When A
sends dat开发者_如何学编程a to B
over a network connection using public key cryptography, how does A
achieve the goals of authentication, confidentiality ?
In a case like this, A is using B's public key, and B is using A's.
Confidentiality: If A encrypts something using B's public key, then only somebody with B's private key can read it. In practice, A is likely to generate a random key for some symmetric cipher like AES, since that's more efficient, but if encrypted with B's public key only A and B should have it.
Authentication: This is more complicated. In general, if you can send information confidentially, you can send authentication credentials. Public key encryption can help, provided that A's public key is known to be A's for some reason. Perhaps it's registered in a place B trusts for some reason, perhaps B has communicated with A before and wants to know if it's the same key. Then A can send a message encrypted with A's private key, which can be read with A's public key. This can be used as a cryptographic signature by hashing a message and encrypting the hash.
In these cases, I'm assuming that A and B have private and public keys, and that nobody else knows their private keys (and A doesn't know B's private key and vice versa). If E knows A's private key, then E can send messages that appear to be from A, and E can read all private messages to A. Moreover, if B doesn't know that A's public key is A's to begin with, B can't tell if E is doing a man-in-the-middle attack, by communicating with B with B's and E's public keys, communicating with A with A's and E's public keys, and relaying the communications. This means that E can read (violating confidentiality) and change (violating authentication) communications between the two. This is usually dealt with with certificates issued by a trusted certificate authority, which is getting out of scope of the question.
Read description of how SSL/TLS works. For example, you can read the introductory article on our site.
精彩评论