PKI

Description

PKI
Xin Meng
Mind Map by Xin Meng, updated more than 1 year ago
Xin Meng
Created by Xin Meng almost 7 years ago
355
2

Resource summary

PKI
  1. X.509
    1. Certificate Encode
      1. PEM:Privacy Enhanced Mail
        1. DER:Distinguished Encoding Rules
        2. Certificate Extension Name
          1. CRT
            1. PEM
              1. CER
                1. KEY
                  1. PFX/P12
                    1. JKS
                      1. CSR: Certificate Signing Requst
                      2. `openssl` command
                        1. Generate self-sign certificate
                          1. openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
                          2. Generate CSR
                            1. openssl req -newkey rsa:2048 -new -nodes -keyout my.key -out my.csr
                            2. Display the Certificate Information
                              1. PEM
                                1. openssl x509 -in certificate.pem -text -noout
                                2. DER
                                  1. openssl x509 -in certificate.der -inform der -text -noout
                              2. Digital Certificate? or Public Key Certificate
                                1. Public Key + Owner Information + Digital Signature Signed by CA
                                2. Structure
                                  1. Abstract Syntax Notation (ASN): describe the structure
                                    1. ASN serves the same purpose as a DTD or an XSD might serve in an XML context
                                    2. TOP level
                                      1. version
                                        1. serialNumber
                                          1. signature
                                            1. CA sign
                                              1. Self-sign for test
                                                1. object identifier (OID)
                                                  1. MD5withRSA: 1.2.840.113549.1.1.4 = 2A 86 48 86 F7 0D 01 01 04
                                                    1. SHA-1withRSA: 2A 86 48 86 F7 0D 01 01 05
                                                  2. issuer
                                                    1. Distinguished Name
                                                    2. validity
                                                      1. subject
                                                        1. subjectPublicKeyInfo
                                                          1. issuerUniqueID
                                                            1. subjectUniqueID
                                                              1. extensions
                                                          2. CA

                                                            Annotations:

                                                            • CA sign the Digital certificate
                                                            1. RA
                                                              1. VA
                                                                1. Use Cases
                                                                  1. SSL(TLS)
                                                                    1. SAML
                                                                      1. Software Licence
                                                                        1. PDF signature
                                                                          1. SSH
                                                                          2. Algorithms
                                                                            1. private key cryptography
                                                                              1. DES,Data Encryption Standard
                                                                                1. AES, Advanced Encryption Standard (128,192, 256)
                                                                                  1. RC4
                                                                                    1. IDEA
                                                                                    2. public key cryptography
                                                                                      1. RSA, Rivest, Shamir, Adleman: length>768 has not been cracked. So 1024 basic security and 2018 is more security
                                                                                        1. Digital Signature Algorithm, DSA, Only signature
                                                                                          1. Diffie-Hellman: Only for exchange key
                                                                                            1. ECC, Elliptic curve cryptography
                                                                                            2. Digest Algorithm
                                                                                              1. SHA Secure Hash Algorithm
                                                                                                1. SHA-1 : 160-bit
                                                                                                  1. SHA-2: SHA256: 256-bit
                                                                                                  2. MD5 Message-Digest Algorithm 5
                                                                                                    1. CRC Cyclic Redundancy Check
                                                                                                  Show full summary Hide full summary

                                                                                                  Similar

                                                                                                  CCNA Security 210-260 IINS - Exam 3
                                                                                                  Mike M
                                                                                                  Application of technology in learning
                                                                                                  Jeff Wall
                                                                                                  Innovative Uses of Technology
                                                                                                  John Marttila
                                                                                                  Ch1 - The nature of IT Projects
                                                                                                  mauricio5509
                                                                                                  The Internet
                                                                                                  Gee_0599
                                                                                                  CCNA Answers – CCNA Exam
                                                                                                  Abdul Demir
                                                                                                  SQL Quiz
                                                                                                  R M
                                                                                                  Professional, Legal, and Ethical Issues in Information Security
                                                                                                  mfundo.falteni
                                                                                                  System Analysis
                                                                                                  R A
                                                                                                  Flash Cards Networks
                                                                                                  JJ Pro Wrestler
                                                                                                  EDUC260- Multimodal Literacies for a Digital Age
                                                                                                  angelwoo2002