This presentation is the property of its rightful owner.
Sponsored Links
1 / 31

Курепкин И.А., Южанин Н.С., Ротков Л.Ю., Соганов С.В PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on
  • Presentation posted in: General

Download Presentation

Курепкин И.А., Южанин Н.С., Ротков Л.Ю., Соганов С.В

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


. . - CSP. .

.., ..,

.., .



  • (infinite-key cipher)

  • ( Vernam)

  • ()

  • (permutation, P-)

  • (, substitution, S-)

  • ( 28147-89, DES, IDEA, RC5, B-Crypt .)

  • - DH (Diffie, Hellman)

  • --e RSA (Rivest, Shamir, Adleman)

  • - ElGamal

  • ( , , , single-key).

  • ( , public-key)


(-),

-Z

S


, , .

: 3

:C=RU, org=ACME, cn=UserName

:C=RU, org=ACME, cn=CA

:#12345678

:GOST R 34.11-94/ R 34.10-94 (1.2.643.2.2.4)

:GOST R 34.10-94 (1.2.643.2.2.20) :010011101001001010010101

:01.01.2001 00:00:00

:31.12.2006 23:59.59

(X.509 v3 Extensions)

: ACME

: 31.12.1999 23:59.59

: 31.12.2000 23:59.59

: (1.3.6.1.5.5.7.3.4)

: (1.3.6.1.5.5.7.3.2)

:IP, DNS, URI, RFC822, ,...

. . .

:

: GOST R 34.11-94/ R 34.10-94 (1.2.643.2.2.4)

:010011101001001010010101

RFC 2459, X.509

Certificate ::= SEQUENCE {

tbsCertificate TBSCertificate,

signatureAlgorithm AlgorithmIdentifier,

signatureValue BIT STRING }

TBSCertificate ::= SEQUENCE {

version [0] EXPLICIT Version DEFAULT v1,

serialNumber CertificateSerialNumber,

signature AlgorithmIdentifier,

issuer Name,

validity Validity,

subject Name,

subjectPublicKeyInfo SubjectPublicKeyInfo,

issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,

-- If present, version shall be v2 or v3

subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,

-- If present, version shall be v2 or v3

extensions [3] EXPLICIT Extensions OPTIONAL

-- If present, version shall be v3

}


-

-

PKI

  • :

:

  • :

  • (Authenticode)


.

Root CA

Sub CA 2

Sub CA 3

User

.

CTL .

CA, , .

CA Trusted Root Certification Authorities.

.



Microsoft

  • (Certification Authority)

      • ,

      • (Certificate Revocation List)

  • Web- (Web Enrollment Support)

    • Web-


Microsoft Certification Authority

Microsoft Outlook

Microsoft Outlook Express

Microsoft Authenticode

TLS/SSL Internet Explorer

CryptoAPI 2.0

CAPICOM 1.0

CryptoPro CSP

  • Microsoft

  • , Microsoft


COM

Certification Authority

Certificate Services

Outlook Express

Outlook

CAPICOM 1.0

Authenticode

Certificate Enrollment Control

Smart Card Enrollment Control

Internet Explorer

IIS

Windows

CryptoAPI 2.0


CryptoAPI

, / , / .

.

, .


.509

CRL .509

PKCS#10

PKCS#7

CryptoAPI 2.0

Certificate Store

Simplified Message Functions

CryptEncodeObjectCryptDecodeObject

Low Level Message Functions

Base Cryptography Functions

Cryptographic Service Providers


Cryptographic Service Providers

Microsoft Base Cryptographic Provider v1.0

Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider

Gemplus GemSAFE Card CSP v1.0

Microsoft Enhanced Cryptographic Provider v1.0

Microsoft Base DSS Cryptographic Provider

Microsoft Strong Cryptographic Provider

Microsoft Base DSS and Diffie-Hellman Cryptographic Provider

Cryptographic Service Providers

Crypto-Pro Cryptographic Service Provider

Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider


CSP Microsoft - Cryptographic Service Provider (CSP).

:

/114-0441 11 2001 .

/124-0460 20 2001 .

CSP

:

Windows 95, Windows 95 OSR2, Windows 98, Windows 98 SE, Windows ME, Windows NT, Windows 2000, Windows XP, Windows Whistler (beta 2).


  • (256 ) (1024 ) ;

  • 34.10-94 (" . . .");

  • 34.11-94(" . . .");

  • 34.10-94 ( 34.10-01);

  • , 28147-89 (" . .");

  • 28147-89;

  • (-) .


  • 3,5";

  • () MPCOS-EMV;

  • Touch-Memory DS1993 - DS1996 4+, "" Touch-Memory DALLAS;

  • Windows;

  • USB eToken.

CSP :

  • .

  • , Windows.


- Microsoft

  • :

  • :



  • :

  • ,

  • ,



MS Outlook (98, 2000, P)

MS Outlook ExpressThe BAT!


.EXE

.CAB

.CAT

.OCX

.DLL

.STL

SignCode.EXE

.509

(Authenticode)


Internet Explorer - IIS

X.509

34.10-94

28147-89

28147-89

TLS 1.0


CAPICOM 1.0

CryptoAPI 2.0

CSP


  • RSA Keon

  • Windows 2000

  • - Windows 2000

  • Windows 2000

  • Sun Solaris


CSP Outlook Express



SOAP

TLS 1.0

( SOAP, TLS 1.0)


SOAP

TLS 1.0

HTTP/S

TLS 1.0

( SOAP, TLS 1.0)



  • Login