cnp3-ebook/principles/security — English @ Weblate: A detailed explanation of the ECC cryptosystems is outside the …

Source string Source string

English

A detailed explanation of the ECC cryptosystems is outside the scope of this e-book. A simple introduction may be found on `Andrea Corbellini's blog <http://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/>`_. There have been deployments of ECC recently because ECC schemes usually require shorter keys than RSA and consume less CPU.

Needs editing

Skip

	English	Actions
	Mallory generates a secret integer, :math:`m` and sends :math:`M=g^{m} \mod p` to Bob
	Bob chooses a secret integer and sends :math:`B=g^{b} \mod p` to Mallory
	Mallory computes :math:`S_{A}=A^{m} \mod p` and :math:`S_{B}=B^{m} \mod p`
	Alice computes :math:`S_{A}=M^{a} \mod p` and uses this key to communicate with Mallory (acting as Bob)
	Bob computes :math:`S_{B}=M^{b} \mod p` and uses this key to communicate with Mallory (acting as Alice)
	When Alice sends a message, she encrypts it with :math:`S_{A}`. Mallory decrypts it with :math:`S_{A}` and encrypts the plaintext with :math:`S_{B}`. When Bob receives the message, he can decrypt it by using :math:`S_{B}`.
	To safely use the Diffie-Hellman key exchange, Alice and Bob must use an `authenticated` exchange. Some of the information sent by Alice or Bob must be signed with a public key known by the other user. In practice, it is often important for Alice to authenticate Bob. If Bob has a certificated signed by Ted, the authenticated key exchange could be organized as follows.
	Alice chooses a secret integer : :math:`a` and sends :math:`A= g^{a} \mod p` to Bob
	Bob chooses a secret integer : :math:`b`, computes :math:`B= g^{b} \mod p` and sends :math:`Cert(Bob,Bob_{pub},Ted), E_p(Bob_{priv},B)` to Alice
	Alice checks the signature (with :math:`Bob_{pub}`) and the certificate and computes :math:`S_{A}=B^{a} \mod p`
	Bob computes :math:`S_{B}=A^{b} \mod p`
	This prevents the attack mentioned above since Mallory cannot create a fake certificate and cannot sign a value by using Bob's private key. Given the risk of man-in-the-middle attacks, the Diffie-Hellman key exchange mechanism should never be used without authentication.
	Footnotes
	The wikipedia page on passwords provides many of these references : https://en.wikipedia.org/wiki/Password_strength
	A detailed explanation of the operation of the RSA algorithm is outside the scope of this e-book. Various tutorials such as the `RSA page <https://en.wikipedia.org/wiki/RSA_(cryptosystem)>`_ on wikipedia provide examples and tutorial information.
	A detailed explanation of the ECC cryptosystems is outside the scope of this e-book. A simple introduction may be found on `Andrea Corbellini's blog <http://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/>`_. There have been deployments of ECC recently because ECC schemes usually require shorter keys than RSA and consume less CPU.

Loading…

No matching activity found.

Browse all component changes

Glossary

English	English
No related strings found in the glossary.

String information

Flags

read-only

Source string location

../../principles/security.rst:1024

String age

2 years ago

Source string age

2 years ago

Translation file

locale/pot/principles/security.pot, string 109