This presentation is the property of its rightful owner.
Sponsored Links
1 / 31

Курепкин И.А., Южанин Н.С., Ротков Л.Ю., Соганов С.В PowerPoint PPT Presentation


  • 110 Views
  • Uploaded on
  • Presentation posted in: General

Download Presentation

Курепкин И.А., Южанин Н.С., Ротков Л.Ю., Соганов С.В

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


5079121

. . - CSP. .

.., ..,

.., .


5079121


5079121

  • (infinite-key cipher)

  • ( Vernam)

  • ()

  • (permutation, P-)

  • (, substitution, S-)

  • ( 28147-89, DES, IDEA, RC5, B-Crypt .)

  • - DH (Diffie, Hellman)

  • --e RSA (Rivest, Shamir, Adleman)

  • - ElGamal

  • ( , , , single-key).

  • ( , public-key)


5079121

(-),

-Z

S


5079121

, , .

: 3

:C=RU, org=ACME, cn=UserName

:C=RU, org=ACME, cn=CA

:#12345678

:GOST R 34.11-94/ R 34.10-94 (1.2.643.2.2.4)

:GOST R 34.10-94 (1.2.643.2.2.20) :010011101001001010010101

:01.01.2001 00:00:00

:31.12.2006 23:59.59

(X.509 v3 Extensions)

: ACME

: 31.12.1999 23:59.59

: 31.12.2000 23:59.59

: (1.3.6.1.5.5.7.3.4)

: (1.3.6.1.5.5.7.3.2)

:IP, DNS, URI, RFC822, ,...

. . .

:

: GOST R 34.11-94/ R 34.10-94 (1.2.643.2.2.4)

:010011101001001010010101

RFC 2459, X.509

Certificate ::= SEQUENCE {

tbsCertificate TBSCertificate,

signatureAlgorithm AlgorithmIdentifier,

signatureValue BIT STRING }

TBSCertificate ::= SEQUENCE {

version [0] EXPLICIT Version DEFAULT v1,

serialNumber CertificateSerialNumber,

signature AlgorithmIdentifier,

issuer Name,

validity Validity,

subject Name,

subjectPublicKeyInfo SubjectPublicKeyInfo,

issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,

-- If present, version shall be v2 or v3

subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,

-- If present, version shall be v2 or v3

extensions [3] EXPLICIT Extensions OPTIONAL

-- If present, version shall be v3

}


5079121

-

-

PKI

  • :

:

  • :

  • (Authenticode)


5079121

.

Root CA

Sub CA 2

Sub CA 3

User

.

CTL .

CA, , .

CA Trusted Root Certification Authorities.

.


5079121


Microsoft

Microsoft

  • (Certification Authority)

      • ,

      • (Certificate Revocation List)

  • Web- (Web Enrollment Support)

    • Web-


Cryptopro csp

Microsoft Certification Authority

Microsoft Outlook

Microsoft Outlook Express

Microsoft Authenticode

TLS/SSL Internet Explorer

CryptoAPI 2.0

CAPICOM 1.0

CryptoPro CSP

  • Microsoft

  • , Microsoft


Windows

COM

Certification Authority

Certificate Services

Outlook Express

Outlook

CAPICOM 1.0

Authenticode

Certificate Enrollment Control

Smart Card Enrollment Control

Internet Explorer

IIS

Windows

CryptoAPI 2.0


Cryptoapi

CryptoAPI

, / , / .

.

, .


Cryptoapi 2 0

.509

CRL .509

PKCS#10

PKCS#7

CryptoAPI 2.0

Certificate Store

Simplified Message Functions

CryptEncodeObjectCryptDecodeObject

Low Level Message Functions

Base Cryptography Functions

Cryptographic Service Providers


C ryptographic service providers

Cryptographic Service Providers

Microsoft Base Cryptographic Provider v1.0

Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider

Gemplus GemSAFE Card CSP v1.0

Microsoft Enhanced Cryptographic Provider v1.0

Microsoft Base DSS Cryptographic Provider

Microsoft Strong Cryptographic Provider

Microsoft Base DSS and Diffie-Hellman Cryptographic Provider

Cryptographic Service Providers

Crypto-Pro Cryptographic Service Provider

Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider


5079121

CSP Microsoft - Cryptographic Service Provider (CSP).

:

/114-0441 11 2001 .

/124-0460 20 2001 .

CSP

:

Windows 95, Windows 95 OSR2, Windows 98, Windows 98 SE, Windows ME, Windows NT, Windows 2000, Windows XP, Windows Whistler (beta 2).


5079121

  • (256 ) (1024 ) ;

  • 34.10-94 (" . . .");

  • 34.11-94(" . . .");

  • 34.10-94 ( 34.10-01);

  • , 28147-89 (" . .");

  • 28147-89;

  • (-) .


5079121

  • 3,5";

  • () MPCOS-EMV;

  • Touch-Memory DS1993 - DS1996 4+, "" Touch-Memory DALLAS;

  • Windows;

  • USB eToken.

CSP :

  • .

  • , Windows.


5079121

- Microsoft

  • :

  • :


5079121


5079121

  • :

  • ,

  • ,


5079121


5079121

MS Outlook (98, 2000, P)

MS Outlook ExpressThe BAT!


Authenticode

.EXE

.CAB

.CAT

.OCX

.DLL

.STL

SignCode.EXE

.509

(Authenticode)


5079121

Internet Explorer - IIS

X.509

34.10-94

28147-89

28147-89

TLS 1.0


5079121

CAPICOM 1.0

CryptoAPI 2.0

CSP


5079121

  • RSA Keon

  • Windows 2000

  • - Windows 2000

  • Windows 2000

  • Sun Solaris


Csp outlook express

CSP Outlook Express


5079121


5079121

SOAP

TLS 1.0

( SOAP, TLS 1.0)


5079121

SOAP

TLS 1.0

HTTP/S

TLS 1.0

( SOAP, TLS 1.0)


5079121


  • Login