Docstoc

cert

Document Sample
cert Powered By Docstoc
					                                          :
                         cert !
                                          "#$ %&
                                         '(    ) *(




+ , %, + ) !       -(             !      . / 01            2( 3 - ( 4 5 67
                                                           . 3 8 9:( cert




   ? @/( .2( -(       . & 0 < =":9 . /( +              !              >
B)        A: +       D A: +              B*: ) +           B7 C +        +
G ( @/( .DES RSA B:7         B*: ) B:7    +      + G @/( .(HASH)+! (
 7 ) , H"I C 67 +        G HJ @/(      B* , -      HK        )    :( H"I C
  '7 =7 L B) 0I C . 3 L B:7            2( 6I .B* , - '7            7 + H"I C
   ! * @/( )   67     . 3   M 0 L D , +! ( *C @/( - 3                       3
6I H : *( N $ '7 & B7            , ( * &          : D-7 , D2*$*, ! + O
 !      P =":9          . /( ) 2( G!Q R . 5 . /( 67 ! G , ) 2(
   3 1     !   . / =":9 + ) S       + HM9 67          .B* , =7     -(     cert

- 1 cert !     2* U =7 + G!Q taxonomy        ) 7 -7 H +       A & K T9
                                                                         . 3



-( 3       - I3      +            -(             / B" :(          )   cryptology   .V
                                                                          . 75
)      -7 M5      + R5     +          , - : *(     :(         )   Cryptosystem     .W
                                              . 7 5-        :( D 7K -       O
        2*       ! - *) $                -> 7 + HI* I           ) B" +               :Cryptography .X
                                                                                                    : J
    U !             %& + :S 6:3                   -$9 :(confidentiality)                  !         •

                                                            . 7 5-           S     ! ' *Y
        2* O                 !'      *Y **Z =M, :(data          integrity)         "#      $        •

                                                                                        . 75
            [           7 H:7 O          , \9M :(authentication) "% & ' (                           •

                                                                       . 7 5 2 ] ^7 _
        ? < 7?             I ! 27 O `7 2                  :(non-repudiation) ) * +                  •

                                                                                   . 75
+               + HI* I 6: I3 +             ,     -7 H3            / :(cryptanalysis)           )         .a
   %&   K 2( + -7 H3     / D- I3                                    . 7 5 - I3             - I
  P   b"Y   67 . 3 - -$9     %&                                      -( :(             3 +
6: I3 " 0      - I3 D-I* I *Y !                                    .2( -] _         *", -( :(
                                                                                         . 75 ,
        /           +        + H3              H : *( , - ,             :(cryptographer)                  .c
                                                                   . 75            D 7     - -(
L9 )                     ) , * K      -7 M5            , -_93            :(cryptanalyst) .)               .,
                                                                          . 7 5 6I3            D 3 -
) -O            !       T7 :S     , -A7 &       G *C + R5 , 0             :(encryption) 0                 ./
          . 7 5 (ciphertext)         .          3+          G *C       . 7 5+            D 7       -$9
0       . 7 5 -7 M5                6: !         ( 6: - 7! 0              :(decryption)          23        .1
    + R5 , 4                D 3 - G ' (key) #45 `7                     b"Y -7 M5               +
                          . 3 - G ' 2(             *", 6:              AU -7 M5         , 2( -A7 &
    A: +                 + H :7      :(symmetric cryptography) 7             0                 8 9 % .6
)            -7 M5          +          +        *", `7 ! -] _             *", +           B:7  7
                                                                                  . 7     - $:(
+               + H :7          :(asymmetric    cryptography)      7         0                 8 9 % .:
    +               +        $: + ) *", ! -                 *", +            B:7           7        A:
+           *", !      -     -7 M5       *",     7      -        $:( )            -7 M5
                                                                                 . 5 ^:M
        +           ) H:* ! +         D-, " +                :(block   cipher)      594      .
 . 7 - +        H     `7         HK   3 - :U 5 ( 2* da Q
)+     *", `7 !   5- +         ! )      ! e " `7 D-, "
2f   ]      ( 6: e " `7 M* ) -, " +        . 3-     $:( e "
                      . 5- +        D 6: e " `7       *",
7 27 )2* `7 +               ! )       + :3 + )         :(stream cipher) 0                    .VW
 *", 67         7     - +! ( *C feedback G * I -                      , - 0 ( ",
    $:       +H :        ( 6: `7 + :3 +                           . 7 - **Z
                                                                     . 5- +


                                                                           0              0 <=        > ;
-7 M5       +         +      *", `7 ! D-] _          *", +         + H :7           :7           .V
! -> 7 g !           3 - +     4 67    ( D4 67 . 7                        -        $:(
                    . 3 - $:( H < + D 3 -     (-                               *", +
                                                                                 ? @AB&
D-:*   n    6: e "         -:*   n    ( 6: e " D4 67              : 594              •

-U _ & -> 7 g ! *", . 3 - 0A: k             *",                        *f 2S
 2( bijection `7 D 6: e " `7 D2 f *", `7 +      D                        3 *
`7 D    +      *", ) . , - \9M    -:* n + )                            2M 7 O
`7 ! :M* M & , ( + H *C + . 7 - \9M                                     bijection

          . - I        6: +   $: + I" + ) D                            3 e"
D2      ? A: )       , 2( -:         6*3 D+ :3          `7 :0                        •

     `7 ! T* + *J D2 6*3 . , - 0A:         %& ! 2* `7
     -O     I +          2 6*3 . 3 - -U _ 3
     K 2( +      *h*C + ) : ( ! Q    . 3 - : ( D -, "
                                  . 3 - $:( :M* 2 (
+)      i%, :(self-synchronizing stream ciphers)* =C 9D 0                    •

      ! jC        -O      :3 ,            -5k7 67 G )         + :3
                   . , - .%] / 7 +           2* lR         ] -) ,
. 3 - : ( -, " + ) ! $:( G )                          + :3 + )
.2( O              6: B7        +          G *C ! 2* n , * , m U
2* D 6: ! 2* n +                      jn( (2(        e " ? & l n)
`7 D -O             ! 2* `7 .B* , - *        + 7 O+ O ?           *",
    7 67 D2* `7 2,             ? .2( O ?               7 O *", ! 2*
                                  .B*7     I G *C ? & 0, + B* -
-7 M5           ( 6:       - D 6:          2* `7 + / , 2( 63
              . !(- G )                , 67 . R5 *f 2* n ! jC 3
(substitution) - *M O %                  3 o       7     6: e " ? &
                                                            . 3 G A
+           - *M O :(transportation)       2<    E (substitution)   #2 $         •

 )    H" ( ! -) 5 7 H" ( 7      H" ( ! -) 5 7 H" ( - 7 7 O
67 ! `*h*) . 3 - e " `7        H" ( 2M 7 O +       0 .
+)     H K b*,      D 7 - *        -U , 2* D-7 H    ) I"
  DES + H :7   ((SPN) -:M 7 O - *M O I 3) . 3 - : ( + <
                  . 3 - ) SPN ! + 3 : 3 + H p CAST-128
 n    I*1 O) .     - 2*   m      2*    n   ,    : )-   O D )s-box : CS-box       •

                                        3 - +     (  b"Y m
-) *        6* h ) ) + b(               ( + -$":9 + H)
                                       + )s-box 6:
l] [         ` , 29( -> 7              ! - .
                                        < !       &  O HK
. 3 G      A q      %                  )s-box '7 + (bent)
                                       ,-      $:(
+ +          3 + )s-box ,-                   < !
                                       $:f + $3 I    & 7(
                                                 . !      f
DES   -,   "    B:7     67 . 3   -/ *Y r O H        - s-box
                         . 3 - B:7  r O 67 : H D2( I3K
.2(        ([      ! -, "        6: ( -                      Dfeistel I 3 :feistel 0 C )F         •

     5. 7 5s :                  , 2U I Lucifer -, "
                     Horst Feistel    (                  -"] 7
                                    . 3 : ( -"] 9 ! -$":9 + )
[      *5 - 2* n 2* n ! - Feistel          :( I 3 D    (
+        : ( , + 7 C [ . , - * 2* 2n 2* 2n ! -:M5! 0 <
    K , feistel I 3 + > -5k7 . 3 - * (round) 5 [ D 3           K
2M5! 0 < 5 [ , 2 * +! * , 2 7 2(                 *$ +      - &
                             .2( 2M5! 0 < M* ) '*: [ - 3
! * *", 2* rk Feistel      K D 3 *", `7 ! 2* k      :    5[ 5
                                  .2( :U I + )        r I1 O

-(         , ) - M DES * K D 3 - I3K Feistel : ( 2*
D 3 :3 -U , + ) Feistel         , 2( - . 3 - ) 6: ( +
                         . , - 6* # 2* :M* + )               U
0 F G DFeistel + )           +       2*        rk        K4: 5                , *", 6:U 5 0       •

6:3 67            D2( -/ *Y               I"        `7 b"Y         I7 . 3 -          *    #45
    *",      - %&            h*) B*A:                &     5 *", ! 2*          rk     - %&
    7 C : ( 67 Twofish       DES DLucifer            J -7 ) . , -                *    ,-<
                                                                                . : )    +
+)         2M 7 O        P           :(Permutation) "2               $ J(Expansion)H IF           •

- -/ + I" H K . : ) 5 [ `7  H:*   , P "9 + e                                              :M
+ )s-box I* ) ? ) . 7 - 27 $, 2* 6* # +                                                    3
 , 7! 3 - + > 2* + D     - I (DES    ) b( -/                                                *Y
               . , - M: H:* ) +     -/ *Y -5k7                                             HK
E    NOT   JOR JAND JXOR                  #         B       0 C 4=+)bitslice 0 C )4=+             •

-     Eli Biham   ! D-, " + )         !       bitslice   + H7! (    *C        7 :("# "2       $
 I"             K 2( +   + H *3                             e :M        `7 I 7 . 3
                                                                         I"
+ *5 I          + ( + H *3   4 67                            Biham D? )    .2( +!
                        .      I                            + ) *n , o + ) : *O
-         3 :3       - bitslice 4                            -, " + )    ) D-", &
 7 A H:M 7 O D 7 l & ! . 5 , *                               2( 6I L > [ O J
@/(        I7            ) : *O G      !*    AU H K , 7! 3 -    7
                                                     . 3- G' t 7 ,
    e " D-, " + )    .    3-     $:(    *   -, " + )     :     #4=+ 0 C 9   •

  (2* da Q : ) 2 f 7 ( + 7 e "              (2* da Q ) 2 f 7 (
n *",     -O        +     e " 5 . ) - ? A: *",        3 ? A: [ ` ,
-:* n 2M 7 O -:* n            ! -I7 `7 23 b"Y -, "           D 3 2*
                                                              .   -
 M* ) '*:          6: L H, " D 5 +         *", `7         e " `7 5
(Electrocnic Code Book(ECB)) -I* :I , L :, - *"      67 . 3 - M
 I 7 + . 3 *$               - 5 " `7 +          %& 67 . 3 - *
      ( b"Y D 5 +               $:  6: + H, "       M      6: + H, "
                                                   : - I         :(
D     6: e " `7 :(Cipher     Block Chaining(CBC))       K94 #L G        o

4! +       -" <   6: e "       ( 6: e "   , XOR      :
 *f + + H, " +    -" < + H, " b* 67 . 7K - 2( '*:
D 7 U-  6: 2* `7 !            ( 6: + H:*         R5 -
               - ) ) %IM        ' D 3 B5 e " `7 5
                                               .     *
+          Gk       6: e " :(Cipher    Feedback(CFB))        Feedback   o

   . 7K - 2(     ( 6:     '*:      , xor G (k-1)    6: e "
       3 B5    6: ! 2* n h J :         +! ( G ) -5k7 CFB
-:(      ? A: -" < + ) / l%       -7 M5 D 5 2U 7 -:(
 3                 - CFB Dfeedback A" 6* h ) . *5 - G '
    -U _      ! e " `7 -5 (       $ `7 5 3 $:( -U _
                        . ) +         6*         $] + e "
      ) *", 3                   :(output feedback) $E D Feedback        o

 e"     6:   5 - XOR ( 6:    K -O    ,D - I
`7     3 - 0] + I +        *", :3 . 7K 2( e "
   .2(    ^U    % < *", ) , , - s 3 67! YK
B: *( 67 . 7 5 s : Vuvw )                      D-      *", +        B: *(:7           .
H *C D-           .-] _ *", `7 -
                 *",                          *", `7 D     *", +
                . 5 - -7 M5 -] _ *", H *C                    5- +
  , 2( *$ D-        P        . 3 - *", ? D 7 5 ) M , + 7 7
.     I -$9 *", +         B: *( -, " +           + -$9 -] _ *", `7
   7 , *", ?    0I C 6: ( +              + x + ) 7 ! Hellman Diffie
Ron D K ! jC -) ,       .        $:( D    ! YK -       *", +       B: *(
B: *( 6*     ,         '7      +       B: *( adleman Adi Shamir DRivest
                 . - < +# +                     < , -         *", +
+ * . 3 '7 ) 7 K - $: -                    *", +       + H : *( K ! jC
67 :7 < !    RSA Diffie-Hellman 0I C    . 3 - 6 *Y , 3 f H K !
                                                         . 3 - H"I C
                                                                             7 3M E
2*     . 3 -           *h*C - ( S "x D-              *", +     B: *( -"] r O
 "x    0     -            *", ! -] _ *", ,          3 0] 67 +          B: *(
-        *", +               z7 + ) y ! -             , B) .2( ( S 0 < 3
                                                                     .2(    K
q         (S           J , 2 7 ! + I3K . 3 DB:7           `7 :8 9 %      o

`7 0 +   , -"           B:7                 `7 -7 , . *5 G ' 7
` ,    O   ! $ `7 b"Y . 3 -                 ( S D2( ! *     0IM
                                                . 7 - * o O
 4        O -, :M        *" G A {*) 5 2( ?                `7 :NE     +   o

?        ...   VV Dv Dc DX DW        J +     67     . 3 :3 `7
 *    +H (      ?           ,              O + * ?        . : )
                                                . 3 - : I3 Q (
. 3       T7     ?           L #"]         ]          -        ):    L   o

?      )        ,2 7 ?         7 ' + B:7    `7
?    *    *<    I* ! B*7 B* A -C *C & `J ,
 3 - 7RC I   : ) 1016 ! : , , +     +  I7 . 3
+    B: *( .    108 ?       T7 !K ! * I 7 , 7!
 I 7 :( 10300           7(D 3 -                 7' +              ,-       *",
                                         .      10150     ?        2       !*
  n       , *C "x       D %IM ! + 7 i%, `7 : II3 8                             %   o

                              . 3        < y=g   n
                                                      /   y   +   , 2( + S
0 3 -:MC        , "x      D         ! -IJ ,           ' 6:3       :    2> %95      o

      ?     HK s '        I7 S          2(           67 ! +        ' 7! 6**
                                                          . 3     3    @*S]
      , + I3           i=1,…,m      +     Wi =< W1 ,...,Wn >          : C )F       o

0I3        I3 r O . 7*               g           3 -         7 C 67 i (
             . : ) @*S]                  )ti D 3 - t1w1 + t2W2 + ... + tmWm
               . 3 - NP                 ! I3         67 :) , 6:U 7 "x
G )          3-          $:( =":9 + H :               +! ( B) [        :(hash) 0G      8C   .
     G *C `7 + H:* +! ( B) [ `7 . 7         ( S G *C *IJ D- < + #
B) 4!               G *C , 7 -       MU + S 2 f 7 ( +! ( B) 4!
                                                      . 7 - [7! +! (
- * :M* 7 2* VW|              +! ( B) + H3! D+             +! ( B) [
0,        ! :5      * D 2128 D 7K - 2( , +! ( B) [                 . ,
     2* VW| ! :M* + H:*       ! " 0*          . 3-          , 2( -7 H *C
  9 G *C , +! ( B) [ `7 6:3            , ,- *            ! " .2( ! *
  3 (S             M *IJ , B7        g:     D     - -:* VW| *IJ
2U M*C     ! ! . 5 +! ( B)         9     &       3 L 9: G *C 264 I* )
    , B) , D2* Vdw %p ) 2( ! *       2* VW| ! :M* G *C *IJ D ) *n ,
                                                        (.2( 3       :(
+! ( B) [ 67 :U          . 3 - i :(          + * b( +! ( B) [
+! ( B) [ .RipeMD-160 DSHA-1 DMD5 DMD4 : 3 - MD                  ! O
  $:( 7 7           3 - 6 MD5 MD4 .             3 : I3 SHA-1 Md5 DMD4
   SHA-512 SHA-384 DSHA-256 . 3 -       $:(     : 5 & ! ) SHA-1 . 3
                                                    . 5 - 67 7 O 7K


                                                                      0            0 <= 9 % P 9   O
            , 2( - :7      (Data Encryption Standard(DES))     +           :( :DES .
    (    7 5              :( NIST
                             (    ( B:7      67 . 3 '7 Vuvw (
    $:( * *                  67 . 3 :U 7RC * ( ( =":9 + H: I
                          , B) B:7
                                                              . 5-
  $:( -:* cd + ) *", ! DES .2( -:* da e " 7 ( -, "       B:7    DES

[ O + ': O % m              B:7    67       + ) *n , O . 7 -
    3 -O        5 "     % m            2( + < A 7 DES . 3 - *",
=* > *       , B) DES .2( - : I3 H:, 3 7 -7 O + H ! ( D H: I (
                          . 3 $:( 7 O + , + )                7    3
  D b( D 3 $:( ? ( J +                  < , + + DES - & J 5
 3 - +< *          B:7    `7 DES , 3 f . 3 - G '        h ) K * K
- I3     - I3 G ' . + * - I3              % m        ) `7 -&
                        . M5 -, " + ) - & e +           -7 H) -/
!           $:(     ( +           , 2(    Triple-DES DDES    ! + 7     5 :Triple-DES .
        (     $:        *", ( +            }-7 M5 }+      b* `7 b"Y )DES
    *        7 O -, " + )     7A             3 - DES ! :7 < * 3DES .2( 3
                                                                    .2( ,
+ - H M*C + -                    U NIST DDES *"        3           %   ~( C    :AES .
    :U M*C     :( 6*M O 67 .      WV < -:* + )! * 0 + DES - *M O
G            B:7    z C . 3 * (Advanced Encryption Standard(AES))+
                 . 5 -7 H       :( , 3 L 9: Rijndael H K 6* ! , 3 *M,
VW| VuW D-:* Wcd + ) *", ! H K              -:* VW| e " 7 ( D ) ! `7 )
!*          , +! ( B) [ 6: ( + :5               *", 7 ( . 7 - - *:MC -:*
                                                                     . 3 -
! Rijndael . 3 - -I7k"              - & '*: AES B:7         :(Rijndael)AES •
       M -7 ) 7 +           B:7     67 ) . , - + *C -        +) 2(
    , 2 7 B:7        67 L 9: 2" ,            H• NIST ( .2( 3 -
+)         ) H/*S ! - *(            S     D+ U G + U 29( + H/*S
B, gU         ! * - *", [>         ! B:7     67 . , - 0 -            6I
DNIST . , - 2 A           <      ! %            -5 ( D K         %
!               7 B:7         HJ . 7 5    AES   + L 9: 67 :H             Rijndael

                                                    .Twofish Serpent DRC6 DMARS
+     B)      RSA   .    5-     $:( , 2( -             *", B:7    67 :U    RSA :RSA   .a
n=p*q      @*S]          RSA       ( S . - I - < + # + B) +
+ `7 +              K Dm G *C +        + . 3- G' q po ?                        +
i I D c = me (mod n)           6:       *5 D-7 M5 + . ( - e `J , -
  c d = me*d = m(mod n)       A        , -       (S       d = e 1(mod(p 1) * (q 1))
.2( e n 0 3 AU -                *", .2( dDeDqDpDn 0 3 -] _ *", . K - 2(
         . 3 - n 7' !                (e! di I         ( S , 2 7 5 " 0IM
      2*       ( 3 10300 -5           7 K) 3 2* VwWa ! :5              7 *", 7 (
  . , - 6* ) `7 +                 2* 2* Wwa| 7 ( -7 ) *", . , 6*                 g
 *"       %      7 ( D 7 - 7RC b*(K RSA Do                         7'       2U M*C
(padding 7)- U ! b( + H7! ( *C .2( 3 : 3 * q + ) 5
RSA . 7      2          6: - # : ( ! $:(                  % !        7 -       $:(
. 3 - 7RC b*(K /                 U 29( %            - 9:     ( 6: %
   &      3 I3K + ) :, U 6* h ) `J , * + )                         - % 6* h )
                                                                   .       O -1 O
   3      . 3 PKCS         :( -            - U RSA B:7            b( +! ( *C
  : ( 6* h )         - < +# +                +! ( *C S ! -" , . 3 H K .2(
                                                        . ) -       *", +! ( * N
                                  .2( -         *", B:7    67 :U         , B) RSA
    3 M:        I7 K 2 I         (       , 2( -         *", +      B:7    67 :SHA-1 .c
. ,- *        9 ? & :3 ! -:* Vdw +! ( B) 4! B:7         67 .2(
DSHA-256 :7 < + ) 9      3 - 6 -" + , + )             + SHA-1
   ,- *       -:* cVW X|a DWcd +! ( B) + H3! , SHA-512 DSHA-384
                      . 3 - SHA-1 67 7 O 7K      3 - i :(
.2(           3 '7      RSA   M7 !K      , 2( +          +! ( B) B:7      MD5 :MD5    .d
    MD2 - -:* VW| +! ( B) 4!
          .                            9 ? & G *C :3 [ 67
- _ Vuud ? ( .     3 : I3     , B) 3 - MD5 , * r O , Md4
2* =M, 67 J 5 . 7 5 =M, Hans Dobbertin ( MD5 +! ( MU [
+       3- L S            M) `7             D ) -        < / m              MD5

                                        . 3 - *]         7 O+)                 ,

                                                               C      0         0 < E }d
                                                0G       #>    QE0           0 <= I#     }v
. 3-       $:(    *   2 :7        , 2( -: ] ^7 _ + 3           Kerberos :Kerberos   .V
    7   -      $:( 5 ,/ , +           ! Kerberos .2( 3 G ' MIT           y C 67
. ) - G'            * } } * 2 ] ^7 _ + O                (} } , 2 ] ^7 _
  I*1 O 3 - -] _ *", +y I +                     2 ] ^7 _ 2* ? 67
+            * ) , 2 * -" .                 -] _ *", D I 3 +               * )
-1 O         : 0 < 6         * `7 67      D        H * 7 ( -] _ *", I 3
Key ) *", [7!        ,    K        -      H *       ) + ) *", ) I 3 +
D 3 - online + 7 O          I* ! 2 67 . 7 5 - (Distribution Center (KDC)
     ]      ) *", . 3 + I*C 7 D -] _ *",                   7 O        KDC      AU
                                     . 5 - ' O + 7 6 ^7 & 7 -I7 *U
Authentication ) 2 ] ^7 _       ( K D         -"] I"         KDC/Kerberos      (
  '7 0        . 7 5 - (Ticket-Granting Server(TGS)) *" /        ( (server(AS)
- 07N . 3            (+ ,               ,+ ,            6* 2 ] ^7 _ 2 M
                                                                            : 3
-      < (AS) Kerberos ( [             - _ (client) , + ,                  •

. 7 -            , 2( - , ) , , 7 - 2 ] ^7 _ : AS . 7
2 M *",) 7 - '7 login 2 M +                    -$9 *", , + AS jn(
- TGS              , 2 S] ! O     ,      , (TGT) *" r / *" `7 (TGS
- G'             2 ] ^7 _ "        67           + S          ? & *" . )
                                                                        . 3
    K 2(       + ,             ( *",     7 - < P            TGS        , •
   TGS        ,. 7       < ) - ,- 7 (                 -_         - 67
+ ,             2 M *", TGS . , - < P                 TGT TGS 2 M *",

         ( -$9 *", ! + 3 +               0I3 (Application Session Key(ASK))
?( I3+               + 7 0I3       h*) -$9 *", 67 . ) - ~( C + ,
                                                                  . 5-
       2*)          - 2(        2 ] ^7 _ 4        , B) , •
  *", D+ ,           2 M *", DKerberos *" ` , + ,           (
   + ,              (. 7    f    3+        + ,       ( -] _
67 . ) - ~( C , 4               2 ] ^7 _ + -H M +            %&
DFTP DTelnet %p ) . 7 -) 67! YK       j7 ( + > A  -      , D /A
                                                     (... HTTP
                                                               : Digital Substitution .
-7     *", ^U     K   6* h ) ,) Diffie-Hellman *", ^U 0I C :Diffie-Hellman .X
 I 67      , 0I C . 3 '7 Vuvd ? (                 Hellman   Diffie    ( ( 7 5-
-$9 *", -" < ?      6    :( +                       -] _ *", `7 , ) -
                                                                        . 7 ?
   ) (           : )-           : C 67 .2(           g p - : *( : C          0I C
 ,) g : C 2( ?                   `7 p : C . 3 -          $:( B: *( +              ,
+ :2(              07N -5k7 ,D 3 - p ! : ,              )( 7 5 -           K b"Y
              . n = g mod p ,
                     k
                                          O + S g! k          D p-1 V 6* n        )
^U 0I C ! $:( -, :M -$9 *", +                             ) - B A *,mU
-U _ 4! A : : , - 0 b* 67 H K . 7 ^U Diffie-Hellman *",
           ' ! b a. ,- *                     b -] _ -U _ 4! B a -] _

g p+) : C!              $:(           -      + H3! H K jn( .         3 L 9: @*S]
4! g a mod p D A -                 4! . 7 - 8 9:( H K -] _ + H3!
   . 7 - ?                    -      + H3! jn( H K. 3 - g b mod p DB -
. 7 - ( S g ba = ( g a )b mod p 4! B g ab = ( g b ) a mod p 4! A 7 C
            .         k -$9 -] _         *", , B) B A D g ab = g ba = k , ' K !
 , 7 - m U B:7                 . 3 - : 5 B:7           "x        :     0I C 2*
 g a mod p -         4!          6:3 k = g ab mod p e :M -] _ *", ( S
6I *Y - ( S g ! 3 o 27 $, < p ?                                    I* ) g b mod p
B:7       (S ?           Diffie-Hellman 0I C 6: I3 ,        , - m U Maurer .2(
                                                    .2( q          *> U ^ & : 5
          . 3 - 7RC b*(K *                  <% "           Diffie-Hellman *", ?

   : 7 } } : 7 0I C 7 3 2 ] ^7 _ Diffie-Hellman *", ^U 0I C
Diffie- 0I C +              *         <% "        !     + (Station-to-station(STS))
2 ] ^7 _ + L                ! O - 7 . 3 '7 VuuW ? (         Hellman

   . 3 - '7 -       *",    *) 5 - < + # ! $:(         7 I7    3
2$O `7 ) B A L          D0I C + O ! 0 < . 3 - 07N . 3 -"] 7
+ O -& . K - 2(              -    *", + +      *) 5 -] _ /-
-       4! , D 7 -        ( S q + H *C +           -7 # A D0I C
   < ! ) C J 5 . 7 - 0 b* 6* )         * B . ) - T3 C g a mod p
 *", -( :(           )#        - D2( B A 6* + H *C         ,45
      <% "          :U 7 4 : 5 0I C 67        7 0 O B A -] _
                                                     .2( G A *
Vuuw 07       .2( -          *", +        +)        67       , C ! -I7 PGP : PGP .a
+ )client ! + *          plug-in           PGP      3 '7 Philip Zimmermman (
-I* :I 2 C + H *C +                  7 # + PGP . 3 - O -I* :I 2 C
MD5 7 SHA B:7               U G DPGP 9            : . - I i               *", `7
 7 RSA ! +              + IDEA 7 3DES DCAST ! DG *C +! ( B)             (S +
                  . 7 -         $:( - < + #          *", ? + DSS/Diffie-Hellman
. 7 •*        *", 2$O `7 7           , D 5 - b_ 6*: 9 + PGP I* )
   -] _ *", . 3                    )          - , -           *",           *", `7
      ) -        , ,       )          ", 67 . 3 - 2gU S passphrase `7 ! $:(
                                        . 5        7 D , *C -( :( -] _ *",
      *5 D 3 -           _ [ ( ‚ :(              PGP -$9 *", (         3 # G *C
D? p 67       . 3 -            $:      , ?(        :( U h K G *C , 2( 6x /
     :( U -        *", !      *5 . 7 - #              -] _ *",        G *C :( U
i K+                 *5 *", 9 ! -              *", . 7 -       $:( # - 7! +
     :( U -       *",      *5 I* ] . 3 - 8 9:(                 :( U -I* :I 2 C
                                                .2 * - 7! 0 < # D 3 :3
07 U , 7! , - +                jn( 7 -              MU 07 U : PGP D+           +
    . 3 MU           -      7      ) - 2( ! +              ! jC       -U _ 2
   G *C - < +            + 2 M *", ? + -                      *", + H3 D        67
-I* :I 2 C i K                 67      . - I -] _ *", +                  ! $:(
       - G *C `7 [<       . 3 -         :( U T9 -            *", + 5 3           *5
2( ! *          h K 7! D 3 - :5              * G *C       3 :( U      *5 67 J
DG *C 2U 7 G ) .2( 3 +                 *5 -  *", , 2( 2 M *",
   G *C 7 8 9:( 2 M *",              , $:(  -] _ *", ! 7        *5
                                              . 7 -7 M5 -:(
PKC   SKC B*) $ , 2( +     5 +       B: *( H PGP , 2( ,N G!Q
          PGP    6*: 9 + Zimmerman I* ) . 7 - b*,          7 I7
. 7     $:( G *C 0, +    + RSA ! , 2( - D          - & Vu|w )
+        + SKC 7 ! 67        D 6*7 C RSA +       ! K + H *3 -7 ,
                          .     $:( SKC *", +       + PKC ! G *C
+ 2 :7 +          0A:   6      &      '7 +    Netscape   (   SSL   0I C :SSL .c
handshake   -& X.509         *) 5 RSA ! SSL . 7 5 '7 HTTP J -7 H"I C
`7 +         jn( ( Client .             $:( ( 2 ] ^7 _ + :U I 67! YK
-:* aw *", ? & RC4 RC2 ! SSL V2 . 7 - ^U                  7 I7 +       + 3
Vd| *", 3DES D-:* VW| *", RC4 DES ! SSL V3 7 - - *:MC
! -         J 5 . 7 - - *:MC SHA-1 MD5 ` , G *C +! ( ` )                -:*
 . 3 - SSL v3 +           $:( 67 :M* D 3 - $:( ! ) SSL v2 + H7! ( *C
G       + 7 0I C IETF ! K !               3 : 3 - : I3 SSL v3 DVuuv ? (
2(         4 : 5 SSL DTLS .           '7 D2( 3       . 3 RFC 2246     , TLS
   Diffie-Hellman *", ?          D 7 - - *:MC + U > +              +) 3!
                                                              .DSS - < + #
                                               : 3 - 07N . 3 TLS G *C ?
SSL/TLS (         , HTTP + ) ( https:// 0I C          3 \9M + )URL •
        (      TCP ? _ , , - - ( Client . 3 - 27 ) D              36
  , ClientHello G *C ? (       - ? _ Client . 7       < aaX       C+
   Dclient (        3 - *:MC SSL 9            67 Q D2 M ( 3 0 3
    <      ( 2( 3 - *:MC +! ( MU +                     + ) 3 ! -: *
                                                               . 7 -
- -(D 3             ( cache ! ) 5         7 - S:         2 M ID D ( •
   M : 3 2 M ID 5 . 7               <      ' client  -" < 2 M , ,
ServerHello G *C -7 9( C 6 2 M + <                  handshake    (D 3
  :U I SSL 9           D 7 - I 2 M ID DServerHello . ) - ~( C
   (       3 - *:MC SSL 9 67 Q ,) 7 - * ? _ 67 +
+! (     MU +          :    J!  , - \9M D( 3 -               ( client
                                      .2( 3 $:( ? _ 67 +
 H K D 7 ? ( 2( 6I         ( ,            O * 9 + H *C +                •

                                                           y:!
67 . 7 - 0          ( X.509 -       *",      *) 5 , : *) 5 o
? -"I3 % < ( client I K                 5 - ? ( M* ) G *C
                                        . 3       G'       *",
G *C I* ! 7 - 0          -$9 *", `7 , :ServerKeyExchange o
                  . 7 0            _A 67 + -U ,             (
  I ) 7 ( K client       *) 5 2(         + :CertificateRequest o
               .2( 3 G ' client 2 ] ^7 _ I*1 O             -
? 0I C              T9 ( , , - * :ServerHelloDone o
                                            .2(     G ' *",
              : ) - ~( C 9 + H *C ! + ( `7                , B) Client   •

  ( I* ) 2( client -            *",      *) 5 0 3 :Certificate o
                                           .2( 3 > A (
+        + 3     , -] _ *", b"Y , :ClientKeyExchange o
                       . , - 0 D - I -] _ *",
 5 D - I client       *) 5 I3K - 7! + :CertificateVerify o
                              . 7 2 ] ^7 _ client (
   * +      4        - **Z 2(            -5k7 **Z 0I C 0 3 TLS          •

! $:(       , 2( ChangeCipherSpec + H G *C 0 3 0I C 67 . 7
G *C . 5 - +! ( MU +             D-" U +! ( MU +               +) 3
                   . 5- ?(           ( client ( ChangeCipherSpec
 , 7     *,      5 - ? ( ChangeCipherSpec G *C ! jC Finished G *C       •

                      .2(       ^U 2 ] ^7 _           *", ? 0
                                                             E     G          P 9 }|
. 7    - ^7 _       , 2*)    , 2( - ! ( D+             :(PKI)    9=+ #45 "D     G }u
  U G ` , Q            I7 . ) -     ,   -     + ) *", ? _ I 6* h ) PKI
+ ) *",. 3 - G '       3 [7! + H/*S   ) U G 7(       ) +,     *S `7
                                           . 3 - )       *) 5 b"Y -
  H:7 O    7 ( D , - 0_: H:7 O         -                       + ) *", D-          *", 2 ( 7!
27 7 +     !*     + H 7 ( D 7 - 7!      -                          *", Q _          7 -         <
                                   . 7 -                     '7        3 [7! B: *( ) *",
- 3 [7!       *S   !*       %& [7! 2gU S                            -:* + H7           -", l )
     G < . 3 =":9 + H ! =":9 P A                               H( [ D             , I*1 O D 3
 *", 2 ( 7! i *< 0 <   3 [7! + H*5k7 ! -:*                    + )! * 67 -) i K + ! *
B*) G ' -I* :I &           ' , ) -        I                   67 PKI . 7 -           $:( -
                                                                               : , * & 67
 . 3 -       , -) 67! YK < ?                :( U              3 \9M ! C 7 \93 •
                                  .2( g               *5 D , 2U 7 ! C 7 \93 •
                                                         .2( :U 6* !             2* O •
      ! ( , 2( -7 H 7 ( D+                   +y I D U G b*, -                      *", 2 ( 7!
    *) 5 DPKI . 7 - I 3 +                 + ' Q                 &      2* ! 2• $                <
- J nI7 ! ( @/( -:* +                                 )CA D-              *", +         D? :*'7
                                                                                           . 7
G 2 f +) U G D) ( H                      U ? :*'7            *) 5 ] ! ( @/( PKI
? / D 7 ' D27 7 + ! *                   +) D)             *) 5 + :, 7         - J nI7 D         ,
                                . 7 - B) U - *:MC                       +H 7 ( )            *) 5
   PKI , +y       I D2( 3 ^:M -                   *", +           ! -         *", 2 ( 7! y
-         - < + # + HI* I 2MC +y I -                       *", +          .2( 3          K+
                                                      . + U _S + H*5k7 PKI . 3
   9 DRegistration Authority(RA) DCertification Authorities(CA) !            PKI + I"       r O
                                                                 .(archives) ) *3 K D(repository)
 7 -I* :I + H: C , -                  2*) DCA . 3 - - (                   ( :U       M CA `7
! + * + > r O 2 ] ^7 _ . , - *7 D 7 - ? ( 2U 7                                        Q_ 7(
                               . 3 - -: C Q                  " O ! ) - C 6* ? U &
        . 7 2 f CA               , 2*)           5-        : CA ( , 2( -:7 O RA
 $*• . 3 -       CA   B: *( `7 +         ? U ? :*'7 + )          *) 5 +               7 C D7 R
   U + ? :*'7 + )    *) 5 *7  I      ,    , 2( +     '7 9 -"]
+)    , 2U 7 67 . ) - D 7 - 2U 7       3 - < + # + H *C , -7 H '
 . :( U - )CRL      !9 )     *) 5 )CA . 3 - *     : 0 < L DG *C
 *3 K $*• .        -    I     7K + HpS         -5 *( +           , 2( - %&            7 C 9# S
`7 +        - < + # `7 7K I 7 6** +                       -U ,     %& ! 2gU S +! (         * N
                                                         . -      I D 3 : 7 - 7 <          :
 ) ,      ,-   *,       D 7       -       M: 27 O         )+             9=+ #45      #C 93 DCA
   %& D , -           *", - :*'7      *) 5 .2(            b( + )credential D27 O
 D *) 5         ?&D 7 - + H               &     -] _ *", , - 27 O
      - %& 0 3 2( 6I              *) 5 D K     % . 7 - + H                CA - < + #

# `7 . 3 - -             *", ! 3 *] + ) $:(                 - %& 7 D , # L
   7 2U 7        ? :*'7      *) 5    :         < CA      , 2( -:7 O 7 U D ,
                                . 7 - 7! 3 # -I* :I + H *C +                    K 2*)
    *) 5 ! -: * , D 7 4! C M:               Certificate Revocation Lists (CRLs) 7 )CA

 M:          *) 5 , -:7 O          ) ( b"Y 2 * .2( :M5 0& , 2( -7 )
0& D       , -] _ *", 3 B5 f %p 2( 6I )                        *) 5 . 3 - # D
                          .    -        )     *) 5 ? / h97 6* h ) )CRL . 5
-    M:         *) 5        D 7       -      $:(   PKI   ! ,     : ) + U 7 H ! ( PKI 7        5
+)        *) 5 D       K 2(           )      *) 5   ,-             :    PKI r O 7 ( HK . ,
                                          . 7 - 7! D , -               ' H K , H:7 O 7 (
2( -] _ -&              I 3 D(Virtual Private Network(VPN)) +! ' -] _              I 3 `7 :VPN }Vw
-        I 3 `7 +       P    + D=":9      ! ( 7 - n , 67 J D2, 3 `7           ,
!     $:( (2 : 7 %p ) -        I 3 2 ( 7! +      VPN G *C `*U . 3 -        $:(
Service Level   ( , (ISP) j7 (       , *      I3 +         7 D     :( + H"I C
                   . 3 - 2gU S VPN ) j7 ( VPN + :M 6* Agreement(SLA)
2*       -I7 *U 2*     , 3 2gU S I 3 7 -"       I 3 (V :2( T9 0 3 DVPN
2* ) -O            /< 7 I 3 (W D 7 - '7       Q ! 2• $ + -U , -:7 7
- < ( 7             * I 3 client 7        , : 7 6* T K 7 `7              .: ,
^7 _        2( 6I client D 7 - < P          TK 7          , client I* ) . *5
0 < , `7 DVPN ` , . 7 0A:            /<      2 ] ^7 _ j7 ( `7            2]
 7( + , -               2( =7 0 < b( - *:( + ) ! O               3 : 3 :
 , ,- i               , , 2( -"* 67 . , *C -( :( D 3 - i :(                   ,
                                          .2 * < I*          D2( -] _ I 3
    !     ,         !* ,    3+  I*C + &      -                      +)
                                                             VPN Dclient    ! + *
                      . 7    0 `7     ! :M* 2*                + `*U 0, DVPN    ? U
                                                                                     VPN P 9

^7 _ D-         S    '7 + +              tunneling   + H"I C ! 6 + )VPN :.        VPN    •

-       $:( g   -            S - *:( + G *C - J nI7 D :( U 2 ]
6       & D 3 +! (          *C$:( DL 9: -:(        HI* I 67 I* . 7
                                    . 7 - < 6 +) I3+
                                    : 3 - 07N . 3 VPN 6 + H"I C
                                             .IPV6 + O r O :IPsec o
    ,6       + 7 OpenVPN    D I 3 :MC 0, +! ( 0 + SSL :SSL o
                          . - I D2( + > web proxy + h K
 " O !       H:, 3 ! +     ( :PPTP(Point-to-Point Tunneling Protcol) o
                                        .2( 3 '7 2U ( I7
 ,+ '          7 :M +    + 3 27 7 VPN j7 ( o + )ISP ! + *
 1 D 7          '7 VPN ( ) - -            ) -         )VPN -:        2*
                                                                  . ) -
    7    -       $:( +       tunneling   !     : 0 < + )VPN : = + T Q 0 CVPN             •

Multi. 7 -            : `*U ! 2• $ +              I3     , * 2*            K+O
. 3 - ) $:(           : 0 < + )VPN 6: (          + Protocol Label Switching (MPLS)
         :!            D 3 - $:( :               0 < + )VPN + , -7 H"I C 7 (
                        .2( 3 '7 Cisco            ( :L2F(Layer 2 Forwarding) o
                                           L2TP(Layer 2 Tunneling Protocol)      o
                                 L2TPv3(Layer 2 Tunneling Protocol version 3)    o


-       *:MC -7 M5       2*" < +             B: *( DKey Escrow +           B: *( : Key Escrow }VV
q     7 3 D(-: I       7 _: D ! ( `7 7 _: D          ,) ! '  U     ,D 3
, : 0<L           J 7 `7 !    K 2(        %& ` ,         6: -7 M5      I
 I + ) *", M b"Y D - 7! + ) *", . ) - D          -          - 7! + ) *",
  +       + -7 ) *", b"Y I" D 3 -             -7 M5       +      +     :U
 I     - 7! + ) *", 67 ! 2gU S + b"Y Key Escrow y . 3 -          -7 M5
     . - 7! B: *( D *", backup D *", *3 K :!      :U I + ) y 7 ( . -
rO (      -A/       g !   Escrow   +          B: *( :Key Escrow 0                 8 I# U $           :
                                                                 : 3 - B* A -"]
+ U G           7 + U 29( :( USC :(User Security Component(USC)) , 2* r O .V
- - *:MC key escrow [ !       , - '7            -7 M5     +        + H:*" < , 2(
Data Recovery ) 3 +                 - 7! "*U ? _          I 7 2( 6I USC . 7
                 . 3 ?   *", [7! G * I ! -M9 2( 6I DRF . ) G ' (Field(DRF)
- 0 Key Escow 5 ,         , r O 67 :(Key Escrow Component(KEC)) Key Escrow r O .W
6I r O 67 . 7 - 27 7               - 7! + ) *", ! $:(         M: D+! ( * N D 7
      . 3 *", 27 7 2 ( 7! ! -1 O 7 -          *",    *) 5 27 7 B: *( ! -1 O 2(
+)       D H"I C D H :7 0 3 r O 67 :(Data Recovery Component(DRC))    - 7! r O .X
 (      3 *       DRF       %& %          6: ! ( 6:            K 2( + ! *       ,
                                . 3 - ? U        - 7! G ' + r O 67 . 3 - KEC


 ) - G'         -         7      - -7 M5         +           )      USC   :       5 "#   U $         :
       : 3 - \9M 07N + H*5k7                 ( r O 67 . 7        - - *:MC           - 7! ! C ! ,
- - *:MC 07N                  7 `7 !   USC   :(Application Domain) 0          5                      :
                                                                                               : 7
-    &     s        7(
                    D-I* :I 2 C D- $" + H( 0 3 &          s 67 : &   .V
                             . 3 - $:( - < [O        ( j y -7 M5 . 3
-    -      r *3 7 ( +      + H"7 U D 3 +! ( * N + )   : 3 * N+)     .W
  $:( 7           7 3 B5 + ) *", - 7! +            ( 7 j y -7 M5 . 3
G' 5        :( 2S *n , + H"7 U -7 M5 + - < [O          7 _: ( 7 D 3 -
                                                                 . 3-


         : 3 -            escrowed     +         07N + H*5k7 :      0              8 9 %             :
                     .    R5 - *f        UG    ] 2*" < + I"      :+ I"         G .V
                                        . R5 - *f     ] 2*" < * -5k7 67 : *", ? & .W
 A & *Y 5 . 3            3+       A & *Y 7 3 +    A & 2( 6I B:7     `7 :+     A & .X
                                                        .    ) -     D 3 3+
                                               0G        #DV 0 C #45 E C                 :
  : 7 - * ND       - I j y -7 M5 + , j y + ) *", ) ( 3 DUSC
 ( 3 D ) *", + -7 ) ( 3 DUSC 7 , + ) ( 3 0 3 ) ( 3 : ) ( 3 .V
                                . 3 - escrow 5 , 7 KEC + -7 )
+ ) *", D ,   ^" : + ) *", DUSC     _S + ) *", 0 3 H 7 : ) *", .W
7 -          - ) *", . 3 - D 3 -       $:( KEC ( , - : *(
                                                   . 3 -] _


                                                               G * # ) E 4#W ;           :
 *",    J 7 `7   K *",  6:           7   USC   D     5- +       K *", (           I* )
          . , - 0_: 3 +                              - 7! "*U b"Y D 7 0_:          - 7!


                                                         (interoperability) 0 )=C X      :
+ I )D           ,- 0   -       , -7 )USC          , 3   3-    & + & 2( 6I        USC   `7
                                                                                      . 7


                                                                       0G     #> ,       :
Q           U 29( . 3 +! (     *C H K ! - *, 7 D U G D U 29( 2( 6I USC `7
                                         . 3 - UG      2   : , + 7RC b*(K 6


                                    (Key Escrow Component(KEC)) Key Escrow U $           :
    )        1          - 7! r O    ` ,        - 7! + ) *", +! ( * N ? x KEC
                                   :2( 07N r O 0 3 r O 67 . 3 - ! *   +H 7 (


                                                     #45 "     "D       G   Y            :
( *", [7!        , %p ) H   *", 2 ( 7!      -        , 2( *", 27 7 2 ( 7! ! -1 O KEC
                                                               . 3 -    *", 2 ( 7! 7


                                                              Escrow   0C   3 5          :
 H K . 3 - KEC I" ? x D 7 5 - *        : 0 <L    HK    , Escrow + ) 5 ,
         7   5 2 f D 7 - t ) ) H K I" , Key Escrow ,        ( 2( 6I
- \9M 07N + H*5k7 "*( Escrow + ) 5 , . 7 0 DRC 7 USC + - _ /A
                                                                       : 3
-] _ T9 7 2 I          -7 H:7 O 2( 6I Escrow + ) 5 , : ) 5 , s .V
                                                              . 3
                                .2( 0S G 6** 0 3 I 7 :27 ) 6** .W
       . 3 - \9M 4 I" 2 ( Escrow 5 , 0S          67 :-( :( 2*" < .X
! b(        $:( 7 D 3 B5 D *9        KEC 2gU S  S        67 :2*       .a
                                         . 7 - s O Escrow + ) *",
-       - 7! ! [ , 2( escrow 5 , 27 ) 6** 0 3      67 :accountability .c
             . 7 - M: ! ' *Y 7 3 2S 7 ! ' *Y L         ) *", 7 3


                                                           G 0 C #45          :
- 0_: escrowed    - 7! + ) *",      3+          +)             ) Descrowed +
07N + H*5k7    - 7! + ) *",. ! ( - ? U         +          + ) *", - *:( , 3
                                                                      : 3 - \9M
                                                  :0 3 ) 7 5 : ) *", +       .V
+ ) *", D I 3 + ) *", D2 M + ) *", 0 3 67 :           +       + ) *", •
          . 7 [7! escrow D *     ) *",      - *", [7! , .2( 07 U
                        . 3 - :I7 USC `7 + H 7 :? _S + ) *", •
   '7 + , : ) -] _ /-            + ) *", 2$O H 7 Q       : , + ) *", •
  *", CA         2( 6I KEC . 3 -             $:(      +       + ) *",
  . 7 - M:        ,-       *", +    +      *) 5 , , 0        ,-
    $:( USC 67 J (         3 - 0_: KEC ) *", 67 :master + ) *", •
                                                            . 5-
r O ) D 3 : I3 r O 67 J 2( 6I                    - 7! *", `7 : ) *", 6: I3 .W
n     ) 67       3 : I3 2( 6I ) *", . 5 + H + 5 O 5 , (
27 $, 5 , n ! 5 , k ) 7 D 3 ! *                *", `7 - 7! + escrow 5 ,
                                         . 3 ) 5 , 0,         n I*1 O – 7
- *, 7 USC DKEC ( 2( 6I ) *", . 7 - [7!             *    ) *", - , J .X
+ 3 ( 2( 6I ) *", D 5 * USC ( 5 . 3 $:(                       * HK !
r O     :       - escrow 5 , 67         5 escrow : I3 -$9 *", e :3
                                     . 7 - 7! -"] *", 6:           H
 7 D? _S 7 B: *( -) 67! YK D? _S * -& 2( 6I ) *", :escrow ! .a
      - -] _ *", D 5 escrow , -] _ *", 5 . 5 escrow D , 2 f
`7 . 3 escrow D 5 - M:         *) 5      - PKI        -      *", I* !
 # -        *",   *) 5      ,     AU     3+      +)     2( 6I USC
                                . :( $ 3 f escrow + ) 5 , (          3
  **Z     - 7! + ) *", , ) -          I 67 H : *( ! - : *", - ( !      .c
                           . *5 G ' > A +         - H* ( ! 67 . 7


                                           % #L       #C 93 E N #L 0 Z }VW
D        G 0 3      3 - M: CA `7 ( , 2( - :*'7         : D? :*'7       *) 5
    *", 2 ( 7! ? :*'7 + )   *) 5 . 3 - K r #A ~7     -      *", D? 7 (    3
                 . 7 2U 7 ? (      3+       6 + H *C     3 - $:( -
       , # 7 G *C :( U 2*)    7 -     $:( -      *", 2 ( 7! ! D? :*'7 r #
                                                        . 7 - 7!        :

                                                  (Trust Models) = + 0 <%   }VX
  G *C   -     S D-] _ *", +   I*      .   !*   :     +        ! 6      $:(
 ,       :               - 6*
                 H K ! `*h*) D 7     2* O +! ( B) + ) , 7 - 6*
. R        e :3 B)        *", `7 7 B A D-] _ *", +
                          -] _                                     . 7 -
- ,         )B ,      -  D  JA 0     -$9 *", [7! 0IM -          *", +
A D )      - B      K   /--] _   *", B , 0* 67      AU . 7 -          , 2(
                            .2( B , , - ) g -)            U ,       -      J
?     (. 3-   $:( 5 5 +         +) 3       ,      O - $: +            +H
                                                            :!            :
 *", +        ' G , ) , D 3 - '7 PGP          , ( ,+ : I3 •
                                         .    -        : 0 <-
      . 7 - $:( : 0 < G ( \93 ! , -] _ *", [7! + 3 DKerberos •
-         7 I7 2 ] ^7 _       I G ( \93 q 93 ! +             '        , D)        *) 5      •

                                                                                   . )
    : 5    &      , 2( -] _ -I* :I 2 C + 3 DPGP :PGP                  =+     )F         .
`7 DPGP      , `7 .2( 3 -                *", + ) : +               3-    $:(
. -         4 3 : 3               : 0 <-        + ) *", ) ! -"S *", 9
                    . 7 - 6*        : I 3 ! $:(             *", : 2*" < ,
  7 -I* :I 2 C B !                 - A D 3 :3 ! * B -               *", A 5
2( 6I          ( 67 . 7 + R5         : 0 < ( `7 !            *", 7 7 2(
 *", [<      . 3 D        +     4    B , -:7 ( 7       3 : 3 PGP *", 9
 , ,          , 2(        K A . 3 * N - $: + H"S            2( 6I B -
                                                        .2( : B -         *",
   *", , ) -                -       B-        *", , 7 - H• C D * , m U
 , 2 7 L O „2( : B *", ! C 9                     ,       -       JA. ) A
! 4 9          , - IU , 7           H• C 7           : C A 5 ." - : "
? A:           :        7     : *", K 2( 6I A K D2( : B *",
        67 D 7         : D C 3 :3            B *", ! -n, D 5 . 3 -        7RC
                                        . 7 -         : D A ,2 *          67
.2( A      : % , K 6**            S 7         : , - , ) A , 2 7 :I
    ] ) .              K + B) -"I C {*)        7 -         H• + *J {*) PGP
b( -             *", , 2( 7RC I - ! -              *", +        +# +
                                                         . 3      , *", 9
2 :7 +         e :M       &           , 2( -: ] ^7 _ + 3     Kerberos :Kerberos     .
                          -       I    + (/client +    Kerberos   .   5-      $:(
[*(       $:( +     )CA       )        *) 5 : CCA E   9=+ #45 0 C            #C 93 .
 I*      . 3 - + > `* :I            ' + , +)          + +
D 7 0       ‚ U %IM         - -$9 *", -        *", +      ! - *,
       , *      + :M 6* 7 , + :               - -7 H       +
  *", , 7 - 6**           J   *5 . 7 0      3    O `* :I        '
4 -        *", !    :( U ,   -      J  *5 .2(    :( U ^" : -
- ! J-           *", „ 7 -    $:( 3 2 ] ^7 _ , +! ' ] A +
       „ 5- ?/           J 3 B5 7 *9      ]   *", `7 „ 3 - -#A
   , D         `7      *) 5 .2( I3K            ) +         *) 5 `7 + 7 C G H$
-U B*: ) K G '             ! ' , + , D 7 - -U                      7           D+ :
- \9M               / +         *) 5 , -:7 O          D +               ~7 D , -
                                                                                  . ,
+ 7 C I" . 3 - - :*'7                     : )       *) 5 D-I* :I Q +
                                                                :! 2             *) 5
27 O 7 2* < D ! ( `7 D U `7                   -       *", `7 :27 ) 6**           •

                                                        . , - 0_: 7
D ) G' K +                    -      *) 5         , -          : *: L : •
                                                            . , - \9M
- +                -     S +        2 M *", %p ) -$9              S       %& •
                                                                       (. 7
    3 D *) 5          , ] G Dr #A ~7 DG D-                *", 0 3         *) 5 Q
+ # D2(          *) 5 ! $:( S 7/ M: S                       , -:( *( 5 ) D? 7 (
                                   .2(      %& 7 ( D *) 5               , M: - <
ITU-T Recommendation      ( , 2( +           *) 5 D 3 :U 7RC          *) 5 67 :U
! ,+ ,                )     3-      $:( * ( ( X.509 .2( 3 -U X.509
                      . R e :3           )     *) 5       - D 7 - + *C X.509
      - D , - M:             )    *) 5 , - yK )            3 - -             + ) *", ! 9 )CA
!      *", K 7       :( U D ! *        *5 `7 -        *",         :( U `7 , -:< . 3 CA `7
`7 ! 3 M: + )               *) 5     *5      :( U I* ]             3 67 . 7 2U 7         *5 CA
CA           -       J :( U K D 3 CA `7 !                   ) 5 .2( ( D 3 :3                CA

6* h ) )CA . 3 - HM , 7! D : ) : 0 < )CA ! - „ 7                                       : -O
+ > A -O CA `7 !               , `7 5 67         . 7 -           < )CA 7 ( + : P
-        ,      : *' ! , -7 )CA ! -: * , , > A 2( 6I                              ,D 7      %&
                                                                             . 7 g %        !(
- H K 27 ) 6** + ) 7              H:( *( D       g % )CA             7 , -"] + H*5k7 ! -I7
27 ) CA D :( U - CA             -       *",     ,- *          *", 2$O `7 , I* ) . 3
   K g            :( U ! > A I 7 !        * & + G!Q 0               ) D ,- ?:,             :( U
-$":9 + H3                   - $: 27 ) 6** + H:( *( =":9 + )CA . , - -& D2(
Certification ! -1 O , 2( +           ! -I7 D27 ) - 7! . 5 -                :     7 + )CA (
?/    S DCA ( -      *", ! 2gU S S .2( CA + H:( *( Practive Statement(CPS)
     .2( CPS    7 ! CA ( -] _ *", 2gU S S D 3 *9               B5 + ) *",


                                                    (Steganography) 0     7<    ;


.2‡( + ‡  )       %& b < G *C `7 O   ,-$9 H†* † H3 +        H
 ‡ + ‡ H + )4 .2(       H !      -7  ) O 6:3       7 < + )4
                              . 3 B* A 7 _    ] D : + :( (



                                        0          W (     + 0C         5 #%9   X
. 7 - * +            +)            $:( +      -U _        D-U _ 3         +)
- I +! (        +H ! - 7           + H/*S :M*         ,-      -U _        +)
   : )      -U _ + H K) . 3 - b( +                    +)            $:( + D
                                         (. 3 -       I3 + H*7 M*C          G A
- -7 M*C 0 < , : ) -U _ - < -I7 *U [ +                 -U _        D2 67 :H
+     `7 ! 4! B, + H:* D + ) * :( `7 ! 7 0 3 2( 6I [ 67 . 3
[ !      K 2( 7 . 3         , `7 *",       > 7 :( + ) $< 6* + ) "] U 7 D ]
P      7 2*      K 2* )      3 - ]% +            +! ( B) [       ( jn( D-I7 *U
2* )        - I         -U _ + (2* ) 67 J) Do             9:( `7 b"Y . 3 :3
    . 3- : +             + < 4 `7        9:( 7 2* ) 7 +            2* ) 9:(
. 3 $:( 7 -U _ 3              D 3 - + :(          - < -I7 *U      -U _ I* )
2( L "/ Q      . ) - +        g     ) + ) *n , b"Y D 2( L "/              7 3 67
 S$] + ) $< 7 D I 3 K D[ l _          K D :( * ! %p D 7K 2( -/*S 7 ,
      3 - * T*C 0 < *Y -O         5 )M        5)+       7       , 2 7 :I . *",
                                                    . ) +      g     ) + ) *n ,
- -U _ 3 , ("seed 4! ")          -5     9:( b"Y +         -U _ 3          +)
L :O + +          +! ( B) [ !        + *:           9:( ! )      6:U 5 H:* . 3
                                            . 7K - 2( 9:( + :S +! ( I3K !
D 3 -     3 D 3 - & -:(      5 D+ < +        -U _       +)    6: ( J 5
   5 ,    5 *, 7 -U _ 3        +)      2* ) . 3 - :3          7 b"Y H K
                           . 5 - B: *( /A 67 =* > D 7 0 2(               &
    :( . 3 - +      -U _ 3              `7 DCounterpane (    3 * Yarrow
[ 67 . 3 - 3DES +      B:7   +        , 7 - =7          + 7    DAnsi X9.17
   .2( 3 f I7 K 2 I ( FIPS             :( ( D 3 -         $:( : 5 &
 3 =7 FIPS 186    :( D - I DSA -] _ *", * + , -U _ 3 7
 . 3 ^U + K      -U _ 3 + 7 C + H:       )     7 -U _ 3 L          ) .2(


                                )        E0         0 <= I# 0E           ?A=@ P 9     ,
+ HI* I . 3 - b(       *", 6:               3+               &     -7 M5    ) D- I3
                    . 3 - 07N . 3          BH %         !-       .    O -$":9 - I3
"    , 2( -/7 3      "   67 :(ciphertext-only attack)       .     [ W 4=@ .V
0      . , ,    6:       7 AU D    -         G *C + :S        + *J 5
H *C s ! + *      , 7! D 3 ! ( 6:                 -7 Hf    , 2( 6I
     6: j , U * K D`*(%, % ! + *              %p .      2f    ( : (
                 . - I          +)             4 67 D ) - G '
  D 3 - =* >         6: AU %                         +       + H : *(
- *C      + U > + ) *> U     U + H          : *( 67      % 67 -) 5
                             .   -          I D2( + K l S 0 3 ,
6: ! -M9 +          ( 6: 5 "        :      D            .        #4+   4=@ .W
   %& 67 ` ,       6: e " *A jn( . i      - 7      -
 I    +      +     , + *", 6** 2( 6I I 7 . 3 - -7 M5
                                            . *5 G ' :U
- -, "      *"   -/ - I3 D ( 6: % 67       3 : 3 ! -I7
                                                     . 3
    3+       6: !    - : ) 2(           < 5 "   :   R             .    4=@ .X
+   .2( +          :U I *", 6** $*• . K 2( : 3 *",
             . 3 - 6** D - I +      + , + *", D I 7 G '
+)        *"       , 3 -    "    s 67 +       -(      ?p D ) - I3
                                                       . - I -, "
   ( 6: "      DRSA B: *( q _                  D+     + H : *( ! -
2< D    - I H :7    !     7 I*                ) . 3 - 7RC b*(K - 9:
6:      : 5 "       I 7 0I C                 + ,        - & + *
                            .               , *C -( :( 3 +         (
+ H"I C        P     "   67 :(Man-in-the-middle attack)   #      ? QA    4=@ .a
     I*     ) , 2 7 7 . 3 - *", ? + H"I C +                       -&
Diffie- !     $:( %p ) 7 - ? 6 P                +      ) *", DB A DL
B] 9: . )        < -&           +     B A 6*         B] 9: U D(Hellman
        *", ?      D , - =< : D :( U - 7 I7 B A , -7 H *(
 , - $: *",             *", ?     B   A . ) - G' B       A      5 O &
A      , + *",      A ! -&        5 ) B] 9: . ) -              - B] 9:
  G *C +            B      G *C jn( D 7 - -7 M5 D :3 R5 e :3
6 &            , , - IU B A . :( U - D :3 R5 e :3 B , + *",
    . ) - U 4 5 *J ) B] 9: [<                  D 7 - < P B)
 *", +          B: *( ! $:( D *           <% " ! L :O + -
 *", 7 L          ! `7 ) D+!         + .2( ? :*'7 + #            <-
 *", L        D 3 * e :M -$9 *", I 7 ! jC .                 + 7 -
2 I3 *              <% " . :( U - 7 I7              3 - < + # e :M
+ :U I -] _ *",                   T         # 0O         < , 7!      -
                                                            . 3 - #
- 27 $, 0          67 D 3 O - ) *", 6 [7! + -) I* ]
     , 3 - X.509         :U I -) -) 5 b         " "( H) 67 ! -I7 . 7
                                                        . - I IPSeC
D+        B: *( -O         -$9     *", 6* - :      ) :(Correlation)     IF=C .c
 *",           %& D2 67     ( .2( - I3 +      %& -"] [
   !* D      *h*C     . 3 - r MU +   B: *( (    *A: -$9
    %&     +       B: *(       3 )M    %& 6* - : )     /
                                         .   3 ! iR *",
6:        3 : 3 ( 6: D-, " + )        *" -/ %          6I3 %p
B: *( *", + H:* ! -        2 * K . 7 -        /      3 )M
6**        6:      ( 6: 6* - : ) ` ,        D !- i !+
+) 5          3 I       - , 67 .2( ! i -:(            7K , , -
                                                       . - $:
6* Vu|w )               * 3 G H* (       3 -U -"* $7 - I3
.       -    $:( -, " + )    *"     7 ! 0 , &       ,     + "
    *"   ,     -U     -/ - I3 -7 : K ! jC (DES *" \ Q )
     .2( 3 '7 M + ) 7 ! $:( + 7 O %               * .       , DES
+ H : *( ,            - ( ^AS 67 J 2( +            7C- : ) 7
%p . 3 6          f 0 < & - % 6* J               , !      +
  .           / -" $7 - I3      *"       f 0 < 2* Nyberg Knudsen
+ H) :( ! , *      +H (          :   W "R G        \          #4+   4=@ .d
   3 ) • % ! + 7 O A & D 5 - [*(        $:( `J , 07 +
. ) -     <l ) +      B: *( + U 29( + H7! ( *C *A:       ,
%p . 3 - - : ) % -"] 7             *3 *        % 67 -"] 7
        i 2S] jn( D ! - i              *", + H:* ! - 5 "
                   . 7 - - 7! T7 ) * *" - : ) /
+ ) * D :( t * 7 ! ^*<     $:(             3 H M*C " 67 J
  *",   K 2( + ) * 67 ! .radiation + )       D * l_   b(
         . 3 - $:( :( +          3 * N %& s 7 ( 7 -$9
B: *(    +/     :(Faults   in cryptosystems)   0       8 I#     0 C BD .v
    <% . 3 - -$9 *", =M, -: 7 - I3             ' +
  D     ,0     , -7 H :7  ! - =M,      ' +        + H) :(
                    . 3 - M*"      (S     `J , + ) / -U
 /    %          * RSA -] _ *", ?      -     +! ( *C D%p
    ' b(    /A      / 2* `7 '7 , 3           M .2( e IM
                  . 5 I3K -] _ *", b* 67        5?     7'
67    .2( :U I H) :( H :7      ! - *(     S      M +) 7
G A )/         , 3- &+ &+             + H) :( , 2( + >
                                                      . 3
 -7         ! 7'       3 :*C   A :(Quantum Computing) *9 95 ? F !      .|
+ ) *n ,       + * <% D- : , + ) *n , : 5 B:7 B:7
+ ) , ! , 2( A*AS 7 O "*U - : ,                 (S . 3b (- : ,
!         < *     , 3 -          $:( ) *n , 6: ( + - : ,
-f     +! ! ) *n , 67             < . 3 -           ? 7 ( + ) *n ,
D * f -I7 =7 • G ' + O 67             . 3 - -3 - : , + ) ,
      - - : , + ) *n , D ) - G ' ? 7 ( + H *3 ,                  )
+ ) *n ,      ,       O * 67 67           . ) G ' 'I7        HK )
                 . 5 0 ? 7 ( + ) *n , 0 0 < *Y 01 - : ,
+! ( *C      : -      - : , + ) *n , 5 , ) - M shor z7 :
            . 3 - 07    h97         -      *", +        :M*   KD 3
+ H *3 , 7! D 3 -        )       M) - : , + ) *n , -" U 2* >
   2      + :H -7 , - : ,        (S + x .         3 +! ( *C -IJ ,
- ^AS         67 B) [<     7K I 7      D ) - M ? 7 ( + ) *n ,
                                                .2( ! ? ( `7     *C
0* :C 6 P          )   +! ( -$9 7 O + H) [ - : , + H *3
         .2( - : , +          "*U 67 D 3 - 2 I3 0 < *Y 2* 1
  DNA   !    $:(   7   (RSA 6* :9 ! -I7) 6         x :DNA 0            .u
o + ) *n ,               - DNA          + H I" .   K ) *n ,
+ ) *n , +! 2 * & 67 . : ) +!            + O        < , 3 )M
           . ) -    ? 7 ( + ) *n        ,     7A     -7 2 ( DNA
2 ( T7 U , 2 7 -I7 D      O DNA         + ) *n ,     - %IM $( :
+ ) *n , 0     67 .2( ! *                 B' -7       3     ! * -7
-7 + ) *n , 6: ( 6* h ) .               -7 ,       -7 H:7 S DNA
                                                        . 3 -      (


                                          ]E    0C          E <4) E > G     Z   /
+ H :7           : ) H :7   @/( `7  . 7 - 0 =":9 . /(        +
H"I C +Q      D 3 - H"I C H K +Q .-    *", + H :7    -, " A: +
                                                  . : )+ ,+)
 Q @/( + H"I C = > /A `7 , 7! D 7 - 27 $, -7 H           2*     /            H   :7
+ H :7      I7  O      7 6      + ,            -      , +)       7)         (+
? , , + *",       - %& , 2( -"I C ( ? p `7 . 3     6     AJ +                -
L      AJ +    + H :7  I7   O     . , - MU D 7     +         -&              -
 I +        + , + *",    - %& K -7Q 0I C 5 3       6 HK D 3 -                -
                                                  . 7    I3K D -
- +! ( *C H"I C K , + , + )         , 7! 3 - 3 * H"I C * K
+! ( *C I" D2 * -U , L 0I C `7 67  . K- O        + 7 %IM D 7
 . 5 - -U     3 : 3     :( 0I C 67 J 07N .2( ! *      * 6x / L
+ 0I C `7 67 :(Domain Name Server Secyurity(DNSSEC))                     *       E     "#     .V
    .3     RFC 3008     RFC 3007     j7 ( 67 . 3 - 6                3 [7! G + H 7 (
                                                                            .2( 3
Generic Security Services     )     9=+         #       0 <I E     0        5 0C              .W
+      +              *", ?       D2 ] ^7           +      -/(     GSSAPI    :(API(GSSAPI)
@7 M   RFC 2743       B:7     67 . , -      *           $: +       + H : *(            H :7
                                                                                      .2( 3
2( -7 H"I C ! -I7 SSL :Secure Socket Layer (SSL) / Transport Layer Security (TLS) .X
   %& B'       , 'K ! ( 3 -            + 7 ) . - I 6 www Q _ + ,
                                   SHTTP

D2( T7 U         D+ :      ,         3    D 3- ' O2 :7 +           ,i
                                                     .2( :M5 BH www 2*
DVuud ? (     . 7 5 -U          ! 0I C      :(         Netscape (   : SSL
   $ TLS 1.0 ? ) .            **Z TLS   SSL G      7 5 IETF $*• SSL 4 : 5
                               .2( 3     . 3 RFC 3546 TLS . SSL 3.0 - ,
67 :(Secure   Hypertext Transfer Protocol (SHTTP))        .      ^ C .      N         T) E > .a
0<    ! + *     .2( WWW Q + :M* 2*        '7 + + 7 0I C
 * 2* <   SSL/TLS D ! Netscape -5 *J 0*  3 - SSL ! l /
                        .2( 3 =7 RFC 2660 SHTTP . 3 - + <
                                           [F       0 <I E       E )# E )% "I> "#             .c
+ H ( + Zimmermann +PGP h K ! 2( +      :( OpenPGP :OpenPGP                                              •

+ H7! ( *C D 3 07     :( `7   ,    , B) . - G ' + *
                                  .2(    K O        K ! - $:
        .2( OpenPGP  :( ! + 7   5 S/MIME :Secure-MIME(S/MIME)                                            •

67 :(Public      Key Encryption Standard(PKCS))                         9=+     #45 0                             .d
    RSA   !     $:( 6 + H)              :(       3 '7          RSA        2*             M7 !K      )        :(
                                                                                                 . ) -        M
+             :( `7 67 :IEEE P1363: Standard Specifications for Public Key Cryptography .v
+#        +          + -                *", B:7            67 J 0 3 . 3 - -                         *", +
                                                                                                      .2( - <
    , 2( :U 7 4 : 5 B: *( `7 67 :Publius Censor-Resistent Publishing Protocol .|
!+      ' +         - :        ) -       I 67 5                 5 7 ! -) 5
       2*) +          7      7 {*) (V) I7 S          R5 e :3          ) (L
     : (X) D 7 * q        7 `7 ! ,          5 -) 5        : (W) D 7         I3K
      . 5 *9 ) ( L ! + 7! B' I 7                 7 **Z 7           5 lR        :
0I C 67 . 7 5 '7 IETF + , 5 ( SecureShell 0I C W 9 :Secure Shell .u
 I 9 TCP Q _ 6 ? * + H: M 0I C .2( 3 $:( SSH (
                 . 3 - Secre Shell v1 4 O +       Secure Shell v2 0I C .     -
   D 7 - 0 2 : 7 + , 7Q +                   ‚ U + H"I C ) I*             :IPSec .Vw
P 6         I 3 `7 +    6 ? ,+           , ) -          I 67 q + )
RFC      K ! - 3 . 7 6 IP 7Q           2 : 7 , , - - ( IPSec D 7             <
                                                                  .2( K 2401

                                                                                         _9W `@ F 0               Fa 1
                                          (transposition cipher) -MH               `*(%, +                   7    0
                                            (substitution cipher) - M O
                    (Self-synchronizing stream cipher) G   )    + :3                     + :3
                             (Synchronous stream cipher) G     ) + :3
                                              Electronic CodeBook(ECB)            +)
                                             Cipher Block Chaining(CBC)
                                                  Cipher FeedBack(CFB)
                                                                                 + I"        -, "
                                                  Output FeedBack(OFB)
                                                   3DES             DES       ! -7 )
                                                   DESX
                                                                              -, " + )
                                                                    AES
                                                          CAST-128/256
                                                                   IDEA
                                                            RC
                                                      Blowfish
                                                       Twofish
                                                       Camellia
                                                       MISTY1
                                                       Skipjack
                                                           RSA           !   -7 )                 #45) 7         0
                                                Diffie-Hellman
                                                                         +          + H :7                           (   9=+
                                                           DSA
                                                       Elgamal                               A:
                            Elliptic Curve Cryptography(ECC)
                    Public-Key Cryptography Standard (PKCS)
                                                Cramer-Shoup
                               Key Exchange Algorithm(KEA)
                                   randomized         G *C - 7!                 - < +#
                                  deterministic
                                  Randomized          appendix
                                 Deterministic




       One Way Hash Functions (OWHF)          Modification Detection                  *",                  0G   8C       b9
                                              Codes (MDC)
Collision Resistant Hash Function (CRHF)                                         (Unkeyed)
                                              Other applications
                                              Other Applications             (Keyed) *",
                                              Message Authentication
                                              Codes (MAC)
                                                               *", ?         + 7 C + H"I C           0          0 <4) E >
                                                            2 ] ^7 _
                                            *", ?           2 ] ^7 _
                     2 ] ^7 _ ? U * K               *", ?     + H"I C
                                      *",   J-              *", +
                                                  Secret splitting
                                                   Secret sharing
                          Cryptographic protection of databases
                                          Timestamping services               - * + H"I C
                                              Subliminal channel
                                    Undeniable digital signature
                                Designated confirmer signatures
                                                Proxy signatures
                                                Group signatures
                                      Fail-stop digital signatures
                                 Computing with encrypted data
                                                 Bit commitment
                                                   Fair coin flips
                                                    Mental poker
                                          One-way accumulators
                                                      Key escrow
                                          Zero-knowledge proof               :U M*C + H"I C
                               Zero-knowledge proof of identity
                                                 Blind signatures
                         Identity based public key cryptography
                                               Oblivious transfer
                                             Oblivious signatures
                                  Simultaneous contract signing
                                            Digital certified mail
                              Simultaneous exchange of secrets
                                                                                   kerberos                     <G        #>
                                                                                     IPSEC
                                                                                       IKE
                                                                       SSH    ! login 0I C
                                                    TLS SSL




                             d" G # _9W 0 C G9@          cert   ?   D   c 6
     + 7! 2* ) !  %& +          Q       2*      ˆ$ D H"I C H :7 D+
+H 7 ( 7(     %& T7 !K 4! K D H K   "        ! L :O 2* 67 ˆ$ 67     .2(
                                              . 3 - BH * cert (    3 1
                                                                                                  d                D P9 c

           H7! (   *C          H"I C              H :7                         +            +) !
                                                                                                           H 7 (
          e Jf J %                                                                       2 5 E 0 <I E
              =                                                                                       -)       M)
                                                                                               ‰           27 7
              L                                                                                    ‰           * K
                                                                    on-site        ]    ‰              -7 9( C
              Š                                                           ‰            -7 9( C         - ) )
           i Jj J?                                                                  < g> h# S "
                                                                                           H7 7RC b*(K * K
              ‰                                                                    H7 7RC b*(K         -7 9( C
              8                                                    b*(K        -7 9( C                 - ) )
                                                                                                        H7 7RC
                                                                                       9D 0 C 5 "
                                                                                                   +) , * K
                                                                                        +) ,           -7 9( C
                                                                   +) ,            -7 9( C             - ) )


                                                                                         # 2#> 0 <I E
              ‹                                                                                                %
              .                                                                                +y          I
                                                                                            -:*       [<       2f
                                                                   D-:*   +) ! + H    + I*C
                                                                          H: ( 7! + , + )
                                                                                    N $ \*9M + H 7 (
                                                                              2*                      %& M:
                                                                     "#       "#\#5 "              0 <I E
                                                                                                   ` 7 * K
                                                                     - J nI7 e             +       +7
                                                                                               f     ! - 7!
              Π                  Π                Π                                         -:*    M
                                                                                                - ( -) 5K
              8                   8                 8                                                      4! K
                                                                                               Q _S - 7!




+ 7RC b*(K =M, 7 ,+           + H7! (     *C *"          + f          !                ]          : C                2C ( %
                     .   5-   ]        M7 !K (                 "                       , + ) M) , H K +
-&        . ! C - H7! (       *C *"     ) 3     %& T7 !K        j7 ( 67 :j 9@ #% S (f
\9M , f     (    3 '7                 S , 5 - \9M f                 S ,* K ( C
, 3 - \9M f        (      3 '7           !    , 3 - \9M f 2 * & , 5 -
   7 -    $:( ‰       * K z7 : ! cert . 7 - \9M           f      -7 9( C + H)
 J nI7 ‰     2* U cert . 7    '7       :U ‚ $ H : *(        hK * K    ' 67 :" ,
                  . 7 \9M           $ +) M 7 ) ,)             ,6* P       7 -
- ?(     M7 !K   K 3 5 , 3 :( *C s <             H7! ( *C * ! + f          h J
    . 7 8 9:(    % +) M ) ,)                   7      M7 !K 6* h ) . 5 * K    3


     *5     L       6*       !Q + H* ) )      M7 !K :j 9@         9 R >         C =C (e
 "    *5 , + 7 + H:7 ( D "  * <                    !        L     67 . 7 - '7 f
+ K[ O0 3+ I )0 . : ) %        *                   K ` ,          ! * , -7 H:7 ( D : )
        + K + K [ O D M* : + *5                     ! H:7 (         -) 5K D )contact %&
                   . 3 -   %& *                    K ?      I        K B) U D *5 + H:7 (


67 . ) - G '             H7 7RC b*(K -I* I T7 !K     * K    M7 !K : < g> h# S #% S (?
+ + U G + U 29( + 7RC b*(K -I* I T7 !K H7 7RC b*(K - 7! 0 3 j7 (
! $:( D- : , 0 3 * K . 3 - K ! $:( S + 7RC b*(K 0S 6**
+   0IM ' * + 4% 7 D :U ‚ $ + 7RC b*(K , -"S 6** + debugger
                                                 . 3 - -: B: *(


- + 7RC b*(K         + b(        ~( C 6** 0 3 j7 ( 67 : < g> h# S            9 R > (j
 ) M) [7!    '7 D-7 9( C + H7k :(        67 7 (                 , 5K 0 3 j7 ( 67 . 3
. 3 - G ' - O + ) , 7 ( )fix D )patch b_ ‰                      -7 9( C . 3 - )advisory


     I"     !   7        ! ( =":9 r O    M7 !K : < g> h# S         9 R >        C =C (i
e :3 + 7RC b*(K .%] 7     , fix              S       - %& 7 - ["/ + 7RC b*(K !
+! ( *C -:(    + 7RC b*(K -7                9( C +k :( , , - - 7!   M7 !K . R5 -
 ! r # D-I* I 6* ' D )cert 7 (             D 5 , *     P   0 3 j7 ( 67 .2( 3
0 3 H:* U . 3 - D      4 5                 =M, + 7RC b*(K , -7 H) 5 7 U D I"
D        :   M:      !  - ) ) D+ 7RC b*(K 4 5 7 + 7RC b*(K * K 0*H
6* h ) j7 ( 67 . 3 - L      7 ( :U I * K + HI* I b*,     D *Y )patch
- &     -7 9( C + H7k :( H7 7RC b*(K  %& ! -M    7 C '7 0 3 2( 6I
                                                                . 3
- -:*       @7 _            H7 7RC b*(K + ) M) D )N $ + ) M) 0 3 j7 ( 67 :? A+ (k
    , -:*     +)              H7 7RC b*(K           I"   !         % . 3-              K     S    3
                                                               . ) - s%& D              3 =M, 7 O &


         +)             D     5N $ + H:* U D 7 O -I* I + H:U M*C             M7 !K :0M9%9 ) E    (l
6* < 0 3 3 -(       . 7  7K 7 H \*9M ` , 7 - -(            )M
  / 0 3 j7 ( 67 . 3 - 3 7 + H7y I D- :O -( *(        7 H D- <
- 7 O         ? y Q A D-:* + H:7 ( L D-:* -I* :I 2 C + H: *
    +   + ) *] 7 D ) ) D % j7 ( 67 -O . 3 - H:( *( D+y I 3
                                    . 3 -     "         , -:*


67 :H +        ) )             @7 _ *       +        -       M7 !K :          C 3S J    #    E 2 (m
67 , -) M7 !K .    I                  + I" ?
                                     I"         !+ H7! ( *C + -:*           7
H7! ( *C H"I C D H :7            *!    -:* + ) *] @7 _ 7 - 1            j7 (
                                                                   . 7 - 1
+ H*7     )      %& -7 ) * ! J          I" !   , 7 - \9M 6* h ) M7 !K
-:*           ! H K + ) -) 5K H     D I" ! -:* + ) -) 5K T7 U .       ! * :M*
  M7    !K . ) G ' + 6 4            -:* ?     , - ` , HK      I" D ) - T7 U
 7(      H:7 ( L D    D ) :( C D Q A M: + -7 H:* < ?         j7 ( 67 1 +
- 1      P *:       +      -S7 _    ) - . 3 -:*        7 67 :H , - %&
                                                        . ) - < *:        D 7


+       ) )        H(        D-3! K + H) 5 , D ) * ( 1 ! 2                    j7 ( 67 :nG9 S (i
                                                                       .2(       , -:*      T T7 U
+)          D)      - 7!          M7 !K Dj7 ( 67 + : C                 #C 93 E ?o9(!             G (
   )     . ! C - H K -:                 Q _S 2* !   * & + H 7 ( 7 ( 7 D+ ,
                                            . 3 + ' Q _S 7 ! 6:    - Q _S


                                                                                b     E b$             :

[1] http://www.garykessler.net/library/crypto.html
[2] http://www.ssh.com/support/cryptography/
[3] A. Menezez, P. van Oorschot, Handbook of applied cryptography, 1996.
[4] Bruce Scheier, Applied Cryptography, Protocols, Algorithms and source code in C, John Wiley and
Sons, 2001.
[5] http://www.enterasys.com/products/whitepapers/vpn/9011742.html
[6] Virtual Private Networking in Windows 2000: An Overview, Windows server 2003.
[7] Virtual Private Networks, A technology overview.
[8] http://vpn.shmoo.com/vpn/FAQ.html
[9] http://en.wikipedia.org/wiki/Virtual_private_network
[10] D. Richard Kuhn, Vincent C. Hu, Introduction to public key technology and the federal PKI
infrastructure, NIST, 2001.
[11] http://web.mit.edu/kerberos/www/
[12] http://kremlinencrypt.com/algorithms.htm

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:2
posted:2/15/2012
language:Romanian
pages:37