|
Size: 1760
Comment:
|
Size: 2854
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 26: | Line 26: |
| A certificate is issued by the certificate authority (or Public Key Authority) and contains the name and public key of the entity that owns the corresponding private key. Other information may also be contained on the certificate including the authority name, and expiration time. | |
| Line 30: | Line 30: |
| A public-key certificate meets the following requirements: 1. Any participant can read a certificate to determine the name and public key of the certificate's holder. 1. Any participant can verify theat the certificate originated from the certificate authority and is not counterfeit. 1. Only ther certificate authority can create and update certificates. 1. Any participant can verify the currency of the certificate. |
|
| Line 31: | Line 38: |
||Agree on Public Elements ||||<(>Prime ''q'', and [[latex2($\alpha,~\alpha<q$ and $\alaph$)]] is a primitive root of ''q'' || ||User A/B Private/Public Generation: ||||<(>Select [[latex2($X_{A/B},~X_{A/B}<q$)]] and calculate public [[latex2($Y_{A/B}=\alpha^{X_{A/B}}\bmod q$)]].|| ||Secret Key Generation: |||<(>Calculate [[latex2($K=(Y_A)^{X_{A/B}} \bmod q$)]].|| |
Review Questions
1. What are two different uses of public-key cryptography related to key distribution?
- The distribution of public keys
- The use of public-key encryption to distribute secret keys.
2. List four general categories of schemes for the distribution of public keys.
- Public announcement: Essentially you publish your public key yourself and people find it in the "wild" as it were and trust that it is really yours.
- Publicly available directory: Maintained by some trusted entity
- Public-key Authority: Requests are made to the Athority and it sends a private key encrypted response containing the requested key. Thus we know that the key came from the authority. But this becomes the bottleneck of the system.
- Public-key Certificates:
3. What are the essential ingredientes of a public-key directory?
- The directory authority maintains a {name, public-key}
- Participants register a public key with the directory authority in person or through some secure authenticated communication.
- Participants may replace their public key at any time.
- Periodically the authority publishes the entire directory or updates to it. (With the net this is no longer an issue.)
- Participants may access the directory electroniclly via a secure authenticated communication.
4. What is a public-key certificate?
A certificate is issued by the certificate authority (or Public Key Authority) and contains the name and public key of the entity that owns the corresponding private key. Other information may also be contained on the certificate including the authority name, and expiration time.
5. What are the requirements for the use of a public-key certificate scheme?
A public-key certificate meets the following requirements:
- Any participant can read a certificate to determine the name and public key of the certificate's holder.
- Any participant can verify theat the certificate originated from the certificate authority and is not counterfeit.
- Only ther certificate authority can create and update certificates.
- Any participant can verify the currency of the certificate.
6. Briefly explain Diffie-Hellman key exchange.
Agree on Public Elements |
Prime q, and latex2($\alpha,~\alpha<q$ and $\alaph$) is a primitive root of q |
|
User A/B Private/Public Generation: |
Select latex2($X_{A/B},~X_{A/B}<q$) and calculate public latex2($Y_{A/B}=\alpha^{X_{A/B}}\bmod q$). |
|
Secret Key Generation: |
|<(>Calculate latex2($K=(Y_A)^{X_{A/B}} \bmod q$). |
|
7. What is an elliptic curve?
8. What is the zero point of an elliptic curve?
9. What is the sum of three points on an elliptic curve that lie on a straight line?