- A good guideline for writing your security policy is that it’s like writing a set of func- tional requirements for software.The policy shouldn’t talk about specific implementa- tions or solutions, but instead about the goals and security requirements in your environ- ment. - When challenged for a login name and password, your browser will present a dialog box looking something like the one shown in Figure 13.2.. - Figure 13.2 Web browsers prompt users for authentication when they attempt to visit a restricted directory on a Web server.. - Figure 13.3 shows the encryption process as a simple flowchart.The plain text is fed to an encryption engine, which might have been a mechanical device, such as a World War II Engima machine, once upon a time, but is now nearly always a computer program.The engine produces the ciphertext.. - Plain Text. - Figure 13.3 Encryption takes plain text and transforms it into seemingly random ciphertext.. - To create the protected directory whose authentication prompt is shown in Figure 13.2, we used Apache’s most basic type of authentication. - Many, but not all encryption processes can be reversed.The reverse process is called decryption. - Figure 13.4 shows a two-way encryption process.. - Plain Text Decryption. - Figure 13.4 Encryption takes plain text and transforms it into seemingly random ciphertext. - ciphertext and transforms it back into plain text.. - some, like RSA, use a public key and a separate private key.. - Private Key Encryption. - As shown in Figure 13.4, both the sender (who encrypts the message) and the recipient (who decrypts the message) have the same key.. - The most widely used secret key algorithm is the Data Encryption Standard (DES).. - Fortunately, there was a breakthrough in 1976, when Diffie and Hellman published the first public key scheme.. - Public Key Encryption. - Public key encryption relies on two different keys, a public key and a private key. - As shown in Figure 13.5, the public key is used to encrypt messages, and the private key to decrypt them.. - Anybody to whom you give your public key can send you a secure message. - Figure 13.5 Public key encryption uses separate keys for encryption and decryption.. - The most common public key algorithm is RSA, developed by Rivest, Shamir, and Adelman at MIT and published in 1978. - The capability to transmit a public key in the clear and not need to worry about it being seen by a third party is a huge advantage, but secret key systems are still in com- mon use. - A public key system is used to transmit the key for a secret key system that will be used for the remainder of a session’s communication.. - This added complexity is tolerated because secret key systems are around 1000 times faster than public key systems.. - Digital signatures are related to public key cryptography, but reverse the role of public and private keys. - When the message is received, the recipient can decrypt it with the sender’s public key.. - It is important to note though that although the message has been encrypted, it can be read by anybody who has the public key. - As public key encryption is fairly slow for large messages, another type of algorithm, called a hash function, is usually used to improve efficiency.. - Public Key. - Private Key
Xem thử không khả dụng, vui lòng xem tại trang nguồn hoặc xem
Tóm tắt