Академический Документы
Профессиональный Документы
Культура Документы
Chapter 7
Learning Objectives
Understand the role encryption plays in
firewall architecture
Know how digital certificates work and
why they are important security tools
Analyze the workings of SSL, PGP, and
other popular encryption schemes
Enable Internet Protocol Security (IPSec)
and identify its protocols and modes
Encryption
Private key
Secret code generated by an algorithm
Never shared with anyone
Public key
Encoded information generated when private
key is processed by the same algorithm
Can be exchanged freely with anyone online
A Public Key Generated by PGP
An Encrypted Communication
Session
Choosing the Size of Keys
Generating Keys
Managing Keys
Manual distribution
Use of a CA
Use of a Key Distribution Center (KDC)
Using a Key Server That Is on
Your Network
Using an Online Key Server
Analyzing Popular Encryption
Schemes
X.509
Perception of trust
PGP
Does not make use of the CA concept
Gives users ability to wipe files from hard disk
(and delete permanently)
Available both in freeware and commercial
versions
X.509 and PGP Compared
SSL
Transport mode
Tunnel mode
Choice depends on type of network and
whether it uses NAT
Transport Mode