Mercurial Mercurial > oss > FCL > sf > os > security / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cryptomgmtlibs/securitydocs/doxygen_docs/Security_intro_PKC.dox
author Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Thu, 10 Sep 2009 14:01:51 +0300
changeset 8 35751d3474b7
parent 0 2c201484c85f
permissions -rw-r--r--
Revision: 200935
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
8
35751d3474b7 Revision: 200935
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents: 0
diff changeset 
     1
 
/**
35751d3474b7 Revision: 200935
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents: 0
diff changeset 
     2
 
@page Security_intro_PKC Public Key Cryptography
35751d3474b7 Revision: 200935
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents: 0
diff changeset 
     3
 
\n
35751d3474b7 Revision: 200935
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents: 0
diff changeset 
     4
 












35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




     5


Public key (sometimes called @ref asymmetric) cryptography allows encrypted messages to be sent without the need to establish a













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




     6


shared secret key. It involves the use of two keys called a key pair: a private key and a public key. The private key is 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




     7


kept secret, and a public key is made publically available. 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




     8














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




     9


All entities using such a system would typically possess a key pair. They will use these keys either for @ref encryption or 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    10


@ref decryption. In any case, if one of the keys is used for @ref encryption, then only the other key can be used for @ref decryption. 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    11














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    12


So, in public key cryptography, to send a message in an encrypted form to a receiver, the sender:













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    13


@li Gets hold of the receiver's public key.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    14


@li Encrypts the message with the receiver's public key.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    15


@li Sends the encrypted message.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    16














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    17


The receiver then decrypts the message using its private key. Only the receiver, who has access to the corresponding 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    18


private key, can decrypt it.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    19














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    20


That is the basic process used for a pure PKC system. In the real world, however, public key cryptography is typically 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    21


used in conjunction with traditional symmetric key cryptography. This is done in order to reduce key management problems 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    22


while at same time taking advantage of the superior speed of the latter. The method for doing this is called a digital 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    23


envelope: a random symmetric private secret key is generated, the message is encrypted with this secret key using a 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    24


symmetric algorithm, and then the secret key is encrypted with the receiver's public key using an @ref asymmetric algorithm.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    25














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    26


The other main use for public key cryptography is in signing (see: @ref Security_signatures).













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    27














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    28


While public key cryptography ensures that only the entity with access to the corresponding key will be able to read the 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    29


message or could have signed a given message, it gives no assurance that this entity is/are actually the entity they 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    30


claim to be. This is where certificates come in. @ref Security_intro_certificates are needed to solve the problem of 













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    31


@ref authentication.













35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    32














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    33














35751d3474b7
Revision: 200935



Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>


parents: 
0

diff
changeset




    34









0






2c201484c85f
Move the Security package to EPL, and add the implementations of the cryptographic algorithms



Santosh Patil <santosh.v.patil@nokia.com>


parents: 

diff
changeset




    35


*/














FCL/sf/os/security