当前位置:网站首页>Chapter 4 - key management and distribution

Chapter 4 - key management and distribution

2022-06-12 07:34:00 bugmaker.

  1. Key lifetime : produce 、 Storage 、 Distribute 、 Use 、 to update 、 revoke 、 The destruction
  2. Secret key classification
    Primary secret key : Encryption and decryption data .
    Second level secret key : Secret key encryption secret key , Protect the primary secret key .
    Master key : Protect the secondary secret key .
  3. Secret key distribution technology : Direct distribution 、 Key distribution center mode 、Diffie-Hellman Method 、 Hierarchical secret key assignment
  4. Key distribution center mode
    technological process :KDC( Key distribution center ) Share a second level with each user ( Secret key encryption ) Secret key , The user to KDC Request session key ,KDC Generate session key ,KDC Use the secret key to encrypt the session secret key and distribute it to the user
    advantage : The user does not save the work key , One report and one secret can be realized
    shortcoming : Large traffic , Better identification function is required , To identify KDC And the user
  5. Public key cryptosystem allocates secret keys
    (1) towards B Send the generated public key and A The identity of the
    (2)B After receiving the message , Generate session key Ks, Add... With public key Pass the secret to A
    (3)A Decrypt with the private key to get Ks problem : May be passed off as
  6. Public key management solution
    Public key disclosure : No need for confidentiality , The list must be complete
    Bind the public key to the identity
    Guaranteed by a trusted third party
    Other user authentication certificates
  7. Public key certificate : Users exchange their public keys through public key certificates
    data structure : User ID 、 Public key 、CA Signature
    Insert picture description here
    Certificate type : In terms of use : Signing certificate and encryption certificate
    From the perspective of end users : System certificate and user certificate
  8. PKI— Public key infrastructure : An infrastructure established to manage public keys and certificates .
    PKI Logical structure of
    Insert picture description here
  9. Certification body (CA): Be responsible for issuing user secret keys or certificates 、 to update 、 abolish 、 Certification and other management work , Divided into public CA And private CA
  10. CA function : Issue certificate 、 Annulment certificate 、 Certificate update 、 Certificate authentication and secret key management .
  11. PKI Architecture of : single CA structure 、 level CA structure 、 cross CA structure
原网站

版权声明
本文为[bugmaker.]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/03/202203010556252766.html

边栏推荐

猜你喜欢

随机推荐