Mercurial Mercurial > oss > FCL > sf > os > security / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cryptomgmtlibs/securitydocs/doxygen_docs/Security_intro_PKC.dox
changeset 60 11c66574c2a2
parent 56 c11c717470d0
child 62 b23410e29e22
child 65 970c0057d9bc
equal deleted inserted replaced
56:c11c717470d0 60:11c66574c2a2 
     1 /**
 
       
     2 @page Security_intro_PKC Public Key Cryptography 
       
     3 \n
 
       
     4 
       
     5 Public key (sometimes called @ref asymmetric) cryptography allows encrypted messages to be sent without the need to establish a
 
       
     6 shared secret key. It involves the use of two keys called a key pair: a private key and a public key. The private key is 
       
     7 kept secret, and a public key is made publically available. 
       
     8 
       
     9 All entities using such a system would typically possess a key pair. They will use these keys either for @ref encryption or 
       
    10 @ref decryption. In any case, if one of the keys is used for @ref encryption, then only the other key can be used for @ref decryption. 
       
    11 
       
    12 So, in public key cryptography, to send a message in an encrypted form to a receiver, the sender:
 
       
    13 @li Gets hold of the receiver's public key.
 
       
    14 @li Encrypts the message with the receiver's public key.
 
       
    15 @li Sends the encrypted message.
 
       
    16 
       
    17 The receiver then decrypts the message using its private key. Only the receiver, who has access to the corresponding 
       
    18 private key, can decrypt it.
 
       
    19 
       
    20 That is the basic process used for a pure PKC system. In the real world, however, public key cryptography is typically 
       
    21 used in conjunction with traditional symmetric key cryptography. This is done in order to reduce key management problems 
       
    22 while at same time taking advantage of the superior speed of the latter. The method for doing this is called a digital 
       
    23 envelope: a random symmetric private secret key is generated, the message is encrypted with this secret key using a 
       
    24 symmetric algorithm, and then the secret key is encrypted with the receiver's public key using an @ref asymmetric algorithm.
 
       
    25 
       
    26 The other main use for public key cryptography is in signing (see: @ref Security_signatures).
 
       
    27 
       
    28 While public key cryptography ensures that only the entity with access to the corresponding key will be able to read the 
       
    29 message or could have signed a given message, it gives no assurance that this entity is/are actually the entity they 
       
    30 claim to be. This is where certificates come in. @ref Security_intro_certificates are needed to solve the problem of 
       
    31 @ref authentication.
 
       
    32 
       
    33 
       
    34 
       
    35 */
FCL/sf/os/security