Terminologies in this Class:

• Confidentiality, Integrity, Authenticity etc.
• 安全三要素：保密性、完整性、认证性（真实性）

Communication System Security

Communication system security is achieved in two aspects:

1. Make each node a trusted platform: robust hardware, validated system software, authorized applications.
2. Protect communications on each link: mutual authentication, key establishment, cipher suite negotiation, failure detection.

课堂笔记

Diffie-Hellman key exchange (DH)

用于在两个终端之间共享一个私密的数字：

此时两个终端直接就共享了一个私密信息：$$\displaystyle g^{X_A X_B}\pmod{p}$$

public-key crypto-systems (RSA)

The keys for the RSA algorithm are generated the following way:

1. Choose two distinct prime numbers p and q
   • For security purposes, the integers p and q should be chosen at random, and should be similar in magnitude but differ in length by a few digits to make factoring harder.[2] Prime integers can be efficiently found using a primality test.
2. Compute n = pq
   • n is used as the modulus for both the public and private keys. Its length, usually expressed in bits, is the key length.
3. Compute $$\phi(n) = lcm(\phi(p), \phi(q)) = lcm(p − 1, q − 1)$$, where $$\phi$$ is Carmichael’s totient function. This value is kept private.
4. Choose an integer e such that 1 < e < λ(n) and gcd(e, λ(n)) = 1; i.e., e and λ(n) are coprime.
5. Determine d as d ≡ e−1 (mod λ(n)); i.e., d is the modular multiplicative inverse of e modulo λ(n).