Public Key Authentication
From Computing and Software Wiki
(Difference between revisions)
Line 46: | Line 46: | ||
*[http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.8] - Using Public Key Authentication | *[http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.8] - Using Public Key Authentication | ||
*[http://www.infosecwriters.com/text_resources/pdf/Public_Key_Cryptography_AMS.pdf] - Public Key Cryptography | *[http://www.infosecwriters.com/text_resources/pdf/Public_Key_Cryptography_AMS.pdf] - Public Key Cryptography | ||
+ | *[http://en.wikipedia.org/wiki/Public-key_cryptography] - Public Key Cryptography | ||
+ | |||
==See Also== | ==See Also== | ||
==External Links== | ==External Links== | ||
+ | |||
+ | * [http://computer.howstuffworks.com/encryption3.htm Public Key Encryption] at HowStuffWorks.com | ||
+ | * [http://www.ssh.com/support/cryptography/algorithms/asymmetric.html Asymmetric Ciphers] SSH.com | ||
--[[User:larocqt|larocqt]] 9:23 PM, 4 April 2009 (EDT) | --[[User:larocqt|larocqt]] 9:23 PM, 4 April 2009 (EDT) |
Revision as of 01:51, 5 April 2009
Public key authentication is a process of information cryptography that involves the use of public and private keys.
- also known as asymmetric authentication
- cryptography
- key pair (public key/private key)
- private key only exists on source system and generates signatures which cannot be forged
- anyone possessing matching public key can verify the signature
- public key can be used to encrypt messages for the source system
- only the system possessing the matching private key can decrypt the message
Contents |
Background
- briefly explain password-based/symmetric key authentication
- go in more detail on public key authentication
Identity Verification Process
- Generate a key pair on your computer
- Copy your public key to the server
- When authentication is required, a signature is generated using the private key
- Server uses the public key to verify the signature and grant access
Message Encryption/Decryption Process
- Generate a key pair on your computer
- Send your public key to the desired user you wish to communicate with
- Recipient may generate their own key pair
- Sender uses the recipient's public key to encrypt the message and sends it
- Recipient uses their private key to decrypt the message
Physical World Equivalent
- padlock, lockbox, keep their key
Benefits
- if server is hacked/spoofed
- attacker can learn your password in symmetric key authentication
- attacker would still need your private key in asymmetric key
Drawbacks
- computational cost
- explain uses of hybrids
Public Key Algorithms
- RSA Algorithm
- DSA/DSS (Digital Signature Standard) Algorithm
- Diffie-Hellman Algorithm
References
See Also
External Links
- Public Key Encryption at HowStuffWorks.com
- Asymmetric Ciphers SSH.com
--larocqt 9:23 PM, 4 April 2009 (EDT)