Please enable JavaScript.
Coggle requires JavaScript to display documents.
WS-I Basic Security Profile (Algorytmy (Public-key encryption (D(E(m,k2)…
WS-I Basic Security Profile
Algorytmy
Symmetric-key encryption
The sender and receiver need to establish
an algorithm and the key for the algorithm before they can start communicating
securely
The encryption and decryption functions are parameterized by the same key
D(E(m,k),k) = m
How do they
decide on a key securely?
Number of keys
needed by n parties is n2
Public-key encryption
Different keys for
encryption and decryption
D(E(m,k1),k2) = m
One of the keys (k1) is published publicly so that everyone is able to see
it, and the other (k2) is kept private so that only the key’s owner knows it
Number of keys
needed by n parties is n
D(E(m,k2),k1) = m
Signing with sender private key
Public-key
encryption algorithms are too expensive computationally, and can only be
used for small messages
Hybrid encryption
First, since it uses symmetric-key
encryption except for the initial key establishment, it is simple and fast
Second, we do not need to distribute keys to all parties. We only need to publish public keys for server application
Since clients initiate the contact, they only need to generate a random key for symmetric encryption and communicate it using public key of the server application
PKI: A framework for encryption