beautypg.com

Comtrol DeviceMaster LT User Manual

Page 47

background image

DeviceMaster LT User Guide: 2000586

Rev. B

DeviceMaster LT Security - 47

Understanding Security Methods and Terminology

RSA Key Pair

This is an algorithm for public-key cryptography. It is the first algorithm
known to be suitable for signing as well as encryption. RSA is widely used in
electronic commerce protocols, and is believed to be sufficiently secure given
sufficiently long keys and the use of up-to-date implementations. The system
includes a communications channel coupled to at least one terminal having an
encoding device, and to at least one terminal having a decoding device.

Public key is a value provided by some designated authority as an
encryption key that, combined with a private key derived from the public
key, can be used to effectively encrypt messages and digital signatures.

Private Key

-

One half of the key pair used in conjunction with a public key

-

Both the public and the private keys are needed for encryption /
decryption but only the owner of a private key ever needs to know it.
Using the RSA system, the private key never needs to be sent across
the Internet.

-

The private key is used to decrypt text that has been encrypted with
the public key.

Thus, if User A sends User B a message, User A can find out User B’s
public key (but not User B’s private key) from a central administrator
and encrypt a message to User B using User B’s public key. When User
B
receives it, User B decrypts it with User B’s private key. In addition
to encrypting messages (which ensures privacy), User B can
authenticate User B to User A (so that User A knows that it is really
User B who sent the message) by using User B’s private key to encrypt
a digital certificate.

See

Key and Certificate Management

on Page 61 for more information.

SSH (Secure
Shell)

Secure Shell (SSH) allows data to be exchanged using a secure channel
between two networked devices. Replaces telnet which has no security. SSH
requires password authentication – even if password is empty.

See

SSH Server

on Page 53 for more information.

SSL (Secure
Sockets Layer)

The Secure Sockets Layer (SSL) is the predecessor of (TLS) Transport Layer
Security.

SSL is a commonly-used protocol for managing the security of a message
transmission on the Internet. SSL has recently been succeeded by Transport
Layer Security (TLS), which is based on SSL. SSL uses a program layer
located between the Internet's Hypertext Transfer Protocol (HTTP) and
Transport Control Protocol (TCP) layers.

SSL is included as part of both the Microsoft and Netscape browsers and most
Web server products. Developed by Netscape, SSL also gained the support of
Microsoft and other Internet client/server developers as well and became the
de facto standard until evolving into Transport Layer Security.

SSL uses the public-and-private key encryption system from RSA, which also
includes the use of a digital certificate.

See Pages 53 through 57 for detailed information about SSL.

Note: Two slightly different SSL protocols are supported by the DeviceMaster

LT: SSLv3 and TLSv1.

Term or

Issue

Explanation