• Strona startowa
• Polityka
• orgfd en

Podobne

• Strona startowa
• Gayle Wald Crossing the Line, Racial Passing in Twentieth Century U.S. Literature and Culture (2000)
• Honda Catálogo De Peças Cg Titan 125 Ks Es 2000 A 2002
• Kennedy Paul Mocarstwa œwiata (1500 2000)
• Complete.Home.Wireless.Networking. .Windows.XP.Edition.(2003)
• Access 2000 Księga eksperta (4)
• Hornby Nick Byl sobie chlopiec
• Christoppher A. Faraone, Laura K. McClure Prostitutes and Courtesans in the Ancient World (2006)
• Szklarski Alfred Tomek na wojennej sciezce (SCAN
• Grisham John Firma (2)
• Kornel Makuszynski Szatan z siodmej klasy
• zanotowane.pl
• doc.pisz.pl
• pdf.pisz.pl
• starereklamy.pev.pl

Cytat

Do celu tam się wysiada. Lec Stanisław Jerzy (pierw. de Tusch-Letz, 1909-1966)
A bogowie grają w kości i nie pytają wcale czy chcesz przyłączyć się do gry (. . . ) Bogowie kpią sobie z twojego poukładanego życia (. . . ) nie przejmują się zbytnio ani naszymi planami na przyszłość ani oczekiwaniami. Gdzieś we wszechświecie rzucają kości i przypadkiem wypada twoja kolej. I odtąd zwyciężyć lub przegrać - to tylko kwestia szczęścia. Borys Pasternak
Idąc po kurzych jajach nie podskakuj. Przysłowie szkockie
I Herkules nie poradzi przeciwko wielu.
Dialog półinteligentów równa się monologowi ćwierćinteligenta. Stanisław Jerzy Lec (pierw. de Tusch - Letz, 1909-1966)

[ Pobierz całość w formacie PDF ]
.ISBN: 1928994024 Pub Date: 06/01/99Search this book:Search TipsAdvanced SearchPrevious Table of Contents NextTitleMessage IntegrityThe term integrity refers to the assurance that the message received was indeed the message sent.Integrity isviolated if the communication is somehow altered between the sending and receiving computer.Messageintegrity can be assured via the creation of digital signatures.A digital signature is a fingerprint.This-----------fingerprint can be a representation of the contents of the document.If someone were to capture the messagein transit and change its contents, the intruder would leave a fingerprint on the message that is different fromthe original fingerprint.The destination machine would detect that other hands had touched the document,and therefore would consider its content invalid.We can use hash functions to create the original fingerprint.Hashing MessagesYou can hash a message by running it through a hashing algorithm.A key is used together with the hashingalgorithm to create a hash so that only computers that know the key can create the same hash output of amessage.The hashed output is always the same length.This hashed output is often referred to as a messagedigest, or hash signature.You cannot reverse-engineer the digest to get the original message.Each packetmust have a different hashed result.For example, if I send you a message that says  Hi Mom, I will hash the message using a secret key thatonly you and I know about.After sending  Hi Mom through the hash algorithm using the secret key, we geta message digest of  12345.Now I will send you the message, together with the message digest.In order to make sure that the originalmessage was  Hi Mom, you will send the contents of the message through the same hash algorithm andcheck the result.If you get  12345, then it matches the digest sent to you.You know that indeed  Hi Momwas the original content of the message.If a man in the middle had intercepted the message, he might have changed the content of the message to say Hi Dad. When you received the message, it would read  Hi Dad. You would then run  Hi Dad thoughthe hash algorithm, and the result would be  12389. This does not match the message digest included withthe message.This message has had its integrity violated and should not be considered valid.http://corpitk.earthweb.com/reference/pro/1928994024/ch07/07-03.html (1 of 3) [8/3/2000 6:54:02 AM]Configuring Windows 2000 Server Security:IP Security for Microsoft Windows 2000 ServerThese message digests are also known as Hash Message Authentication Codes (HMAC).To derive anHMAC, Microsoft s implementation of IPSec uses one of two algorithms:" Message Digest 5 (MD5).This algorithm was developed by Ron Rivest of MIT and is defined inRFC 1321.MD5 processes each message in blocks of 512 bits.The message digest ends up being 128bits." Secure Hash Algorithm (SHA-1).This algorithm also processes messages in blocks of 512 bits.However, the resulting message digest is 160 bits long.This confers a greater degree of confidence,but is a bit more processor intensive, and therefore slower than MD5.A shared secret key is required to make this hash method work.In order to insure the validity of the secretkey, you must utilize other technologies, such as a public key infrastructure.Message AuthenticationAuthentication is concerned with establishing the identity of the sender or the recipient.Integrity concernsitself with making sure the message has not changed during transit.Authentication focuses on confirming theidentities of the participants of the conversation.It would be of little value to receive a message ofuncompromised integrity from an imposter.IPSec uses three methods to carry out message authentication:" Preshared key authentication" Kerberos authentication" Public key certificate based digital signaturesPreshared Key AuthenticationPreshared key authentication schemes depend on both members of the communication having pre-selected asecret key that will be used to identify them to each other.Data leaving the sending computer is encryptedwith this agreed-to key, and is decrypted on the other end with the same key.Both members of the communication assume that if the other side has access to this preselected key, thenboth are who they claim they are.This is accomplished in this way:1.The sending computer can hash of a piece of data (a challenge) using the shared key and forwardthis to the destination computer.2.The destination computer will receive the challenge and perform a hash using the same secret keyand send this back.3.If the hashed results are identical, both computers share the same secret and are thus authenticated.While preshared keys are effective in authenticating that each member has access to the same shared secret,this solution is not easily scalable.This is because the shared secret must be manually keyed into the IPSecpolicy.This is not an issue if the same policy applies to the entire domain tree, but it can becomecumbersome when subdomains, organizational units, and individual machines require different IPSecpolicies.Kerberos AuthenticationThe Kerberos authentication method is also based on the shared secret principle.In this case, the sharedsecret is a hash of the user s password.For details on the Kerberos Authentication protocol, see Chapter 3, Kerberos Server Authentication.Public Key Certificate Based Digital SignaturesA message digest is: a hash of the contents of the message.The combination of a key and a hash algorithm isused to create the message digest.A digital signature is an encrypted message digest.A message isauthenticated when the digest can first be decrypted, and then the decrypted hash must match the hashderived at the destination host.The sending computer uses its private key to complete this process [ Pobierz całość w formacie PDF ]

zanotowane.pl

doc.pisz.pl

pdf.pisz.pl

trendy-girls.htw.pl