1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-1600 - Security Appliance
  6. User manual

D-Link DFL-1600 User Manual page 217

Network security firewall
Hide thumbs Also See for DFL-1600:
Table of Contents

Advertisement

20.2. Introduction to Cryptography
197
Asymmetric Encryption
A pair of keys is used in asymmetric encryption, one called a public key,
which can be available to anyone who wants to use encryption, and the
other, called a private key, that must be kept confidentially and is known
only by the owner.
The two keys are very large prime numbers and mathematically related,
but one can not be used for resolving the other. Anyone can send private
information to a recipient, say A, by encrypting the information using A s
public key. But only A will be able to recover the information by decrypting
the ciphertext using the related private key. Moreover, if some known
information can be correctly recovered by decrypting with A s public key, it
must have been encrypted with A s private key, and therefore by A. This
means that asymmetric algorithms provide proof of origin. RSA and DSA
are the most well-known and most commonly-used asymmetric algorithms.
Compared to symmetric encryption, the much longer keys cause slower
speed and intensive resource use to asymmetric encryption, and hence
unsuitable for encrypting large quantity of data. It is generally used for
aiding the symmetric key distribution and authentication tasks. The
combination of symmetric and asymmetric algorithms is called Hybrid
Encryption.
Hybrid Encryption
The hybrid encryption combines the best of the two worlds: symmetric and
asymmetric algorithms. The symmetric key provides the fastest encryption
and decryption, and the asymmetric scheme provides a convenient way to
share the secret key.
The Diffie-Hellman protocol allows users to exchange a secret key over an
insecure medium without any prior secrets, which is one of the most widely
used key exchange methods supporting various secure Internet protocols,
e.g. SSL, SSH, and IPsec.
In the protocol, each side of the connection generates a related
private-public key pair, and publishes the public part. After the public key
exchange, one is able to compute a new secret key using one's private key
and the other's public key. The resulting key is common to both sides, and
can be used as a shared secret key for symmetric encryption. In such a way,
D-Link Firewalls User's Guide

Advertisement

Table of Contents
loading

Related Manuals for D-Link DFL-1600

Related Products for D-Link DFL-1600

This manual is also suitable for:

Netdefend dfl-210Netdefend dfl-2500Dfl-800Netdefend dfl-1600Netdefend dfl-800

Table of Contents