Public Key Authentication
From Computing and Software Wiki
(Difference between revisions)
| Line 1: | Line 1: | ||
'''Public key authentication''' is a process of information cryptography that involves the use of public and private keys. | '''Public key authentication''' is a process of information cryptography that involves the use of public and private keys. | ||
| + | *also known as asymmetric authentication | ||
| + | *cryptography | ||
| + | *key pair (public key/private key) | ||
| + | *private key only exists on source system and generates signatures which cannot be forged | ||
| + | **anyone possessing matching public key can verify the signature | ||
| + | *public key can be used to encrypt messages for the source system | ||
| + | **only the system possessing the matching private key can decrypt the message | ||
==Background== | ==Background== | ||
| - | ===Process=== | + | *briefly explain password-based/symmetric key authentication |
| + | *go in more detail on public key authentication | ||
| + | |||
| + | ===Identity Verification Process=== | ||
* Generate a key pair on your computer | * Generate a key pair on your computer | ||
| - | * Copy | + | * Copy your public key to the server |
* When authentication is required, a signature is generated using the private key | * When authentication is required, a signature is generated using the private key | ||
* Server uses the public key to verify the signature and grant access | * Server uses the public key to verify the signature and grant access | ||
| + | |||
| + | ===Message Encryption/Decryption Process=== | ||
| + | * Generate a key pair on your computer | ||
| + | * Send your public key to the desired user you wish to communicate with | ||
| + | ** Recipient may generate their own key pair | ||
| + | * Sender uses the recipient's public key to encrypt the message and sends it | ||
| + | * Recipient uses their private key to decrypt the message | ||
==Benefits== | ==Benefits== | ||
| + | * if server is hacked/spoofed | ||
| + | ** attacker can learn your password in symmetric key authentication | ||
| + | ** attacker would still need your private key in asymmetric key | ||
==Drawbacks== | ==Drawbacks== | ||
| + | * computational cost | ||
| + | ** explain uses of hybrids | ||
==Public Key Algorithms== | ==Public Key Algorithms== | ||
| + | * RSA Algorithm | ||
| + | * DSA/DSS (Digital Signature Standard) Algorithm | ||
| + | * Diffie-Hellman Algorithm | ||
==References== | ==References== | ||
*[http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.8] - Using Public Key Authentication | *[http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.8] - Using Public Key Authentication | ||
*[http://www.infosecwriters.com/text_resources/pdf/Public_Key_Cryptography_AMS.pdf] - Public Key Cryptography | *[http://www.infosecwriters.com/text_resources/pdf/Public_Key_Cryptography_AMS.pdf] - Public Key Cryptography | ||
| + | |||
==See Also== | ==See Also== | ||
Revision as of 01:46, 5 April 2009
Public key authentication is a process of information cryptography that involves the use of public and private keys.
- also known as asymmetric authentication
- cryptography
- key pair (public key/private key)
- private key only exists on source system and generates signatures which cannot be forged
- anyone possessing matching public key can verify the signature
- public key can be used to encrypt messages for the source system
- only the system possessing the matching private key can decrypt the message
Contents |
Background
- briefly explain password-based/symmetric key authentication
- go in more detail on public key authentication
Identity Verification Process
- Generate a key pair on your computer
- Copy your public key to the server
- When authentication is required, a signature is generated using the private key
- Server uses the public key to verify the signature and grant access
Message Encryption/Decryption Process
- Generate a key pair on your computer
- Send your public key to the desired user you wish to communicate with
- Recipient may generate their own key pair
- Sender uses the recipient's public key to encrypt the message and sends it
- Recipient uses their private key to decrypt the message
Benefits
- if server is hacked/spoofed
- attacker can learn your password in symmetric key authentication
- attacker would still need your private key in asymmetric key
Drawbacks
- computational cost
- explain uses of hybrids
Public Key Algorithms
- RSA Algorithm
- DSA/DSS (Digital Signature Standard) Algorithm
- Diffie-Hellman Algorithm
References
See Also
External Links
--larocqt 9:23 PM, 4 April 2009 (EDT)
