Internet History, Technology and Security (Week 9)
Week 9
Security: Web Security
We are now on the second to last week of the class and finishing up our look at Internet Security. You can also see the final exam and its due date. The due date of the final exam signals the end of the class.
This week, we’ll be covering web security. We apply the basic ideas of encryption and signing to who we actually secure the connections that we use on today’s Web and Internet.
Securing Web Connections
Security Public/Private Key - Secure Sockets
本节介绍公开密钥加密。在前几次讲座中一直遵循着机密和完整性两个主题,机密是隐藏的,不能将其泄露给哪些你不想展示的人。
公钥加密被认为是解决这个问题的一种非常优雅的解决方案,它是由Diffie和Hellman在1976年提出的。依赖于两个密钥,且是不对称的,这就意味着我们不能像之前小节那样使用相同的密钥来进行加密。公钥实际上不需要任何保护,公钥用于消息的加密,而私钥则用于消息的解密。他们在数学上是相互关联的。
如果你想使用私密公钥加密,你必须生成一对(公钥和私钥)。
选择两个非常大的随机数,然后将它们相乘。你可以从中计算得到公钥和密钥,公钥和密钥实际上是基于两个质数,所以想要找到他们形如大海捞针。
And so the public and private key is really based on these two prime numbers.
这里老师给我们做了一个演示:
The encrypted text finds its way through all these things. And it come in encrypted. And it actually doesn't get encrypted, until it's sort of right at the point where Amazon's web server that's going to actually charge your credit card. So, this is actually beautifully elegant. In that, the rest of the network is blissfully unaware, that any encryption is happening. It's just moving the data. So, this did not require any change. Again the beauty of the layer of architecture. Did not require any change, sort of below the transport layer. And as a matter of fact, all of the sequencing and re-transmission that happens in the TCP layer. That happens with the encrypted stuff too because it's just encrypted. It's just text. It's gibberish text, it's not the original visa card number that you're sending. You're sending 123 and out comes, you know, wxy, the wxy just goes. It's re-transmitted. All this crap just works, it's like, beautiful. It's a beautiful thing. It's absolutely a beautiful thing. Then it's just like this mini layer kind of between, it's like the top slice of the transport layer. That's how I'm drawing it right here. It's like this little kind of top extra little thing, that says you know what, we're going to transport, actually help me out and give me some encryption while we're at it. And there's all kinds of cool stuff that goes back and forth. The public and private keys get exchanged.
你不得不假定你连接的过程是不安全的。
But, but basically, you know, we want to distrust all of this, okay?
这种思想就是传输层安全(Transport Layer Security),也称作SSL、HTTPS,位于传输层和应用层之间。
Identity on the Web
Security - Integrity and Certificate Authorities
我们如何知道与之对话的是谁呢?是亚马逊还是coursera?可以通过查看浏览器的顶部,通常这里会i有一个指示只想安全连接,可以单机此链接来查看一些信息,这就叫做证书信息。有一个GoDaddy来负责检查Coursera的ID并说,嘿你一定是Coursera的首席执行官,否则我不会给你这个签名的私钥。
因此这就是一个获得私钥签名的过程,也是一宗确保和其他人交流的方法。所谓的数字证书也被称为签名私钥。
数字证书由第三方权威机构颁布,这些权威机构也是逐渐建立起信任的。
So, if you think this whole thing through, this, Eve was watching the whole time. We sent a public key. We signed and returned a public key. Then we sent the public key to your laptop. We verified the public key. And the whole time Eve is sort of watching all this information and she is powerless to break it.
最后总结一下:
So, that sort of brings us to the conclusion of this, these last couple of lectures have been about message confidentially. And that's protecting the contents from being revealed. We use encrypting and decrypting for that. And then we have message digest. And, sur, to sign things. We've signed messages, we've signed certificates, we've signed many things, and those are important. And we talked about both sort of, shared key, and secret key, where you have to get together. And agree on a key which is a symmetric key that's used for encrypting and decrypting. And then you have the public private key which is the asymmetric. Which is one key is used for encrypting and the other key is used for decrypting. And you can freely show the encrypting key because it gives very little information. Although, it is mathematically possible, but difficult to decrypt public private key message. So, that kinds of suns up, kind of sums up our lecture on public private keys and I hope you find it valuable. See you on the net.
Internet History, Technology and Security (Week 9)的更多相关文章
- Internet History, Technology and Security (Get Started)
Abstract 课程名称:互联网的历史.技术和安全 coursera地址 制作方:密歇根大学(University of Michigan) 教师:Charles Severance, Associ ...
- Internet History,Technology and Security
Internet History,Technology and Security(简单记录) First Week High Stakes Research in Computing,and Comm ...
- Internet History,Technology,and Security - History Through Supercomputing(Week2)
时间飞逝,一周又过去了,这周我们来到了Internet History, Technology and Security (Week 2)的学习,从标题就可以看出,这周主要是介绍“互联网”雏形的诞生. ...
- Internet History, Technology and Security (Week 2)
Week 2 History: The First Internet - NSFNet Welcome to week 2! This week, we'll be covering the hist ...
- Coursera: Internet History, Technology, and Security
课程网址:https://www.coursera.org/learn/internet-history 学习笔记: Week 1: History - Dawn of Early Computing ...
- Internet History, Technology, and Security(week1)——History: Dawn of Electronic Computing
前言: 第一次进行课程学习,在反复观看视频和查找字典翻译理解后选出了视频中个人认为较重要的概念,以下并不按照逐句翻译,中文概括大意余下自由发挥,对老师想要告诉我们的历史有一个初步的了解,顺便锻炼以下英 ...
- Internet History, Technology and Security (Week5.1)
Week5 The Transport layer is built on the Internetwork layer and is what makes our network connectio ...
- Internet History, Technology and Security (Week 4)
Week 4 History: Commercialization and Growth We are now moving into Week 4! This week, we will be co ...
- Internet History,Technology,and Security - Technology: Internets and Packets (Week5)
Week5 Technology: Internets and Packets Welcome to Week 5! This week, we’ll be covering internets an ...
随机推荐
- Flash Player调试器版本的解决办法Flash Builder 找不到所需的Adobe
Flash Player调试器版本的解决办法Flash Builder 找不到所需的Adobe Flash Builder在Debug时出现的问题:Flash Builder 找不到所需的Adob ...
- RabbitMQ(三):消息持久化策略
原文:RabbitMQ(三):消息持久化策略 一.前言 在正常的服务器运行过程中,时常会面临服务器宕机重启的情况,那么我们的消息此时会如何呢?很不幸的事情就是,我们的消息可能会消失,这肯定不是我们希望 ...
- 如何查看win2003是32位还是64位
如何查看自己的电脑是32位还是64位 方法如下: 点击开始——运行——输入wmic cpu get addresswidth
- 【转载】COM 组件设计与应用(二)——GUID 和 接口
原文:http://vckbase.com/index.php/wv/1203.html COM 组件设计与应用 系列文章:http://vckbase.com/index.php/piwz?& ...
- iTerm的安装以及配置Oh My Zsh
iTerm说简单点就是Windows的命令提示符,可能说这个大家感觉没用过,其实也就是人们经常使用CMD,相当于苹果的终端,但是比自带的终端强大多了. 本文就是简单的说一下安装和简单的配置过程. 首先 ...
- 2018年美国大学生数学建模竞赛(MCM/ICM) D题解题思路
首先整个赛题是一道集选址,优化,评价,预测的综合性赛题,对于任务 1,包括三个小问题,第一是有望完全电动化,那么就需要评价什么叫完全电动化,所以先建立一个基本的标准,比如人车比例达到多少.需要多少充电 ...
- EVA无法连接
EVA在11月19日更新后,发现DMS无法与EVA进行链接,在DMS中EVA连接测试报告中有如下报错: 根本原因 解决方法/修复 1.在本地电脑系统盘中查找文件夹“.eva-prod”, 并拷 ...
- CentOS 7.X下 -- 配置nginx正向代理支持https
环境说明: 本次测试使用的操作系统为:CentOS 7.2 x86 64位 最小化安装的操作系统,系统基础优化请参考:https://www.cnblogs.com/hei-ma/p/9506623. ...
- nginx 定义的一些状态码
ngx_string(ngx_http_error_494_page), /* 494, request header too large */ ngx_string(ngx_http_erro ...
- Iron Speed Designer设计工具开发总结
9.0版本: 1.1 ISP和VS不要同时生成,代码写在override方法之下,不然生成之后会覆盖;正常情况下,ISP可以写代码,只不过没有快捷提示,一般我们先注释一下字段(如://sdsfdsfd ...