The hash function is a public mathematical function. The input information of the hash function operation can also be called a message. The result of hash function operation is called hash code or message digest. The hash function has the following characteristics:
(1) Messages with different contents have different hash codes. Once the original message changes, even if one bit of information is changed, the hash codes calculated by the hash function will be completely different. In this way, this hash code is like a "fingerprint" unique to this message.
(2) The hash function is one-way, that is, it is very easy to solve the hash code of a certain message, but it is very difficult to reverse the original message based on the hash code.
(3) For any message, its hash code cannot be predicted.
(4) The hash code has a fixed length. Regardless of the length of the original message, the hash code calculated by the hash function has the same length. For example, MD5 (Message Digest Algorithm 5, the fifth version of the message digest algorithm) hash code length is 128 bits, and whether it is an encyclopedia or a person’s salary for MD5 hash operation, The length of the obtained hash code is 128 bits.
Because the hash function has these characteristics, the hash function can be used to detect the reliability of the message. The receiver uses the same hash function as the sender to calculate the received message. If the same hash code as the sender is obtained, it can be considered that the message has not been tampered with. Otherwise, the message is untrustworthy. Common hash functions include MD5, SHA, HMAC, etc.
MD5 is a very well-known hash algorithm, which has become an international standard and has good security performance. When the MD5 algorithm calculates the input message, it is processed in 512-bit units, and the result is a 128-bit message digest; SHA, HMAC and other algorithms all use 512 bits as the unit for messages of any length After processing, a 160-bit message digest is finally obtained.
1 Digital signature
For important files, data, information, etc. transmitted and stored in a computer system, it is generally necessary to have some way to confirm its authenticity, that is, the receiver can confirm that the information he has obtained is indeed sent by the sender of the information. It is not forged or pretended by an illegal intruder, and it must be ensured that the information is not maliciously tampered with during transmission and storage, so that this information can truly reflect the intention of the sender.
In addition, for the sender, if a message is sent, there must be certain measures to prevent it from denying that it sent the message, that is, non-repudiation. Only by doing the above points can an information transmission and storage system be safe and reliable, and the information transmitted and stored on it is true and trustworthy.
For example, buyers and sellers in mutual trade conduct trade through a computer system. The seller sends an electronic quotation to the buyer through the computer system. After receiving it, the buyer changes the received unit price without authorization and claims to be the seller. , And place an order accordingly, which is tampering with information. Obviously a secure system should be able to prevent this behavior.
To realize the above-mentioned secure system, digital signature technology is indispensable. Digital signature is mainly composed of two algorithms: signature algorithm and verification algorithm. By using a signature algorithm to sign a message, the resulting signature can verify the authenticity and validity of the signature through a verification algorithm. Therefore, the general process of digital signature technology is: the sender of the information signs the information with its own private key, and then the sender sends this signature and the information to the receiver. After receiving the information, the receiver uses the sender's public key to verify the digital signature and confirm its legitimacy. There are already a large number of digital signature algorithms, such as RSA digital signature algorithm, EIGamal, Fiat-Shamir, Guillon-Oucsquerrter, DSS (Digital Signature Standard), DSA (Digital Signature Algorithm, digital signature algorithm), elliptic curve Wait.
1.1 RSA combined with MD5 digital signature
As mentioned earlier, RSA public key encryption technology itself can be used to implement digital signatures. However, the computational complexity of digital signatures using only public key encryption algorithms is relatively large, especially when the amount of information to be transmitted is relatively large, the speed will be slower. Obviously, directly using this method for digital signature is not a good choice. The hash algorithm (for example, the MD5 algorithm) has very good characteristics, it can produce mutually different, unique, short message digests for each different length of information. This message digest can be regarded as the unique "fingerprint" of this information, so it is very suitable for digital signature.
The original data is hashed through the hash algorithm, and then the hash code is encrypted with the public key to achieve a good digital signature. Its characteristics are: it represents the characteristics of the file and is unique. As long as the file changes even one piece of data, or the signer has any difference, the value of the digital signature will also change accordingly; different files and signers get different digital signatures.
The main process of RSA combined with MD5 digital signature is: the sender of information generates a message digest by hashing the information, and then the sender encrypts the message digest with its own private key to form the sender's digital signature. Then, send this digital signature as an attachment to the message and send it to the recipient of the message. After receiving the information, the receiver first performs the same hash operation on the received information as the sender to obtain a message digest, and then uses the sender’s public key to decrypt the digital signature attached to the message to obtain the sender’s calculation The hash code. If the two hash codes are the same, then the receiver can confirm that the information and the digital signature were sent by the sender. The digital signature can realize the authentication of the original information integrity and the non-repudiation of the information sent by the sender.
Let's combine an example to take a look at the specific steps of RSA combined with MD5 digital signature:
(1) The information sender A wants to send a piece of information to B, and A first hashes the information according to the hashing algorithm agreed by both parties to obtain a message digest H unique to the information, which can be known from the foregoing, as long as If any bit in the message is changed, the recalculated message digest value will not match the original value. This guarantees the immutability of the information.
(2) Then encrypt the message digest with A's own private key, and get A's digital signature S for the message.
(3) Then A sends the original message and the digital signature S to B.
(4) When B receives it, first decrypt the digital signature S with A's public key to obtain A's message digest H.
(5) Use the same hash algorithm to hash the received information to get the message digest H'.
(6) Compare H and H', if they are equal, it means that the information does come from the sender A it claims.
During the transmission process, if an attacker tampered with the file, but he did not know the sender's private key, therefore, the digital signature H obtained by the receiver's decryption must be different from the calculated digital signature H'. This provides a safe way to confirm the identity of the sender. Of course, in the above example, the transmitted information appears in plain text, which does not have the meaning of confidentiality. In practical applications, it is also necessary to apply appropriate confidentiality measures to the information itself.
An important feature of RSA for digital signatures is that it can verify the identity of the sender of the information and the reliability and integrity of the electronic file. It is unique to the sender and the information being sent, verifiable and undeniable Authoritative feature; another important feature is that it can confirm that the parties are who they claim are by exchanging digital certificates between computers.
1.2 Digital signature standards
DSS is the digital signature standard of the American National Institute of Standards and Technology, which has been extensively revised since it was proposed in 1991. DSS specifies a digital signature algorithm-DSA for calculating and verifying digital signatures. DSA is an improved version of El Gamal's digital signature algorithm. It reduces the amount of digital signature data by selecting smaller specifications, thereby reducing storage space and transmission bandwidth.
DSS specifies SHA as its hashing algorithm. It generates a 160-bit message digest after computing the original information, and then DSS sends this message digest and a random number used for this special signature as input to the digital signature algorithm. The digital signature is generated after calculation. The digital signature function also relies on the sender's private key SK and a global public key composed of a set of important public keys that are open to many communicating parties. After receiving the message digest and signature, the receiver uses it as the input of the verification function. The verification function also relies on the global public key and the public key PK that matches the sender's private key, so that only the sender can generate a valid signature with its own private key.
As an important authentication technology, digital signature has received more and more attention in recent years and has been widely used in government, military, finance, security and other fields. Digital signatures can effectively guarantee the integrity of data and prevent third-party forgery or denial by the sender.
On August 28, 2004, the Eleventh Meeting of the Standing Committee of the Tenth National People's Congress passed the Electronic Signature Law through a vote. This law stipulates that reliable electronic signatures have the same legal effect as handwritten signatures or seals, and will come into force on April 1, 2005. This law will play an extremely important role in promoting the development of computer information systems such as e-commerce and e-government in my country.
2 Digital envelope
The digital envelope is an application of the public key cryptosystem in practice. It uses encryption technology to ensure that only the specified recipients can read the content of the communication.
In a digital envelope, the information sender uses a symmetric key to encrypt the content of the information, and then encrypts the symmetric key with the recipient’s public key (this part is called the digital envelope), and then combines it with the encrypted information Send to the receiver, the receiver first uses the corresponding private key to open the digital envelope to obtain the symmetric key, and then uses the symmetric key to unlock the encrypted information. The security of this technology is quite high.
