R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101
120
Public key configuration
NOTE:
The firewall supports public key configuration in the command line interface.
Asymmetric key algorithm overview
Basic concepts
• Algorithm: A set of transformation rules for encryption and decryption.
• Plain text: Information without being encrypted.
• Cipher text: Encrypted information.
• Key: A string of characters that controls the transformation between plain text and cipher text. It
participates in both the encryption and decryption.
Key algorithm types
As shown in Figure 68, the information is encrypted before being sent for confidentiality. The cipher text
is transmitted in the network, and then is decrypted by the receiver to obtain the original pain text.
Figure 68 Encryption and decryption
There are two types of key algorithms, based on whether the keys for encryption and decryption are the
same:
• Symmetric key algorithm: The same key is used for both encryption and decryption. Commonly
used symmetric key algorithms include Advanced Encryption Standard (AES) and Data Encryption
Standard (DES).
• Asymmetric key algorithm: Both ends have their own key pair, consisting of a private key and a
public key. The private key is kept secret while the public key may be distributed widely. The
information encrypted with the public key/private key can be decrypted only with the
corresponding private key/public key; however, the private key cannot be practically derived from
the public key.
Asymmetric key algorithm applications
Asymmetric key algorithms can be used for encryption/decryption and digital signature: