SSL, set, and PGP are the most commonly used encryption methods on the Internet (i), and they have a large user base within their scope of application. This article will introduce the three popular encryption methods in detail. The SSL (secure Socket Layer) SSL protocol, first published by Netscape, is a secure transport agreement for network data, with the primary purpose of providing a secret and reliable connection between two communications. The protocol is composed of two layers, the underlying layer is an SSL recording layer built on a reliable transport protocol (for example, TCP) to encapsulate high-level protocols. The SSL handshake protocol allows the server-side and the client to identify each other through specific cryptographic algorithms before it can begin to transmit data. SSL is advanced in that it is a stand-alone application protocol, and other higher-level protocols can be built on SSL protocols. Most Web servers and browser currently support SSL data encryption transfer protocols. Therefore, you can use this function to set some of the pages of a confidential nature in an encrypted transmission mode so that the data is intercepted by others when it is transmitted over the network. SSL is a cryptographic communication protocol that utilizes public key cryptography (RSA) as a client to transmit confidential information to the host side. SSL technology is widely used by most Web servers and browser. SSL has solved most of the problems for consumers. However, the problem with E-commerce is not fully resolved, because SSL can only do to the data confidentiality, the manufacturer can not determine who is to fill out this information, even if this is done, and bank liquidation problems. Set (secure Electronic Transaction) set is a security protocol developed by IBM, credit Card International Organization (VISA/MASTERCARD) and related vendors for network electronic transactions, which utilizes RSA security public key encryption technology, With data confidentiality, data integrity, data sources identifiable and undeniable, is used to protect consumers in the Internet card payment transaction security standards. The SET 1.0 edition was formally published in June 1997. Set has now become internationally recognized as a security standard in Internet Electronic Business transactions. The set protocol is used in the payment system of secure electronic bank cards, using the client's browser, which is applied from commercial sites to commercial banks. Online Banking uses existing procedures and equipment to complete transactions by confirming credit cards and clearing customer bank accounts. The SET protocol guarantees the security of the entire payment process by hiding the credit card number. Therefore, set must ensure that the credit card holder and the bank can maintain continuous contact with the existing system and network. The set protocol creates a complete solution for using credit cards in different systems. Reliable authentication makes set a very goodOnline payment system. It enables each legitimate participant in a transaction to have a reasonable identity, while the identity of the cardholder is carried out by the bank. Of course, this includes other services, such as: Identity certification, customer service and so on. This is a way to build another reliable user connection. At the same time can facilitate arbitration in the event of disputes. Set and SSL are to do consumer certification work, that is, not only the global data network shopping stations need to authenticate in the certification unit, consumers must obtain certification from the Certification body. Set consists of electronic Wallet (electronic wallet), Merchant Server (store-side service), Payment Gateway (Payment docking station), and certification authority (authentication Center). They form credit card licensing transactions that meet set standards on the Internet. Generally speaking, financial transactions on open networks are dominated by SSL and set trading agreements, with set being internationally recognized as the safest. In view of this, in June 1997, Visa/master introduced a security specification for Internet transactions called Electronic transactions (set:secure Electronic Transaction), which is essentially the same large numerical coding technology as SSL, To ensure the confidentiality of data and user certification work. At present, the security transaction standard set of credit card is still in the prophase construction. Before the system is fully operational, consumers still have to bear the risk of misappropriation of credit card information when they use credit cards for shopping on the Internet. Sensitive information in the transmission process was eavesdropping, transaction data in the transmission process was tampered with, the two sides of the transaction identity is counterfeit, the same order repeatedly sent, these problems even for the current set of security trading standards still have some difficulties. Users profile, SSL, or CA are more likely to be used by the WWW to provide confidential information to the user to avoid being tapped by others when the data is transmitted over the network. PGP (Pretty good Privacy) at present, there is also an excellent connection between the network and the desktop security method, PGP (Pretty, Privacy). PGP is a public key encryption program, unlike previous encryption methods, PGP public key encrypted information can only be decrypted with the private key. In traditional encryption methods, a key can be both encrypted and decrypted. So how do you transfer keys through an unsecured channel before you start transmitting data? Using PGP Public key cryptography, you can spread the public key widely and securely save the private key. Since only you can have the private key, anyone can encrypt your message with your public key without worrying about eavesdropping. Another benefit of using PGP is that you can use digital signatures in your documents. A key that is encrypted with a private key can only be solved with a public keyKey。 This way, if people read the decrypted files with your public key, they will be sure that only you can write the file. The latest version of PGP 2.6.3 is a version used in the United States and Canada, and PGP 2.6.3i is used on a general internet and can be downloaded from www.pgpi.org. PGP is a software encryption program that users can use to create secure messages and communications on insecure communication links. PGP protocol has become the fact standard of public key cryptography and global message security. Because everyone can see its source code, so as to find out the fault and security vulnerabilities, all the faults and vulnerabilities were found and corrected. To force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title of the party (0 Votes) passed (0 Votes) Text: Encrypted Three Musketeers SSL, set and PGP return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.