Public Key Authentication
From Computing and Software Wiki
Public key authentication is a process of information cryptography that involves the use of public and private keys.
- also known as asymmetric authentication
- cryptography
- key pair (public key/private key)
- private key only exists on source system and generates signatures which cannot be forged
- anyone possessing matching public key can verify the signature
- public key can be used to encrypt messages for the source system
- only the system possessing the matching private key can decrypt the message
Contents |
Background
- briefly explain password-based/symmetric key authentication
- go in more detail on public key authentication
Identity Verification Process
- Generate a key pair on your computer
- Copy your public key to the server
- When authentication is required, a signature is generated using the private key
- Server uses the public key to verify the signature and grant access
Message Encryption/Decryption Process
- Generate a key pair on your computer
- Send your public key to the desired user you wish to communicate with
- Recipient may generate their own key pair
- Sender uses the recipient's public key to encrypt the message and sends it
- Recipient uses their private key to decrypt the message
Physical World Equivalent
- padlock, lockbox, keep their key
Benefits
- if server is hacked/spoofed
- attacker can learn your password in symmetric key authentication
- attacker would still need your private key in asymmetric key
Drawbacks
- computational cost
- explain uses of hybrids
Public Key Algorithms
- RSA Algorithm
- DSA/DSS (Digital Signature Standard) Algorithm
- Diffie-Hellman Algorithm
References
See Also
External Links
- Public Key Encryption at HowStuffWorks.com
- Asymmetric Ciphers SSH.com
--larocqt 9:23 PM, 4 April 2009 (EDT)
