Basic knowledge of cryptography will learn

Others 2020-04-04 12:44:30 views: null

Article Updated: 2020-04-02
Note: This article reference from Machinery Industry Press "Password principles and application engineering."

Click on the directory jump

First, the scope of research into cryptography

Cryptography is an encryption-related arts and sciences.

1, the role of cryptography

Cryptography is part of the overall security system, but it is also the most critical part.
Cryptography systems typically provide access control functions.

2, barrel theory

The security of each security system depends on its most vulnerable part.

To improve the security of the system, we need to improve the security of the most vulnerable parts of the system. So we must first know who are the most vulnerable. This can be a complete hierarchical tree structure, each part of the system is what links, with each link in what other sub-sectors. We can link these attacks are organized into a tree (attack tree).

3, opponents set

Because if an attacker wants to attack the system, it will attack the weakest link in the system.

So we have to set to rival 最狡猾opponents, so that we can better improve the security of our system!

Second, Introduction to Cryptography

Note 1: cryptographically conventional example referred to for convenience as the sender Alice, the recipient is Bob, as eavesdropper Eve.

Note 2: If you look up the dictionary, you will find the key reading (yue). But some cryptography old professor will read when reading (yao). So when without ambiguity (key (yue) and honeymoons homonym ~)), you should read what is possible.

1, encryption

  1. In order to prevent information being tapped from us, we can choose before sending the message, the plaintext mby the encryption function Eusing the key K E is encrypted into ciphertext c, and then transmitted.

  2. By the ciphertext receiver cafter decryption function by Dusing the key K E is decrypted plaintext m, so far, the information transmission is completed.

  3. If you Evewere eavesdropping, then he can only get the ciphertext, no key k E will not be in plain text.

  4. So the question is, how to deliver key it? If you have a secure channel is used to convey the key, then send information directly to good?

    This involves the key distribution problem, do not expand here first. Being that Aliceand Bobuse another secure channel negotiation key. For example, when the last negotiation meeting, or written on paper mail in the past and so on.

  5. kerckhoffin principle

    Security encryption scheme must depend only on the key K to E confidentiality, without depending on the algorithm for secrecy.

    Facts have proved that the algorithm is not public is often problematic, we can not stand the test.

2. Certification

In the previous section, we explain how to conduct encrypted to prevent Eveeavesdropping to plaintext. But this has not prevented Evemodify the information.

Because EveSince the channel can eavesdrop, then he respective information may also be modified to intercept delete, or change the order of several messages, these are possible.

The recipient can not tell whether information has been tampered with. To solve this problem, we introduced the 认证concept.

  1. And encryption, authentication need to use a key, referred to herein as K A

  2. Before transmitting information, we first use the K A of the information is a message authentication code computed (Message Authentication Code), it may also be referred to MAC.

  3. When sending messages, and even MACsend the past.

  4. BobReceived 信息mand MACafter their own information to calculate it again MACto see if and sent me MACthe same. If the same, indicating that information safe. If not, it means that the information has been tampered with or damaged, it is directly discarded.

  5. Now if Eveeavesdropping even tampered with the information at the same time, but because he did not have an authentication key k A , so he is unable to play the role of tampering, because the Bobreceipt was found MACnot to respect not throw ~

  6. But that there is a problem, it is not enough to resist 消息重放攻击. What is the message replay attacks?

    To say, Evetapping into the information is not tampered with, but along with MACpreserved, waiting for some time, and then together MACsent together Bob, due MACto be effective, it Bobwill think the message is valid.

    If the order is important in some scenes information, then this will also cause harm. To avoid this, we can add the number in the message. And verify that number when received, if the subject is less than the number of information number has been received, it is discarded. It means the future, if the information received No. 2, No. 1 Information was received No. 1 data will be discarded.

Note: 加密and 认证are two different concepts. Encryption can only guarantee not to disclose the plaintext, and certification is to ensure the integrity of the message.

3, public key encryption

In the above we discussed the encryption scheme, there is a need to send information both encryption key K E . We can imagine that, if a number of teams were the case, the key exchange is a very troublesome thing, but more than one person, the number of keys was also significantly increased.

You do not want your boss put a lot of work time spent on the exchange of key words.

To solve this problem, we introduce the 公钥加密concept.

  1. First, we use a special algorithm to generate a pair of keys (S Bob , P Bob ), where S Bob the private key, P Bob public key.

  2. Then Bobopen his public! In this way, everyone can get Bob's public key, which is consistent with the public key name of Kazakhstan.

  3. Then Aliceyou can use Bobthe public key information mis encrypted into ciphertext c, then sent to Bob.

  4. BobBy the ciphertext clater, using the private key S Bob ciphertext decrypts m.

  5. So BobI want to Alicesend a message is encrypted with your private key it? Impossible, as anyone with a Bobperson's public key can decrypt the information will be. What encryption? To Alicesend a message of course is to use Alicethe public key it!

  6. So, who to send private information on who is using public key encryption, decryption information only corresponding can. So if you want people to give you the information, you open your own public key on it.

Note 1: public and private keys are not the same, unlike the previously mentioned encryption key K E . In public-key encryption system, even the encryption function and the decryption functions are not the same.

Note 2: You do not want the private key to decrypt the encrypted public key information? You decrypt a try, I look at you decrypt it.

3, the digital signature

Waiting for me ...
this chapter to write.

三、Enjoy!

Follow-up ...

I'm not the top students
Published 75 original articles · won praise 8 · views 10000 +
Private letter concerns

Guess you like

Origin blog.csdn.net/qq_21516633/article/details/105267465
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com