Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 01_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 01_ocred.pdf
- Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 02_ocred.pdf
- Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 06_ocred.pdf
- Chapter 14 - PKI and Certificate Management Concepts PDF
- Certified Cybersecurity Technician Cryptography PDF
- Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 06_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography Module Flow ©...
Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography Module Flow © Discuss O Discuss Cryptographic Various Security Cryptographic Techniques Algorithms Cryptography / I I | Discuss Various Discuss PKI and Discuss Other Hash Functions Certificate Applications of and Cryptography Management Cryptography Tools Concepts Discuss PKI and Certificate Management Mlanagement Concepts This section deals with public key infrastructure (PKI) and the role of each component of PKI, and certification authorities. Module 14 Page 1686 Certified Cybersecurity Technician Copyright © by EC-Council EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Digital Signature e 1 Sender QQO Digital signatures use the asymmetric key algorithms to " fronge the ’;‘:“';:“ e priva.:::::b provide data integrity the message message and and u;::tuvelo signature to N T...........areceiver e Message QO A specific signature function is added to the asymmetric algorithm at the sender’s side to digitally sign the message b| :. and a specific verification function is added to verify the : Sender signature to ensure message integrity at the recipient side —. g QQO The asymmetric algorithms that support these these two functions.4.4 "- are called digital signature algorithms o C= '| Sender selects a publicand public and Q Digitally Dpigitally signing messages slows the performance of during L’{’:::V"‘m"““ the D verification; the hash value of the message is used instead of the message itself for better performance OQ Adigital Adigital signature signature isis created using the created using the hash code ofof the hash code the ""‘""' message, the private key of the sender, and the signature c,,,“,,m,. mm,flw function S Q Itis then verified using the hash code of the message, the m ::';"'::v 'x;:: "«N;'e"f::"fl:z*;:: - e ,w — public key of sender, and the verification function s rends the messege m — provey s Al 4 Digital Signature (Cont’d) a.- N..... g e Private Key Prhme — Message Containingthe Message Containing the Confidential Digital Signature Mesu‘e Message ancd lb(d Py ’mum ‘ |al -.I Confidential Message msmng Kuhh; Hash Code m0010 Hash Code Message Containing the mn"‘Y Mk m Digital Signature Confidential == Confidential muxo mmo ’ ‘ 100 Hash Code ' fid Confidential Message Digital Signature A digital signature is a cryptographic means of authentication. Public-key cryptography uses asymmetric encryption and helps the user to create a digital signature. A specific signature function is added to the asymmetric algorithm at the sender's side to digitally sign the message and a specific verification function is added to verify the signature to Module 14 Page 1687 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography ensure message integrity at the recipient side. The asymmetric algorithms that support these two functions are called digital signature algorithms. Claz : E Private Key e : H Message Containingthe Confidential ¥ v Digital Signature Message » 001011 » E ‘ £ 101110 - Confidential Message I a [ Hashing Hash Code Signature Algorithm | Function Hash Code Figure 14.19: Creating a digital signature at the sender side Class Public Ke Message Containingthe - Y Digital Signature v Confidential = ’ 001011 ‘ Message =~ 101110 ‘ fi.= a 2 Hashing Hash Code Verification Confidential Algorithm Function Message Hash Code Figure 14.20: Verifying a digital signature at the recipient side A hash function is an algorithm which helps users to create and verify digital signatures. This algorithm creates a digital representation, also known as a message fingerprint. This fingerprint has a hash value that is much smaller than the message, but one that is unique. If an attacker changes the message, the hash function will automatically produce a different hash value. In order to verify a digital signature, one requires the hash value of the original message and the hash function used for creating the digital signature. With the help of the public key and the new result, the verifier checks whether the digital signature was created with the related private key and whether the new hash value is the same as the original or not. Digitally signing messages slows the performance of during verification; the hash value of the message is used instead of the message itself for better performance. Module 14 Page 1688 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Sender uses the private key to Private Key "sign" sign" the message and sends M - the message and signature to ‘,w= a receiver Confidential Message —_— Sender 10010010 Hash Code : T= C= | : Sender selects a public and » private key and sends the *: public key to the receiver JUeesssssssnssssnnnnns Public Key Do D> X3B @ Y| Confidential Message Illlllllllllllll) IIIIIIII..IIIIII) H ‘ Receiver verifies the signature - using the public key and then Receiver 10010010 LQI0eSe reads the message Hash Code Figure 14.21: Working of Digital Signature Module 14 Page 1689 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Key Exchange through Digital Envelopes O Digitalen keys and data within Generating a Digital Envelope Extracting the Key from a Digital Envelope. S 3 [ 7| B =5=0... > K5 — - Encryption E’::m::!..... " E,',‘.:v,:‘:: D AL T Random.., secretkey 77.77 Oigital Digital Digtal Digital... e7p etyey secretkey e, pe—— ot envelope envelope 1 e envelope. 00 o Random............ >>[