Last updated：2021-03-15 15:37:45
This document explains concepts related to KCM.
Hypertext Transfer Protocol Secure (HTTPS) is a network transmission protocol. HTTPS uses SSL/TLS to encrypt data packets. HTTPS is intended for network server identity authentication and privacy and integrity protection of exchanged data.
Secure Sockets Layer (SSL), predecessor of Transport Layer Security (TLS), is a protocol that ensures security and data integrity for communication over the Internet. TLS uses X.509 certificates for identity authentication, an asymmetric encryption algorithm for key encryption, and a session key for encryption of data exchanged between the communicating peers. SSL ensures the communication privacy and reliability. It protects the communication between peers against eavesdropping.
An SSL certificate is used to establish a secure channel between a web browser on a client and a web server. Data transmitted over the channel is encrypted to defend against eavesdropping. A client can also use the server certificate to authenticate the authenticity of the server.
A certificate authority (CA) is an organization that issues and manages digital certificates and acts as the trusted party in e-commerce transactions to validate public keys.
Certificate Signing Request (CSR) is a file that a certificate applicant submits to a certificate authority to apply for a certificate. Specifically, when an applicant creates a certificate request, a private key and a CSR file are generated. After the applicant submits the CSR file to a certificate authority, the certificate authority creates a certificate based on CSR, uses the private key in its root certificate to sign the certificate, and then issues this certificate to the applicant.
Asymmetric Cryptography Algorithm (RSA) is the most popular asymmetric public-key cryptographic algorithm. It can defend against most known password attacks. RSA is recommended by ISO as the public-key cryptographic standard. RSA can be used for both encryption and signing. The security of RSA relies on the practical difficulty of factoring the product of two large prime numbers.
Elliptic Curve Cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Compared with classic algorithms such as DSA and RSA, ECC is securer and faster and uses less storage space and requires less bandwidth.
|Security level||Symmetric key length (bits)||RSA key length (bits)||ECC key length (bits)|
Did you find the above information helpful?
Please give us your feedback.
Thank you for your feedback.