D-Link DFL-2500 User Guide - Page 218
X.509 Certificates
![]() |
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 218 highlights
20.2. Introduction to Cryptography 199 On the sender's side: - The sender prepares a public-private key pair, and publishes the public one. - A one way function, known as hash function, is operated on a message, and a fixed length message digest is obtained. (The mathematical function is only one-way; the original message cannot be recomputed from the digest and any change to the original message will make the digest totally different.) - The sender encrypts the message digest using the private key. - The encrypted message digest becomes the sender's digital signature of the message, and is unique to that message. - The digital signature is sent to the receiver together with the original plaintext message. On the other side: - The receiver uses the hash function to make a message digest of the received plaintext message. - Using the sender's public key, the receiver decrypts the digital signature to get the sender computed message digest. - The two digests are compared. - If the two digests are identical, the received message is valid. Certificate As it is introduced in 8.4 X.509 Certificates, D-Link firewalls also support the digital certificate to be used to further authenticate that the public key really belongs to the alleged party. A certificate is issued by a certification authority (CA) containing a copy of the certificate holder's public key and corresponding information, a serial number, expiration time, and the digital signature of the CA, so that a recipient can verify that the certificate is real. The digital certificates supported by D-Link firewalls conform to X.509 standard. D-Link Firewalls User's Guide
![](/manual_guide/products/dlink-dfl2500-user-guide-83bdca9/218.png)