Last updated:2021-03-15 15:37:45

This document explains concepts related to KCM.

Hypertext Transfer Protocol Secure (HTTPS) is a network transmission protocol. HTTPS uses SSL/TLS to encrypt data packets. HTTPS is intended for network server identity authentication and privacy and integrity protection of exchanged data.

Secure Sockets Layer (SSL), predecessor of Transport Layer Security (TLS), is a protocol that ensures security and data integrity for communication over the Internet. TLS uses X.509 certificates for identity authentication, an asymmetric encryption algorithm for key encryption, and a session key for encryption of data exchanged between the communicating peers. SSL ensures the communication privacy and reliability. It protects the communication between peers against eavesdropping.

SSL certificate
An SSL certificate is used to establish a secure channel between a web browser on a client and a web server. Data transmitted over the channel is encrypted to defend against eavesdropping. A client can also use the server certificate to authenticate the authenticity of the server.

A certificate authority (CA) is an organization that issues and manages digital certificates and acts as the trusted party in e-commerce transactions to validate public keys.

Certificate Signing Request (CSR) is a file that a certificate applicant submits to a certificate authority to apply for a certificate. Specifically, when an applicant creates a certificate request, a private key and a CSR file are generated. After the applicant submits the CSR file to a certificate authority, the certificate authority creates a certificate based on CSR, uses the private key in its root certificate to sign the certificate, and then issues this certificate to the applicant.

Asymmetric Cryptography Algorithm (RSA) is the most popular asymmetric public-key cryptographic algorithm. It can defend against most known password attacks. RSA is recommended by ISO as the public-key cryptographic standard. RSA can be used for both encryption and signing. The security of RSA relies on the practical difficulty of factoring the product of two large prime numbers.

Elliptic Curve Cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Compared with classic algorithms such as DSA and RSA, ECC is securer and faster and uses less storage space and requires less bandwidth.

Security level Symmetric key length (bits) RSA key length (bits) ECC key length (bits)
80 80 1024 160
112 112 2048 224
128 128 3072 256
192 192 7680 384
256 256 15360 512

Did you find the above information helpful?

Mostly Unhelpful
A little helpful
Very helpful

What might be the problems?

Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions


Please give us your feedback.


Thank you for your feedback.