数字证书及其认证过程

加密和解密使用同一个密钥的算法，称为对称加密算法；加密和解密使用的是不同的密钥，称为非对称加密算法，公钥系统即属于非对称加密算法。对于对称加密而言，需要着重保护的是对称密钥，对于公钥算法而言，需要着重保护的是私钥。

公钥加密算法，以及衍生出的数字签名、数字证书技术，不仅广泛应用于Internet通讯中，例如HTTPS协议中的SSL/TLS，在单机系统中也越来越受到重视，例如Windows XP的设备驱动程序、.NET的GAC assembly都要求数字签名。微软从Windows98/NT4起即提供了Cryptograph API，支持DES，RC2，RC4，IDEA等对称加密算法和RSA公钥系统等非对称密算法，以及MD5，SHA，MAC等摘要（Digest，也称为Hash，散列）算法。

本文译自：

/tech/security/ssl/howitworks.html

这是一篇生动浅显的文章，对了解公钥系统的工作原理很有帮助，CSDN上已有一篇译文：

/Develop/article/27/27524.shtm

但本人认为上文的关键地方不够准确，欠通顺。本译文在上篇译文的基础上，关键的术语采用了通用译法，少数地方采用了意译，而且附有英文原文，有翻译不当的地方大家可以对照原文。

希望能对公钥系统有兴趣的朋友们有所帮助。

BTW：上面提到的所有对称加密和非对称加密，它们的加解密算法都是公开的，只要不知道密钥，算法的设计者有信心使加密结果不会被轻易破解，这点与WAPI截然不同：）。

以下是中英文对照的译文：

Public key encryption is a technique that uses a pair of asymmetric keys for encryption and decryption. Each pair of keys consists of a public key and a private key. The public key is made public by distributing it widely. The private key is never distributed; it is always kept secret.

公钥加密是使用一对非对称的密钥加密或解密的技术。每一对密钥由公钥和私钥组成。公钥被广泛发布。私钥是隐密的，不公开。

Data that is encrypted with the public key can be decrypted only with the private key. Conversely, data encrypted with the private key can be decrypted only with the public key. This asymmetry is the property that makes public key cryptography so useful.

用公钥加密的数据只能够被私钥解密。反过来，使用私钥加密的数据只能用公钥解密。这个非对称的特性使得公钥加密很有用。

USING PUBLIC KEY CRYPTOGRAPHY FOR AUTHENTICATION

使用公钥加密法认证

Authentication is the process of verifying identity so that one entity can be sure that another entity is who it claims to be. In the following example involving Alice and Bob, public key cryptography is easily used to verify identity. The notation {something}key means that something has been encrypted or decrypted using key.

验证是一个核实身份的过程，以便一方能确认另一方的确是其所声称的那个身份。在下列例

子中包括甲和乙，公钥加密会轻松地校验身份。符号{数据} key意味着"数据"已经使用key 加密或解密。

Suppose Alice wants to authenticate Bob. Bob has a pair of keys, one public and one private. Bob discloses to Alice his public key (the way he does this is discussed later). Alice then generates a random message and sends it to Bob:

A->B random-message

Bob uses his private key to encrypt the message and returns the encrypted version to Alice:

B->A {random-message}bobs-private-key

Alice receives this message and decrypts it by using Bob's previously published public key. She compares the decrypted message with the one she originally sent to Bob; if they match, she knows she's talking to Bob. An imposter presumably wouldn't know Bob's private key and would therefore be unable to properly encrypt the random message for Alice to check.

假如甲想校验乙的身份。乙有一对密钥，一个是公开的，另一个是私有的。乙透露给甲他的公钥。甲产生一个随机信息发送给乙。

甲——〉乙：random message

乙使用他的私钥加密信息，把加密后的信息返回甲。

乙——〉甲：{random-message}乙的私钥

甲收到这个信息然后使用乙的前面公开的公钥解密。他比较解密后的信息与他原先发给乙的信息。如果它们完全一致，就会知道在与乙说话。任意一个中间人不会知道乙的私钥，也不能正确加密甲检查的随机信息。

BUT WAIT, THERE'S MORE

等一下，事情还没有完

Unless you know exactly what you are encrypting, it is never a good idea to encrypt something with your private key and then send it to somebody else. This is because the encrypted value can be used against you (remember, only you could have done the encryption because only you have the private key).

用私钥加密某些信息，然后发送给其他人不是一个好主意，除非你清楚知道这个信息的含义。因为加密后的信息可能被用来对付你（记住，别人知道该信息是你加密的，因为只有你有加密用的私钥）。

So, instead of encrypting the original message sent by Alice, Bob constructs a message digest and encrypts that. A message digest is derived from the random message in a way that has the following useful properties: