SSH encountered in the work time is too much, about the key distribution is also an important task. That is how public and private keys generated, RSA algorithm principle is what? OCD certainly not satisfied just what and how, naturally want to know why. Translations of mathematics chapter of the monograph I always liked, that the "elementary number dealt application (sixth edition of the original book)" became my mission will have to face.
Then do a study notes, review easy to understand later. I really do not have time to play text Tieshanglai hand, I had no choice but to put the picture out.
Since we know that the key to the principle, let's sort out what its application.
A step of using RSA algorithm:
+ 1. The receiving party generates a public private key pair;
2. Keep the recipient private key, a public key to the sender (cosmic beings Jieke theft);
3. The sender with a public key for the received transmission information forming the encrypted cipher text, and then sent to the recipient;
4 when the recipient receives the ciphertext is decrypted into plain text with the private key of the driver.
Second step using message authentication code:
1. The sender and receiver session key shared in advance (absolutely not disclosed);
2. The sender calculates the MAC value of the message (and the key data as output at the same time) using the shared secret;
3. The sender and recipient of a message sent with the MAC value;
4. MAC value after receiving the message recipient uses the shared key to calculate the message, compared with the received MAC value;
5. If the two MAC values match, then the proper source and that has not been tampered.
Three digital signature using the steps:
Digital signatures are not in order to ensure message confidentiality, mainly to identify tampering and camouflage, can be copied and effective.
1. sender generates a key pair (here is no longer a recipient), the private key to themselves, the public key to the recipient to ensure that public from the real sender is vital link;
2. The message sender computing a hash value, and encrypted with the private key, the signature of the hash value is generated;
3. The sender public key, and transmitted to the recipient along with the message itself signature;
4. The recipient decrypts the signature with the public key, a hash value derived message; message received is then calculated hash value;
5. The receiver 2 hash value comparison, if equivalent, proved true message from a sender, without tampering of camouflage, otherwise fail.
Four digital certificates using the steps (to prove the safety and reliability of the public key):
1. The receiver generates a key pair, the private key leaves the back;
2. register their recipient's public key in Trent;
3.Trent with his private digital signature is applied to the recipient's public key to form certificate;
4.发送者到Trent领取接收者的公钥;
5.发送者使用Trent的公钥验证数字签名,证明公钥来自接收者;
6.发送者用接收者的合法公钥加密消息,传送给发送者;
7.接收者用自己的私钥解密消息得到明文。