Week 9

Security: Web Security

We are now on the second to last week of the class and finishing up our look at Internet Security. You can also see the final exam and its due date. The due date of the final exam signals the end of the class.
This week, we’ll be covering web security. We apply the basic ideas of encryption and signing to who we actually secure the connections that we use on today’s Web and Internet.

Securing Web Connections

Security Public/Private Key - Secure Sockets

本节介绍公开密钥加密。在前几次讲座中一直遵循着机密和完整性两个主题，机密是隐藏的，不能将其泄露给哪些你不想展示的人。

公钥加密被认为是解决这个问题的一种非常优雅的解决方案，它是由Diffie和Hellman在1976年提出的。依赖于两个密钥，且是不对称的，这就意味着我们不能像之前小节那样使用相同的密钥来进行加密。公钥实际上不需要任何保护，公钥用于消息的加密，而私钥则用于消息的解密。他们在数学上是相互关联的。

如果你想使用私密公钥加密，你必须生成一对（公钥和私钥）。

选择两个非常大的随机数，然后将它们相乘。你可以从中计算得到公钥和密钥,公钥和密钥实际上是基于两个质数，所以想要找到他们形如大海捞针。

And so the public and private key is really based on these two prime numbers.

这里老师给我们做了一个演示：

The encrypted text finds its way through all these things. And it come in encrypted. And it actually doesn't get encrypted, until it's sort of right at the point where Amazon's web server that's going to actually charge your credit card. So, this is actually beautifully elegant. In that, the rest of the network is blissfully unaware, that any encryption is happening. It's just moving the data. So, this did not require any change. Again the beauty of the layer of architecture. Did not require any change, sort of below the transport layer. And as a matter of fact, all of the sequencing and re-transmission that happens in the TCP layer. That happens with the encrypted stuff too because it's just encrypted. It's just text. It's gibberish text, it's not the original visa card number that you're sending. You're sending 123 and out comes, you know, wxy, the wxy just goes. It's re-transmitted. All this crap just works, it's like, beautiful. It's a beautiful thing. It's absolutely a beautiful thing. Then it's just like this mini layer kind of between, it's like the top slice of the transport layer. That's how I'm drawing it right here. It's like this little kind of top extra little thing, that says you know what, we're going to transport, actually help me out and give me some encryption while we're at it. And there's all kinds of cool stuff that goes back and forth. The public and private keys get exchanged.

你不得不假定你连接的过程是不安全的。

But, but basically, you know, we want to distrust all of this, okay?

这种思想就是传输层安全（Transport Layer Security），也称作SSL、HTTPS,位于传输层和应用层之间。

Identity on the Web

Security - Integrity and Certificate Authorities

我们如何知道与之对话的是谁呢？是亚马逊还是coursera？可以通过查看浏览器的顶部，通常这里会i有一个指示只想安全连接，可以单机此链接来查看一些信息，这就叫做证书信息。有一个GoDaddy来负责检查Coursera的ID并说，嘿你一定是Coursera的首席执行官，否则我不会给你这个签名的私钥。

因此这就是一个获得私钥签名的过程，也是一宗确保和其他人交流的方法。所谓的数字证书也被称为签名私钥。

数字证书由第三方权威机构颁布，这些权威机构也是逐渐建立起信任的。

So, if you think this whole thing through, this, Eve was watching the whole time. We sent a public key. We signed and returned a public key. Then we sent the public key to your laptop. We verified the public key. And the whole time Eve is sort of watching all this information and she is powerless to break it.

最后总结一下：

So, that sort of brings us to the conclusion of this, these last couple of lectures have been about message confidentially. And that's protecting the contents from being revealed. We use encrypting and decrypting for that. And then we have message digest. And, sur, to sign things. We've signed messages, we've signed certificates, we've signed many things, and those are important. And we talked about both sort of, shared key, and secret key, where you have to get together. And agree on a key which is a symmetric key that's used for encrypting and decrypting. And then you have the public private key which is the asymmetric. Which is one key is used for encrypting and the other key is used for decrypting. And you can freely show the encrypting key because it gives very little information. Although, it is mathematically possible, but difficult to decrypt public private key message. So, that kinds of suns up, kind of sums up our lecture on public private keys and I hope you find it valuable. See you on the net.

Internet History, Technology and Security (Week 9)的更多相关文章

1. Internet History, Technology and Security (Get Started)

   Abstract 课程名称:互联网的历史.技术和安全 coursera地址 制作方:密歇根大学(University of Michigan) 教师:Charles Severance, Associ ...

2. Internet History,Technology and Security

   Internet History,Technology and Security(简单记录) First Week High Stakes Research in Computing,and Comm ...

3. Internet History,Technology,and Security - History Through Supercomputing（Week2）

   时间飞逝,一周又过去了,这周我们来到了Internet History, Technology and Security (Week 2)的学习,从标题就可以看出,这周主要是介绍“互联网”雏形的诞生. ...

4. Internet History, Technology and Security (Week 2)

   Week 2 History: The First Internet - NSFNet Welcome to week 2! This week, we'll be covering the hist ...

5. Coursera: Internet History, Technology, and Security

   课程网址:https://www.coursera.org/learn/internet-history 学习笔记: Week 1: History - Dawn of Early Computing ...

6. Internet History, Technology, and Security（week1）——History: Dawn of Electronic Computing

   前言: 第一次进行课程学习,在反复观看视频和查找字典翻译理解后选出了视频中个人认为较重要的概念,以下并不按照逐句翻译,中文概括大意余下*发挥,对老师想要告诉我们的历史有一个初步的了解,顺便锻炼以下英 ...

7. Internet History, Technology and Security (Week5.1)

   Week5 The Transport layer is built on the Internetwork layer and is what makes our network connectio ...

8. Internet History, Technology and Security (Week 4)

   Week 4 History: Commercialization and Growth We are now moving into Week 4! This week, we will be co ...

9. Internet History,Technology,and Security - Technology: Internets and Packets （Week5）

   Week5 Technology: Internets and Packets Welcome to Week 5! This week, we’ll be covering internets an ...

随机推荐

1. NOIp 2014 #1 生活大爆炸版石头剪刀布 Label：模拟

   题目描述 石头剪刀布是常见的猜拳游戏:石头胜剪刀,剪刀胜布,布胜石头.如果两个人出拳一样,则不分胜负.在<生活大爆炸>第二季第8 集中出现了一种石头剪刀布的升级版游戏. 升级版游戏在传统的 ...

2. 洛谷U5653 宋荣子的小饼干

   题目描述 楼下机房的LYL有n个妹子,分别编号为a1,a2……an,每个妹子都拥有一定数量的小饼干.有一天,saruka没有吃晚饭,饿的不要不要的,这时,他忽然想起了LYL的妹子们有小饼干可以吃.于是 ...

3. Oracle R12 多组织访问的控制 - MOAC&lpar;Multi-Org Access Control&rpar;

   什么是MOAC MOAC(Multi-Org Access Control)为多组织访问控制,是Oracle EBS R12的重要新功能,它可以实现在一个Responsibility下对多个Opera ...

4. 使用eclipse创建maven&plus;动态web的项目

   windows7操作系统 提前安装java jdk1.8版本+apache-maven-3.3.3+wildfly-10.0.0.Final 1.新建maven项目,到other里面找一下 2.使用默 ...

5. git命令设置简写（别名）

   ### git命令设置简写(别名) 前言:有时候在执行git命令比较多的情况下,每次敲git命令比较费时,同时有些命令比如cherry-pick这种比较长时更是费时,所以可以通过设置命令行简写来设置. ...

6. SQL Server 如何添加删除外键、主键，以及更新自增属性

   1.添加删除主键和外键 例如: -----删除主键约束DECLARE @NAME SYSNAMEDECLARE @TB_NAME SYSNAMESET @TB_NAME = 'Date'SELECT ...

7. C&plus;&plus;实现人员信息管理系统模拟

   利用C++语言实现基本的学生信息管理系统: 要求: 1-设置管理员密码 2-人员数据有:姓名,性别等基本的信息 3-可以添加,删除,保存,统计 #include<iostream> #in ...

8. easyui-textbox高为0

   之前在项目中也遇到过,一段时间没遇到这种问题居然又忘记了,想着还是在博客中记录一下,方便自己记忆,也供大家参考. 大家是否也遇到过easyui-textbox高为0的情况呢 像这样:  用户名:&lt ...

9. 个人JS体系完善（一）

   个人JS体系整理(一) 一. 原型 JS每声明一个Function,都有Prototype原型,Prototype原型是函数的一个默认属性,在函数的创建过程中由JS编译器自动添加,也就是说每当生产一个 ...

10. &lbrack;POJ1226&rsqb;Substrings（后缀数组）

    传送门 给定 n 个字符串,求出现或反转后出现在每个字符串中的最长子串. 算法分析: 这题不同的地方在于要判断是否在反转后的字符串中出现.其实这并没有加大题目的难度. 只需要先将每个字符串都反过来写一 ...