当我阅读有关智能卡的信息时,我遇到了这个称为私钥挑战的术语。
私钥质询 - 确保证书绑定到其颁发的令牌并且未被复制或克隆。
这个私钥挑战将如何完成?
谢谢并恭祝安康,
晴天。
问问题
840 次
1 回答
3
from what i know this is usually done by providing a nonce (number once used ... a random number) to a system and asking it to take this number as input for a cryptographic function that needs the private key that belongs to the challanged certificate:
for encryption stuff you usually take your nonce, encrypt it and hand over the cyphertext to the challanged system ... if the system can decrypt your nonce (and give it back to you), it has access to the private key ...
in a signing scenario you hand over your plaintext nonce, and the system has to sign it ... if the signature is valid, the system has access to the private key
of course for a real world application you will want to extend this scheme to avoid playback attacks, man in the middle, etc.
于 2011-08-08T18:44:05.910 回答