Password
In application password mean a text string, used to authenticate user identity.
In cryptology cipher mean a series of algorithms.encript and decript be called cipher algorithm.
Key
A parameter in algorithm, participate calculation.
In generally bigger length of the key is, the harder to attack brutally
Symmetric-key algorithm
Usual algorithm hava DES 3DES AES.
advantage of this algorithm is performanc, disadvantage is security problem.
Once the key be attacked, the ciphertext be decripted.
So how to securely transfer symmetric key be a big problem.
Public-key cryptography
Who want to make sure security, who generate key pair.
Sender use public key to encript, receiver use private key to decript.
The advantage of this cryptograpy is security, disadvantage is performance.
Message digest
MD5 SHA hash algorithm used to create a fingerprint.
It’s an one way hash function, and unreversible.
Make sure data not dropping packet, prevent data not be replaced by attacker.
Message authentication code
First share common key first.
Sender calculate mac code by mac algorithm and key.
Receiver calculate as well, check data is not be ‘modified’.
But mac can’t resolve non-repudiation problem. Sender say the key be stolen,
the data sended by attacker.
Digital Signature
The way to resolve this problem is use public-key cryptography to calc mac.
Sender use
private keycalc mac, send message with mac.Receiver split data, got message and mac.
receiver check mac by
public key, result is same withsender's macshow success.
Public-key credential
Certification Authority[CA] to manage organization’s public key.
- Receiver create key pair, private key manage by it’s self, public key pass to CA.
- CA check [offline maybe] the key is from the organization.
- CA sign the receiver’s public-key by itself’s private-key to generate a
PKC - fetch
PKC - Sender use CA’s public-key to check
PKC,
if successd then the public-key inPKCis the reciver’s. - Encript by
public-keysend to receiver. - Receive and decript message by
private-key.