Overview

Working Principles

• Encryption and decryption
  • When you use a public key to encrypt data, only the corresponding private key can be used to decrypt the data. For example, user A hopes to send messages to user B securely. In this case, A can use B's public key to encrypt the messages, and B can use its private key to decrypt the messages.
  • If you use a private key to encrypt data, the public key can be used to decrypt data. This method is mainly used for digital signature to verify the information source and integrity.
• Digital signature
  • A uses its private key generate a signature for data, and then sends the data and signature to B.
  • B uses A's public key to verify the signature. If the verification is successful, the data is not tampered with and is from A.

Cryptographic Algorithms Supported by KPS

• The SSH key pairs created on the management console support the following cryptographic algorithms:
  • SSH-ED25519
  • ECDSA-SHA2-NISTP256
  • ECDSA-SHA2-NISTP384
  • ECDSA-SHA2-NISTP521
  • SSH_RSA: The length can be 2,048, 3,072, or 4,096 bits.
• The SSH keys imported to the KPS console support the following cryptographic algorithms:
  • SSH-DSS (not recommended)
  • SSH-ED25519
  • ECDSA-SHA2-NISTP256
  • ECDSA-SHA2-NISTP384
  • ECDSA-SHA2-NISTP521
  • SSH_RSA: The length can be 2,048, 3,072, or 4,096 bits.

Usage Process