3com WX3000 Manuel D’Utilisation

 

1-2 

Figure 1-1 Encryption and decryption 

Encryption

Key

Decryption

Cipher text

Plain text

Key

Plain text

Encryption

Key

Decryption

Cipher text

Plain text

Key

Plain text

 

 

Key-based algorithm is usually classified into symmetric key algorithm and asymmetric key algorithm. 

Asymmetric key algorithm means that a key pair exists at both ends. The key pair consists of a private 

key and a public key. The public key is effective for both ends, while the private key is effective only for 

the local end. Normally you cannot use the private key through the public key. 

Asymmetric key algorithm encrypts data using the public key and decrypts the data using the private 

key, thus ensuring data security. 

You can also use the asymmetric key algorithm for data signature. For example, user 1 adds his 

signature to the data using the private key, and then sends the data to user 2. User 2 verifies the 

signature using the public key of user 1. If the signature is correct, this means that the data originates 

from user 1. 

Both Revest-Shamir-Adleman Algorithm (RSA) and Digital Signature Algorithm (DSA) are asymmetric 

key algorithms. RSA is used for data encryption and signature, whereas DSA is used for adding 

signature.  

 

Currently, SSH supports both RSA and DSA. 

 

The session establishment between an SSH client and the SSH server involves the following five 

stages:  

Table 1-1 Stages in establishing a session between the SSH client and server 

Version negotiation 

SSH1 and SSH2 are supported. The two parties negotiate a version to use.

Key and algorithm 
negotiation 

SSH supports multiple algorithms. The two parties negotiate an algorithm for 
communication. 

Authentication 

The SSH server authenticates the client in response to the client’s 
authentication request. 

Session request 

This client sends a session request to the server. 

Data exchange 

The client and the server start to communicate with each other.