Cryptology in transmission

Password

In application password mean a text string, used to authenticate user identity.

In cryptology cipher mean a series of algorithms.
encript and decript be called cipher algorithm.

Key

A parameter in algorithm, participate calculation.
In generally bigger length of the key is, the harder to attack brutally

Symmetric-key algorithm

Usual algorithm hava DES 3DES AES.
advantage of this algorithm is performanc, disadvantage is security problem.

Once the key be attacked, the ciphertext be decripted.
So how to securely transfer symmetric key be a big problem.

Public-key cryptography

Who want to make sure security, who generate key pair.
Sender use public key to encript, receiver use private key to decript.

The advantage of this cryptograpy is security, disadvantage is performance.

Message digest

MD5 SHA hash algorithm used to create a fingerprint.
It’s an one way hash function, and unreversible.
Make sure data not dropping packet, prevent data not be replaced by attacker.

Message authentication code

First share common key first.
Sender calculate mac code by mac algorithm and key.
Receiver calculate as well, check data is not be ‘modified’.

But mac can’t resolve non-repudiation problem. Sender say the key be stolen,
the data sended by attacker.

Digital Signature

The way to resolve this problem is use public-key cryptography to calc mac.

  1. Sender use private key calc mac, send message with mac.

  2. Receiver split data, got message and mac.

  3. receiver check mac by public key, result is same with sender's mac show success.

Public-key credential

Certification Authority[CA] to manage organization’s public key.

  1. Receiver create key pair, private key manage by it’s self, public key pass to CA.
  2. CA check [offline maybe] the key is from the organization.
  3. CA sign the receiver’s public-key by itself’s private-key to generate a PKC
  4. fetch PKC
  5. Sender use CA’s public-key to check PKC,
    if successd then the public-key in PKC is the reciver’s.
  6. Encript by public-key send to receiver.
  7. Receive and decript message by private-key.