PKI原理与技术》实验教学大纲

课程代码

045101351

课程名称

PKI原理与技术

英文名称

PKIPrinciple and Technology

课程类别

专业基础课

课程性质

必修

学时

16

学分

2.5

开课学期

第六学期

开课单位

计算机科学与工程学院

适用专业

信息安全

授课语言

中文

先修课程

高级程序设计语言、密码学与安全协议

毕业要求(专业培养能力)

培养学生掌握扎实的信息安全基础理论知识,了解信息安全尤其是PKI发展前沿知识和新兴技术,开拓学生的视野,培养研究能力,培养工程实践能力,培养学生的动手能力和创新能力。

课程培养学生的能力(教学目标)

通过实验,基本掌握公钥基础设施(PKI)的有关理论、原理,基本掌握PKI的开发与使用相关技术。所以实验内容的设置也主要是结合上述的内容。

课程简介

该课程为《PKI原理与技术》的实验课,包含以下三个实验:

1.CA证书的签发与认证

2.C/C++实现证书的读取与验证数字签名

3.C/C++实现RSA密钥对的生成及数字签名

旨在通过以三个实验,帮助学生掌握PKI技术中CA证书的使用,以及一般的PKI编程方法。

主要仪器设备与软件

个人计算机,Linux操作系统内核2.6及以上,OpenSSL

实验报告

说明实验原理(理念)并进行方案选择,阐明为什么要选择这个实验方案以及所采用方案的特点。并重点说明实验是如何实现的,包括:对实验工作的详细表述。要求层次分明、表达确切。

考核方式

(1)本门实验课将结合出勤、实验操作以及实验报告等进行考核,其中出勤占实验课总评成绩的10%,实验操作占实验总评成绩的60%,实验报告占实验总评成绩的30%

(2)本门实验课总评成绩占课程总评成绩的30%

教材、实验指导书及教学参考书目

[1]华南理工大学计算机学院“PKI原理与技术”实验手册

[2]佘堃,郑方伟,《PKI原理与技术》,电子科技大学出版社,2007.8

制定人及发布时间

徐玲玲,201955


PKI原理与技术》实验教学内容与学时分配

实验项目编号

实验项目名称

实验学时

实验内容提要

实验类型

实验要求

每组人数

主要仪器设备与软件

1

CA证书的签发与认证

4

学会签发根CA证书,使用根CA证书签发下级证书。

综合性

必做

1

Linux操作系统内核2.6及以上,OpenSSL

2

C/C++实现证书的读取与验证数字签名

6

掌握证书的结构,学会验证数字签名。

综合性

必做

1

Linux操作系统内核2.6及以上,OpenSSL

3

C/C++实现RSA密钥对的生成及数字签名

6

熟练掌握密钥对的生成以及利用密钥对做数字签名等操作。

设计性

必做

1

Linux操作系统内核2.6及以上,OpenSSL




PKIPrinciple and TechnologySyllabus

Course Code

045101351

CourseTitle

PKIPrinciple and Technology

CourseCategory

Specialty-basisCourse

CourseNature

CompulsoryCourse

Class Hours

16

Credits

2.5

Semester

The sixthSemester

Institute

Schoolof Computer Science and Engineering

ProgramOriented

InformationSecurity

TeachingLanguage

Chinese

Prerequisites

High-levelLanguage Programming ,  Cryptography and security protocol

StudentOutcomes (Special Training Ability)

Trainstudents to master a solid theoretical foundation of computerknowledge, understand the development of computer scienceknowledge and new technology, develop students' horizons,cultivate research ability and engineering practice ability, andcultivate students' practical ability and innovation ability.

TeachingObjectives

Throughexperiments, we require students master the relevant theories andprinciples of public key infrastructure (PKI), and master therelated technologies of PKI development and application.Therefore, the content of the experiment is mainly combined withthe above content.

CourseDescription

Thiscourse is an experimental course of PKI principles and techniques,which includes the following three experiments:

1.Issueand certification of CA certificates

2.DevelopC/C++ program to achieve the certificate read and verify, digitalsignature

3.DevelopC/C++ program implement RSA key pair generation and digitalsignature

Theaim is to help students master the usage of CA certificates andthe general PKI programming method through these threeexperiments.

Instrumentsand Equipments

PersonalcomputerLinuxoperating system kernel 2.6 and aboveOpenSSL

ExperimentReport

Explainthe experimental principle and scheme, and explain why we shouldchoose the experimental scheme and the characteristics of theadopted scheme. It focuses on how the experiment is achieved,including a detailed description of the experiment. Therequirements are clear and exact.

Assessment

(1)the experiment course will combine the attendance, experimentaloperation and experimental report assessment, including attendancegrades experimental class accounted for 10%, accounting for theoverall results of experiment 60%, experiment report forexperimental grades 30%.

(2)the experiment course grades for courses grades 30%.

TeachingMaterials and Reference Books

[1]PKI principle and technology experiments guide, South ChinaUniversity of Technology.

[2]Yu Kun,Zheng Fangwei, PKI principle and technologyUESTCpress2007.8

Preparedby Whom and When

XuLingling, 5thMay2019

CourseTitle”ExperimentalTeaching Arrangements

No.

ExperimentItem

ClassHours

ContentSummary

Category

Requirements

Numberof StudentsEach Group

Instruments,Equipments and Software

1

Issue andcertification of  CA certificate

4

Learn tosign the root CA certificate and issue a lower certificate withthe root CA certificate.

Comprehensive

Compulsory

1

PersonalcomputerLinuxoperating system kernel 2.6 and aboveOpenSSL

2

DevelopC/C++ program to achieve the certificate read ,verify and digitalsignature

6

Master thestructure of a certificate and learn to verify a digitalsignature.

Comprehensive

Compulsory

1

PersonalcomputerLinuxoperating system kernel 2.6 and aboveOpenSSL

3

DevelopC/C++ program to generate RSA key pair and digital signature

6

Master thegeneration of key pair and do digital signature with key pair.

Design

Compulsory

1

PersonalcomputerLinuxoperating system kernel 2.6 and aboveOpenSSL