering, to make sure that a public key really belongs to the person to whom it appears to belong. - This may be the most important vulnerability of a public key cryptosystem. - You download Alice’s public key certificate from an electronic bulletin board system (BBS). - He covertly substitutes his bogus key in place of Alice’s real public key. - You unwittingly use this bogus key belonging to Charlie instead of Alice’s public key. - Furthermore, he can even make apparently good signatures from Alice with this private key because everyone will use the bogus public key to check Alice’s signatures.. - If you got Alice’s public key directly from Alice, this is no problem. - Perhaps you could get Alice’s public key from a mutually trusted friend, David, who knows he has a good copy of Alice’s public key. - David could sign Alice’s public key, vouching for the integrity of Alice’s public key. - This would create a signed public key certificate, and would show that Alice’s key had not been tampered with. - This requires that you have a known good copy of David’s public key to check his signature. - Perhaps David could provide Alice with a signed copy of your public key also. - This signed public key certificate for Alice could be uploaded by David or Alice to the BBS, and you could download it later. - You could then check the signature via David’s public key and thus be assured that this is really Alice’s public key. - “introducing” users to each other by providing signatures for their public key certificates. - Any public key certificates bearing the Certifying Authority’s signature could be trusted as truly belonging to the person to whom they appear to belong to.. - This whole business of protecting public keys from tampering is the single most difficult problem in practical public key applications. - It is the “Achilles heel” of public key cryptography, and a lot of software complexity is tied up in solving this one problem.. - You should use a public key only after you are sure that it is a good public key that has not been tampered with, and that it actually belongs to the person with whom it purports to be associated. - That uncertified public key could have been tampered with by anyone, maybe even by the system administrator of the bulletin board.. - If you are asked to sign someone else’s public key certificate, make certain that it really belongs to the person named in the user ID of that public key certificate. - This is because your signature on her public key certificate is a promise by you that this public key really belongs to her. - Other people who trust you will accept her public key because it bears your signature. - You aren’t risking your credibility by signing the public key of a sociopath, if you are completely confident that the key really belongs to him. - It would be a good idea to keep your own public key on hand with a collection of certifying signatures attached from a variety of “introducers,” in the hope that most people will trust at least one of the introducers who vouch for the validity of your public key. - If you sign someone else’s public key, return it to them with your signature so that they can add it to their own collection of credentials for their own public key.. - Checking a newly signed public key certificate must ultimately depend on the integrity of the trusted public keys that are already on your own public keyring. - Since your own trusted public key is used as a final authority to directly or indirectly certify all the other keys on your keyring, it is the most important key to protect from tampering. - There are two entirely separate criteria that PGP uses to judge a public key’s usefulness—don’t get them confused:. - The program’s decentralized probabilistic method for determining public key legitimacy is the centerpiece of its key management architecture. - hierarchical, centralized public key management schemes. - And keep backup copies of your private key—remember, you have the only copy of your private key, and losing it will render useless all the copies of your public key that you have spread throughout the world.. - This kind of certificate is used to warn other people to stop using your public key. - You can then generate a new private/public key pair and publish the new public key. - You could send out one package containing both your new public key and the key revocation certificate for your old key.. - Then anyone attempting to use your key based on the trust of one of your introducers will know not to trust your public key.. - This may be the most crucially important vulnerability of a public key cryptosystem, in part because most novices don’t immediately recognize it.. - A new public key from someone else should be trusted only if you got it directly from its owner, or if it has been signed by someone you trust. - This test also assumes that you have a good trusted copy of the public key that you use to check the signature on the PGP executable.. - A somewhat obscure vulnerability of PGP involves dishonest users creating bogus timestamps on their own public key certificates and signatures. - You can skip over this section if you are a casual user and aren’t deeply into obscure public-key protocols.. - They might crack your public key by using some new secret mathematical breakthrough. - But civilian academia has been intensively attacking public key cryptography without success since 1978.. - The public key algorithms, message digest algorithms, and block ciphers used in PGP were designed by some of the best cryptographers in the world. - Asymmetric keys a separate but integrated user key-pair, comprised of one public key and one private key. - Diffie-Hellman the first public key algorithm, invented in 1976, using discrete logarithms in a finite field.. - a public key digital signature algorithm proposed by NIST for use in DSS.. - Digital signature an electronic identification of a person or thing created by using a public key algorithm. - a division of the U.S. - a widely available and accessible certificate system for obtaining an entity’s public key with some degree of certainty that you have the “right” key and that it has not been revoked.. - The RSA algorithm is used in public key cryptography and is based on the fact that it is easy to multiply two large prime numbers together, but hard to factor them out of the product.. - Secret key either the “private key” in public key (asymmetric). - Self-signed key a public key that has been signed by the corresponding private key for proof of ownership.. - an IETF proposed draft standard, (by Ellison, Frantz, and Thomas) public key certificate format, associated signature and other formats, and key acquisition protocol. - Web of Trust a distributed trust model used by PGP to validate the ownership of a public key where the level of trust is cumulative based on the individual’s knowledge of the. - recognized electronic document used to prove identity and public key ownership over a communication network. - against bogus timestamps 52 public key cryptography 14. - checking a public key’s 38
Xem thử không khả dụng, vui lòng xem tại trang nguồn hoặc xem
Tóm tắt