And communications the republic of uzbekistan tashkent university of information technologies



Download 0,5 Mb.
Pdf ko'rish
bet12/24
Sana05.06.2022
Hajmi0,5 Mb.
#638263
1   ...   8   9   10   11   12   13   14   15   ...   24
Bog'liq
14 Мавлонов Анвар

 


II.
 
Main part. A solving problems in authentication system and making
software development 
2.1.
 
The existing problems in authentication and protocols 
Key authentication is
 
used to solve the problem of authenticating the keys of 
the person (say "person B") to whom some other person ("person A") is talking to 
or trying to talk to. In other words, it is the process of assuring that the key of 
"person A" held by "person B" does in fact belong to "person A" and vice versa. 
This is usually done after the keys have been shared among the two sides 
over some secure channel, although some of the algorithms share the keys at the 
time of authentication also.
The simplest solution for this problem is for the two users concerned to meet 
face-to-face and exchange keys. However, for systems in which there are a large 
number of users or in which the users do not personally know each other (e.g., 
Internet shopping) this is not practical. There are various algorithm for both 
symmetric keys and asymmetric public key cryptography to solve this problem. 
Authentication using Shared Keys 
For key authentication using the traditional symmetric key cryptography, 
this is the problem of assuring that there is no man-in-the-middle attacker who is 
trying to read or spoof the communication. There are various algorithms used 
nowadays to prevent such attacks. The most common among the algorithms are 
Duffy-Hellman 
key 
exchange, 
authentication 
using Key 
distribution 
center, Kerberos and Needham Schroeder protocol. Other methods that can be used 
include agreement protocols etc. 
Authentication using Public Key Cryptography 
Crypto systems using asymmetric key algorithms do not evade the problem 
too. That a public key can be known by all without compromising the security of 
an encryption algorithm (for some such algorithms, though not for all) is certainly 
useful, but does not prevent some kinds of attacks. For example, a spoofing attack 


in which public key 
A
is claimed publicly to be that of user Alice, but is in fact a 
private key belonging to man-in-the-middle attacker Mallet, is easily possible. No 
public key is inherently bound to any particular user, and any user relying on a 
defective binding (including Alice herself when she sends herself protected 
messages) will have trouble. 
The most common solution to this problem is the use of public key 
certificates and certificate authorities (CAs) for them in a public-key 
infrastructure (PKI) system. The certificate authority (CA) acts as a 'trusted third 
Download 0,5 Mb.

Do'stlaringiz bilan baham:
1   ...   8   9   10   11   12   13   14   15   ...   24




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish