Crypto Terms

Aus Xinux Wiki
Version vom 14. November 2018, 20:22 Uhr von Thomas.will (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „Cipher suites Architectural overview A cipher suite is a standardized collection of key exchange algorithms, encryption algorithms (ciphers) and Message authe…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Zur Navigation springen Zur Suche springen

Cipher suites Architectural overview

A cipher suite is a standardized collection of key exchange algorithms, encryption algorithms (ciphers) and Message authentication codes (MAC) algorithm that provides authenticated encryption schemes. It consists of the following components:

  • Key exchange protocol: “An (interactive) key exchange protocol is a method whereby parties who

do not share any secret information can generate a shared, secret key by communicating over a public channel. The main property guaranteed here is that an eavesdropping adversary who sees all the messages sent over the communication line does not learn anything about the resulting secret key.” [KL08] Example: DHE

  • Authentication: The client authenticates the server by its certificate. Optionally the server may

authenticate the client certificate. Example: RSA

  • Cipher: The cipher is used to encrypt the message stream. It also contains the key size and mode

used by the suite. Example: AES256

  • Message authentication code (MAC): A MAC ensures that the message has not been tampered

with (integrity). Examples: SHA256

  • Authenticated Encryption with Associated Data (AEAD): AEAD is a class of authenticated encryption

block-cipher modes which take care of encryption as well as authentication (e.g. GCM, CCM mode). Example: AES256-GCM DHE – RSA – AES256 – SHA256 Figure 3.1.: Composition of a typical cipher string

Abgerufen von „http://wiki.ixheim.de/index.php?title=Crypto_Terms&oldid=17820