الحمد لله عرفت اجابة السؤال الأول:
التانى والتالت يا رجالة الله يكرمكم
السلام عليكم ورحمة الله وبركاته
عندى 3 أسئلة عن البروتوكول ده .. يا رب الاقى مساعدة عندكم ان شاء الله
معلش الاسئلة بالانجليزى
1-Are DSA and RSA independent encryption ciphers (cryptosystems) just as any other ciphers like AES, 3DES, ..etc and not just a asymmetric key generators that are used under other symmetric encryption algorithms ?
2- It is believed that RSA or DSA is used just for the authentication phase of the session and the rest of the session is just encrypted with symmetric algorithm (private key). Is that true ?
Because I read that SSH2 is a hybrid protocol which uses both symmetric and asymmetric encryption ciphers. Symmetric encryption for encrypting the bulk of the message and symmetric encryption for encrypting the symmetric key itself. Do they mean hybrid just for the authentication phase or for the entire session ?
3- Are the keys used to encrypt/decrypt is sent with each and every transmission of an encrypted packet, or the server/client establish the key first, then only the encrypted packet is sent ?
لو عرفت اجابة الاسئلة التلاتة دوول .. هيوضحولى كتير جدا عن البروتوكول ده وخصوصا انى قرأت كتير جدا عنه .. بس دايما التلات اسئلة دول مبلقيش ليهم اجابة
شكرا جزيلا
الحمد لله عرفت اجابة السؤال الأول:
التانى والتالت يا رجالة الله يكرمكم
الحمد لله وصلت يا رجال
اى مناقشة فى الموضوع .. مرحب بيها جدا ... معلش الاجابات بالانجليزى برضة
1- DSA and RSA which are two types of "Asymmetric CryptoSystem" are not just
key generation methods to be used in other "Symmetric Encryption Algorithms". They are independent encryption algorithm.
2- I think this belief is wrong "Asymmetric Encryption" is not just for SSH2 authentication
phase. Actually SSH2 uses "Asymmetric encryption (DSA or RSA)" for authentication and
also for encrypting a hash of the original message (done with a HMAC hash algorithm) in
order to provide both "Message Integrity" and "Digital Signature Verification", because
as u know what a public key encrypts, only can be decrypted by it's private one which
in sole possession of the receiver.
3- Actually I haven't find a clear answer for this question. But I think SSH2 doesn't do
that (doesn't transmit the keys with each and every transmission of an encrypted
package).
I ask myself why it would do such a thing ?!
1- The Diffie-Hellman algorithm dictates the secret session key in a way that the
client and the server know it. So both know the "symmetric key" to decrypt the bulk
of the message.
2- When a client send a message to the server, the client encrypt the hash of the
message with ((the server's public key (which is already public))) which can be
decrypted with the server's private key which no one knows except the server
So why a sender would ever send the keys to a recipient who already knows them
That's why I think SSH2 Doesn't send the session key nor the already public "public
key" with the every and each transmission of an encrypted package.
التعديل الأخير تم بواسطة mido_nour1 ; 24-04-2012 الساعة 13:27
ضوابط المشاركة
المفضلات