现在,服务器就可以解密对话密钥了。
对话密钥使用前面已经生成的通用密钥来进行加密。
The conversation key is encrypted using the common key, which has been generated above.
然后,服务器使用解密的对话密钥来解密客户端时间戳。
Then using the decrypted conversation key, the server decrypts the client timestamp.
在生成通用密钥之后,keyserver程序将随机生成一个对话密钥。
After generating a common key, the keyserver program randomly generates a conversation key.
在应答中,服务器发送由对话密钥加密的客户端timestamp - 1。
In reply, the server sends client timestamp-1 encrypted by the conversation key.
它还会发送由对话密钥加密的时间戳(现在服务器和客户端都清楚了对话密钥)。
It also sends the timestamp encrypted by the conversation key (which now both server and client know).
通过接收到的验证器和服务器发送的时间戳,客户端可以清楚服务器能够正确地对对话密钥进行解密,并且正确地进行身份验证。
On receiving the verifier and the server sent timestamp, the client knows that the server was able to correctly decrypt the conversation key and that it is correctly authenticated.
这个验证器包括客户端timestamp-1(由对话密钥进行加密)和索引 ID(位于这个客户端连接的服务器表中)。
This verifier includes the client timestamp - 1 (encrypted by conversation key) and the index ID in the server table for this client connection.
客户端必须有一个签名密钥才能和Puppetmaster对话。
在browse对话框中,选择公共密钥文件(在本示例中为DPGateway 1 . cer),并单击open。
In the browse dialog, select your public key file (in this example, DPGateway1.cer) and click Open.
此密钥交换安全措施与现有的重复。请更改它,或取消此对话框。
This key exchange security method duplicates an existing one. Either modify it, or cancel this dialog.
“更改密钥密码”对话框,您可以在其中更改密钥文件的密码。
Change key password dialog box and change the password of your key file.
总是会显示一份公共密钥的清单, 供您在加密时从中选用。 如果不启用, 只有当程序找不到正确的密钥, 或同时有多个可用密钥时才会显示此对话框。
When this option is enabled, the application will always show you a list of public keys from which you can choose the one it will use for encryption.
要在长时间的对话中保持高级别的安全性,可定期创建新的派生密钥。
To maintain a high level of security through a lengthy conversation, new derived keys can be created periodically.
要在长时间的对话中保持高级别的安全性,可定期创建新的派生密钥。
To maintain a high level of security through a lengthy conversation, new derived keys can be created periodically.
应用推荐