Outline l l l Digital Signature Digital Certificate

Outline l l l 數位簽章 Digital Signature 數位憑證 Digital Certificate 憑證授權 (Certificate Authority, CA)

Message Authentication 訊息認證 l Integrity Check l l Maintaining data consistency Authentication l 12/26/2021

Public-key Cryptography l Asymmetric key algorithm l l Public key (公開金鑰) l l Use

RSA algorithm l Public key : ( N , e ) N=p × q

Example l Public key : ( N , e )= ( 187 , 7

Public-key Cryptography Cipher -text Clear -text 公開金鑰秘密金鑰 Cipher -text Clear -text 秘密金鑰 12/26/2021

Digital Signature S Clear -text DS S私鑰簽章 Clear -text R DS 12/26/2021 S公鑰驗證 10

Digital Signature & Encryption R公鑰加密 S Cipher -text Clear -text DS S私鑰簽章 R私鑰解密 Cipher

Digital Signature Standard l In 1994, NIST standard l l DSA algorithm In 2000,

數位憑證 (Digital Certificate) l l 電子性身分證明 The simplest certificate just contains: l l Information

Smart Card l l l 具有 CPU、RAM、FLASH、以及相關 I/O 單晶片系統電路 (System-on-chip Circuit, SCO) 智慧卡作業系統 (Card

Working flow of the certificate ~單向認證 12/26/2021 19

Working flow of the certificate ~相互認證 A 12/26/2021 B 20

Certificate creation & Authentication CA 12/26/2021 22

Slides: 25

Download presentation

Outline l l l 數位簽章 Digital Signature 數位憑證 Digital Certificate 憑證授權 (Certificate Authority, CA) 中心 12/26/2021 2

Outline l l l 數位簽章 Digital Signature 數位憑證 Digital Certificate 憑證授權 (Certificate Authority, CA) 中心 12/26/2021 3

Message Authentication 訊息認證 l Integrity Check l l Maintaining data consistency Authentication l 12/26/2021 Assurance of identity of person or originator of data 4

Public-key Cryptography l Asymmetric key algorithm l l Public key (公開金鑰) l l Use a pair of two related keys Authentication, Encryption, distribution Private key (秘密金鑰) l 12/26/2021 Sign, decryption, secret 6

RSA algorithm l Public key : ( N , e ) N=p × q (p, q : prime and private) gcd (e, (p-1) × (q-1)) =1 l Private key : d d × e=1 (mod (p-1) × (q-1)) l Encryption : m c = me(mod N) l Decryption : c m = cd(mod N) 12/26/2021 7

Example l Public key : ( N , e )= ( 187 , 7 ) N=p × q =17 × 11=187 gcd (e, (p-1) × (q-1)) =1 e = 7 l Private key : d = 23 d × e=1 (mod (p-1) × (q-1)) d × 7=1 (mod 160) d=23 l Encryption : m=88 c = me(mod N)= 11 l Decryption : C=11 m = cd(mod N)=88 12/26/2021 8

Public-key Cryptography Cipher -text Clear -text 公開金鑰秘密金鑰 Cipher -text Clear -text 秘密金鑰 12/26/2021 Clear -text 公開金鑰 9

Digital Signature S Clear -text DS S私鑰簽章 Clear -text R DS 12/26/2021 S公鑰驗證 10

Digital Signature & Encryption R公鑰加密 S Cipher -text Clear -text DS S私鑰簽章 R私鑰解密 Cipher -text Clear -text R DS 12/26/2021 S公鑰驗證 11

Digital Signature Standard l In 1994, NIST standard l l DSA algorithm In 2000, FIPS PUB 186 -2 standard l l 12/26/2021 RSA algorithm Elliptic Curve Digital Signature Algorithm (ECDSA) 12

Outline l l l 數位簽章 Digital Signature 數位憑證 Digital Certificate 憑證授權 (Certificate Authority, CA) 中心 12/26/2021 13

數位憑證 (Digital Certificate) l l 電子性身分證明 The simplest certificate just contains: l l Information about the entity that is being certified to own a public key That public key Issued by Certificate Authority (CA) And all of this is l 12/26/2021 Digitally signed by someone trusted (like your friend or a CA) 14

X. 509 v 3 Certificate 12/26/2021 15

Smart Card l l l 具有 CPU、RAM、FLASH、以及相關 I/O 單晶片系統電路 (System-on-chip Circuit, SCO) 智慧卡作業系統 (Card Operating System, COS) 嵌入對稱加密系統：DES 或 AES 嵌入非對稱加密系統：如 RSA 演算法產生亂數儲存： l l 12/26/2021 Digital certificate Private key 17

Process 12/26/2021 18

Working flow of the certificate ~單向認證 12/26/2021 19

Working flow of the certificate ~相互認證 A 12/26/2021 B 20

Outline l l l 數位簽章 Digital Signature 數位憑證 Digital Certificate 憑證授權 (Certificate Authority, CA) 中心 12/26/2021 21

Certificate creation & Authentication CA 12/26/2021 22

CA 服務項目 12/26/2021 23