密码学基础(07-08) PKI (Public Key Infrastructure) 公钥基础设施 公钥技术的应用 復大辱软件学院 LiJT
LiJT 密码学基础(07-08) PKI (Public Key Infrastructure) 公钥基础设施 ——公钥技术的应用
授课计划 两个部分 应用密码学基础 密码学基础 古典密码 认证、PKl、数字证书 现代对称密码 典型的安全协议 非对称密码/公开密钥密码 报文鉴别码 流密码 復大辱软件学院 LiJT
LiJT 授课计划 密码学基础 古典密码 现代对称密码 非对称密码/公开密钥密码 报文鉴别码 流密码 两个部分 应用密码学基础 认证、PKI、数字证书 典型的安全协议
Outline Public-key Technology Review Why do we need pKI Digital Certificate Format Composition of PKI PKI Trust Relationship Application of PK 復大辱软件学院 LiJT
LiJT Outline • Public-key Technology Review • Why do we need PKI • Digital Certificate Format • Composition of PKI • PKI Trust Relationship • Application of PKI
o Review: Public-key Technology Public-key Technology Based on asymmetric cryptographic algorithms Public-Private Key Pairs Services: confidentiality, integrity, authentication and non-repudiation Cryptanalyst Cryptanalyst Source a Destination B Source a Destination B Encryption Decryption Decryption Destinati Algorithm Algorithm Algerithm KUa 復大辱软件学院 LiJT
LiJT Review: Public-key Technology • Public-key Technology – Based on asymmetric cryptographic algorithms – Public-Private Key Pairs – Services: confidentiality, integrity, authentication and non-repudiation
e Review: Digital Signature Two digital signature schemes KR Compare EKRal h(m) (a)RSA Approach H KUC ①」Sg Ver Compare (b)Dss Approach 復大辱软件学院 LiJT
LiJT Review: Digital Signature • Two digital signature schemes
Usage of Key Pairs Key Pairs for Encryption Encrypt with public key Decrypt with private key Key Pairs for Signature Signed with private key Verify with public key 復大辱软件学院 LiJT
LiJT Usage of Key Pairs • Key Pairs for Encryption Encrypt with public key Decrypt with private key Signed with private key Verify with public key u Key Pairs for Signature
Outline Public-key Technology Review Why do we need PKi Digital Certificate Format Composition of PKI PKI Trust Relationship Application of PK 復大辱软件学院 LiJT
LiJT Outline • Public-key Technology Review • Why do we need PKI • Digital Certificate Format • Composition of PKI • PKI Trust Relationship • Application of PKI
Why do we need PKI Public key technology How to provide digital signature How to achieve non- repudiation service How to establish a connection between the public key and the identity How can we be sure that this is someone s public key Public key permissions How to manage public keys Solution certificate Associate the public key with an identity through a certificate 復大辱软件学院 LiJT
LiJT Why do we need PKI • Public key technology – How to provide digital signature – How to achieve non-repudiation service – How to establish a connection between the public key and the identity • How can we be sure that this is someone's public key • Public key permissions – How to manage public keys • Solution:certificate – Associate the public key with an identity through a certificate
More details Ideas are consistent with our real world solutions Certificate: ID card Degree certificate driver license A trusted third party 復大辱软件学院 LiJT
LiJT More details • Ideas are consistent with our real world solutions – Certificate: ID card, Degree certificate , driver license… – A trusted third party
More details Ideas are consistent with our real world solutions PKI: Certificate: ID card Degree certificate Digital certificate driver license a trusted third party o ca Certification Authority 復大辱软件学院 LiJT
LiJT More details • Ideas are consistent with our real world solutions – Certificate: ID card, Degree certificate , driver license… – A trusted third party • PKI: – Digital certificate – CA (Certification Authority)