beautypg.com

Asymmetric key algorithm applications, Configuring the local asymmetric key pair, Creating an asymmetric key pair – H3C Technologies H3C S7500E Series Switches User Manual

Page 197

background image

11-2

is kept secret while the public key may be distributed widely, and the private key cannot be

practically derived from the public key.

Asymmetric Key Algorithm Applications

Asymmetric key algorithms can be used for encryption/decryption and digital signature:

z

Encryption: The sender uses the public key of the intended receiver to encrypt the

information to be sent. Only the intended receiver, the holder of the paired private key, can

decrypt the information. This mechanism ensures the confidentiality.

z

Digital signature: The sender "signs" the information to be sent by encrypting the

information with its own private key. A receiver decrypts the information with the sender's

public key and, based on whether the information can be decrypted, determines the

authenticity of the information.

Revest-Shamir-Adleman Algorithm (RSA) and Digital Signature Algorithm (DSA) are all

asymmetric key algorithms. RSA can be used for data encryption/decryption and signature,

whereas DSA is used for signature only.

Symmetric key algorithms are often used to encrypt/decrypt data for security. Asymmetric key

algorithms are usually used in digital signature applications for peer identity authentication

because they involve complex calculations and are time-consuming. In digital signature

applications, only the digests, which are relatively short, are encrypted.

Configuring the Local Asymmetric Key Pair

You can create and destroy a local asymmetric key pair, and export the host public key of a

local asymmetric key pair.

Creating an Asymmetric Key Pair

Follow these steps to create an asymmetric key pair:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a local DSA key pair, or

RSA key pairs

public-key local create { dsa |

rsa }

Required

By default, there is no such key

pair.

z

The public-key local create rsa command generates two key pairs: one server key pair

and one host key pair. Each key pair comprises a public key and a private key. The length

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: