Comtrol DeviceMaster DM-2000 Series Installation And Configuration Manual page 67

This is an algorithm for public-key cryptography. It is the first algorithm known to be
suitable for signing as well as encryption. RSA is widely used in electronic commerce
protocols, and is believed to be sufficiently secure given sufficiently long keys and the use of
up-to-date implementations. The system includes a communications channel coupled to at
least one terminal having an encoding device, and to at least one terminal having a decoding
device.
• Public key is a value provided by some designated authority as an encryption key that,
combined with a private key derived from the public key, can be used to effectively
encrypt messages and digital signatures.
• Private Key
-
†
RSA Key Pair
-
-
See Key and Certificate Management
Secure Shell (SSH) allows data to be exchanged using a secure channel between two
networked devices. Replaces telnet which has no security. SSH requires password
SSH (Secure
authentication – even if the password is empty.
Shell)
See SSH Server
The Secure Sockets Layer (SSL) is the predecessor of (TLS) Transport Layer Security.
SSL is a commonly-used protocol for managing the security of a message transmission on the
Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is
based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer
Protocol (HTTP) and Transport Control Protocol (TCP) layers.
SSL is included as part of both the Microsoft and Netscape browsers and most Web server
products. Developed by Netscape, SSL also gained the support of Microsoft and other
SSL (Secure
Internet client/server developers as well and became the de facto standard until evolving
Sockets Layer)
into Transport Layer Security.
SSL uses the public-and-private key encryption system from RSA, which also includes the
use of a digital certificate.
See Pages 74 through 77 for detailed information about SSL.
Note: Two slightly different SSL protocols are supported by the DeviceMaster: SSLv3 and
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating
applications and their users on the Internet. When a server and client communicate, TLS
TLS
ensures that no third party may eavesdrop or tamper with any message. TLS is the
(Transport
successor to the Secure Sockets Layer (SSL).
Layer
Security)
TLS and SSL are not interoperable. The TLS protocol does contain a mechanism that allows
TLS implementation to back down to SSL 3.0.
TCP connections that carry data to/from the DeviceMaster serial ports are encrypted using
Secure Data
SSL or TLS security protocols. See
Mode
Security Features Overview
DeviceMaster Installation and Configuration Guide: 2000594 Rev. F
Term or Issue Explanation (Continued)
One half of the key pair used in conjunction with a public key
Both the public and the private keys are needed for encryption /decryption but only
the owner of a private key ever needs to know it. Using the RSA system, the private
key never needs to be sent across the Internet.
The private key is used to decrypt text that has been encrypted with the public key.
Thus, if User A sends User B a message, User A can find out User B's public key (but
not User B's private key) from a central administrator and encrypt a message to User
B using User B's public key. When User B receives it, User B decrypts it with User B's
private key. In addition to encrypting messages (which ensures privacy), User B can
authenticate User B to User A (so that User A knows that it is really User B who sent
the message) by using User B's private key to encrypt a digital certificate.
on Page 73 for more information.
TLSv1.
on Page 79 for more information.
Understanding Security Methods and Terminology
on Page 83 for more information.
Security Modes on Page 71 and Configure/Enable
DeviceMaster Security - 67