written 8.5 years ago by | modified 2.9 years ago by |
Mumbai University > EXTC > Sem 7 > Data Compression and Encryptiont
Marks: 5 M
Year: Dec 2013
written 8.5 years ago by | modified 2.9 years ago by |
Mumbai University > EXTC > Sem 7 > Data Compression and Encryptiont
Marks: 5 M
Year: Dec 2013
written 8.5 years ago by |
i. The X.509 (ITU recommendation) is a certificate based authentication. X.509 is an important standard because the certificate structure and authentication protocols defined in X.509 are used in variety of contexts.
ii. Each certificate contains the public key of a user and is signed with the private key of a trusted certification authority.
iii. In addition, X.509 defines alternative authentication protocols based on the use of public-key certificates.
iv. X.509 is based on the use of public-key cryptography and digital signatures. The standard does not dictate the use of a specific algorithm but recommends RSA.
v. The digital signature scheme is assumed to require the use of a hash function. Again, the standard does not dictate a specific hash algorithm.
$$\text{Figure 6.3 Public Certificate Generation}$$
vi. The general format of a certificate includes the following elements:
vii. Obtaining User’s Certificate:
User’s certificates generated by a CA have the following characteristics:
viii. Revocation of Certificates:
From the figure above that each certificate includes a period of validity, much like a credit card. Typically, a new certificate is issued just before the expiration of the old one. In addition, it may be desirable on occasion to revoke a certificate before it expires, for one of the following reasons:
ix. Authentication Procedures:
X.509 also includes three alternative authentication procedures that are intended for use across a variety of applications. All these procedures make use of public-key signatures. It is assumed that the two parties know each other’s public key, either by obtaining each other’s certificates from the directory or because the certificate is included in the initial message from each side.
x. One-Way Authentication:
One way authentication involves a single transfer of information from one user (A) to another (B), and establishes the following:
xi. Two-Way Authentication:
In addition to the three elements just listed, two-way authentication establishes the following elements: