Password
In application password
mean a text string, used to authenticate user identity.
In cryptology cipher
mean a series of algorithms.encript
and decript
be called cipher algorithm.
Key
A parameter in algorithm, participate calculation.
In generally bigger length of the key is, the harder to attack brutally
Symmetric-key algorithm
Usual algorithm hava DES
3DES
AES
.
advantage of this algorithm is performanc, disadvantage is security problem.
Once the key be attacked, the ciphertext be decripted.
So how to securely transfer symmetric key be a big problem.
Public-key cryptography
Who want to make sure security, who generate key pair.
Sender use public key to encript, receiver use private key to decript.
The advantage of this cryptograpy is security, disadvantage is performance.
Message digest
MD5
SHA
hash algorithm used to create a fingerprint.
It’s an one way hash function, and unreversible.
Make sure data not dropping packet, prevent data not be replaced by attacker.
Message authentication code
First share common key first.
Sender calculate mac code by mac algorithm and key.
Receiver calculate as well, check data is not be ‘modified’.
But mac can’t resolve non-repudiation problem. Sender say the key
be stolen,
the data sended by attacker.
Digital Signature
The way to resolve this problem is use public-key cryptography
to calc mac.
Sender use
private key
calc mac, send message with mac.Receiver split data, got message and mac.
receiver check mac by
public key
, result is same withsender's mac
show success.
Public-key credential
Certification Authority[CA] to manage organization’s public key.
- Receiver create key pair, private key manage by it’s self, public key pass to CA.
- CA check [offline maybe] the key is from the organization.
- CA sign the receiver’s public-key by itself’s private-key to generate a
PKC
- fetch
PKC
- Sender use CA’s public-key to check
PKC
,
if successd then the public-key inPKC
is the reciver’s. - Encript by
public-key
send to receiver. - Receive and decript message by
private-key
.