Manualshelf

iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
391392393394395396397398399400
Security Concepts
iTP Secure WebServer System Administrator’s Guide522659-001
D-3
Cryptographic Techniques
Cryptographic Techniques
This section introduces the two primary cryptographic techniques:
Secret Key Systems (See below)
Public Key Systems (See below)
Secret Key Systems
In secret key systems, the sender and receiver of a message each use the same secret key.
The sender uses it to encrypt a message, and the receiver uses it to decrypt this message.
This method is simple and straightforward, but it has an inherent vulnerability.
Key Vulnerability
The secret key system is inherently vulnerable in that both parties must possess the same
key. In other words, the same key must be communicated between both parties without
anyone else coming into possession of it, either inadvertently or through sinister intent.
If these parties are proximate, the chance of compromise is not a large one. However, if
the parties are in separate physical locations, which is most often the case, they must
entrust a third party, such as a telecommunications system, to distribute the secret key
between both parties without anyone else coming into possession of it.
Key Management
The effort to protect and control keys is called key management (see Secure Sockets
Layer (SSL) on page D-7). Key management is of paramount importance in secret key
cryptography because of the inherent vulnerability of keys.
Public Key Systems
In public key systems, each party is assigned a pair of keys: a public key and an
associated private key. The owner of a key pair distributes her public key to any sender
wishing to communicate privately with her, while retaining, and keeping absolutely
secret, her private key (see Figure D-2 on page D-4). The sender uses the owner’s public
key to encrypt his message; the owner then uses her private key to decrypt it.
In other words, in public key systems, only half of the encryption mechanism (the public
key) is shared among the parties to a communication; the other half (the private key)
never leaves the possession of its owner. Neither key is of any value without the other.
Public key cryptography can be used for both privacy (encryption) and authentication
(digital signatures).