A man-made malicious attack: purposeful destruction, divided into active and passive attacks
(1) Active attack: selectively destroy information in various ways (modify, delete, forge, add, retransmit, out-of-order, impersonate, spread viruses, etc.).
(2) Passive attack: interception, stealing, deciphering, and business traffic analysis without interfering with the normal operation of the information system.
Two common methods of malicious attacks
(1) Monitoring: Attackers obtain sensitive information by monitoring network data.
(2) Retransmission: The attacker intercepts part or all of the information in advance, and sends this information to the receiver later.
(3) Forgery: The attacker forges a message and sends the forged message to the recipient as someone else.
(4) Tampering: The attacker modifies, deletes, and inserts the communication information between legitimate users, and then sends it to the receiver.
(5) Action denial: The communicating entity denies the action that has taken place.
(6) Denial of service attack: The attacker slows down or even paralyzes the system response in some way, preventing legitimate users from obtaining services.
(7) Unauthorized access: The behavior of using network or computer resources not in accordance with the set security policy requirements can be regarded as unauthorized access. Unauthorized access mainly includes counterfeiting, identity attack, illegal operation of the network system by an illegal user, and unauthorized operation by a legitimate user.
(8) Virus spread: computer virus spread through the network is very destructive and difficult to prevent. For example, the well-known CIH virus and "love bug" virus are extremely destructive.
The three-person malicious attack has the characteristics of intelligence, seriousness, concealment, diversity, etc.
(1) Intelligence: Most malicious attackers have fairly high professional skills and proficient operational skills, and have carefully planned and carefully planned the attacker's environment.
(2) Severity: refers to the malicious attack on the network information system involving financial assets, which often causes financial institutions and enterprises to suffer heavy losses due to huge capital losses, or even go bankrupt, and also has a negative impact on social stability.
(3) Concealment: refers to the concealment of man-made malicious attacks, which is not easy to arouse suspicion, and the technical difficulty of committing crimes is high. The scene of a computer crime is also not as obvious as a traditional crime scene.
(4) Diversity: With the development of the Internet, malicious attacks in the network information system also develop and change.
Four basic security services required for information security
(1) Confidentiality: The confidentiality of information means that the information is not obtained by non-designated objects.
(2) Integrity: Integrity refers to the integrity of the data source and the integrity of the data content. The integrity of the data source includes the accuracy and credibility of the data source. Integrity of data content refers to the consistency of the received data with the data generated by the correct source.
(3) Non-repudiation: Non-repudiation means that the data generator or sender cannot deny what they have done. When the sender denies the sent data, the third party can judge and adjudicate the sender's behavior.
Five stages of development of cryptography
(1) Manual stage: This stage is the primary stage of cryptography, which can be traced back to thousands of years ago. It can be said that cryptography has existed since human warfare. Early cryptographic techniques were very simple, and cryptographic transformations were mainly implemented with simple "replacements" or "transpositions".
(2) Mechanical stage: With the continuous development of cryptographic technology, with the continuous development of deciphering technology, the security requirements for passwords are getting higher and higher, and the corresponding algorithm complexity is also increasing, which makes it necessary for people to improve Encryption means using mechanical methods to implement relatively complex cryptographic algorithms.
(3) Modern cryptography stage: With the development of electronic communication and computer technology, cryptography has been systematically developed. In 1949, Shannon published "The Communication Theory of Secrecy Systems", which gave the mathematical foundation of cryptography and proved the perfect secrecy of the one-time pad cryptosystem.
(4) The new direction of cryptography: In the late 1970s, in order to meet the needs of the government and the public for information security, the US government determined the data encryption standard algorithm DES, and disclosed the details of the encryption algorithm for the first time, which made the encryption security based on on top of the confidentiality of the key.
Six basic concepts of cryptography
(1) Cryptography: A science of the methods and principles of transforming comprehensible original messages from information sources into incomprehensible messages, and at the same time recovering the original messages.
(2) Plaintext and ciphertext: The message before transformation by cryptography is called plaintext, and the message transformed by cryptography is called ciphertext.
(3) Encryption algorithm: The algorithm used to convert the original message into ciphertext is called an encryption algorithm.
(4) Decryption algorithm: The algorithm used to restore the plaintext is called a decryption algorithm.
(5) Key: Secret information used for encryption or decryption.
(6) Plaintext space: The set of all possible plaintexts that an encryption algorithm can encrypt.
(7) Ciphertext space: The set of all possible ciphertexts output by an encryption algorithm.
(8) Key space: The set of all possible keys that can be used for encryption or decryption of an algorithm.
Classification of seven cryptosystems
密码体制分为对称密码体制和非对称密码体制。
(1)对称密码体制:指加密/解密的密钥是同一个密钥或者很容易从一个密钥推导出另一个密钥。
对称密码体制首先假设通信双方能够通过一个安全信道协商一个会话密钥(加密/解密密钥),双方通信时,发送者A利用加密密钥k以及加密算法将原始信息m加密成密文c;合法接收者B收到密文c后,利用解密算法及密钥k对密文解密得到原始信息m。对称密码体制的安全性是公开算法的前提下,安全性依赖于密钥的安全性。
(2)非对称密码体制:指加密/解密使用不同的密钥,且由公开的密钥推出私有密钥是困难的。
- 消息的接收者拥有一对公钥和私钥,公钥用于加密数据,私钥用于解密数据。在使用公钥加密算法前,需要一个初始化过程安全生成用户的公钥和私钥,并利用可靠的方法发布公钥。
- 公钥是公开的数据,可以通过一些方法让其他任何用户得到,即公钥不对任何实体保密,但由公钥计算对应的私钥是一个困难的问题(由私钥计算公钥是容易的)。
- 利用公钥及密文,在不知私钥的情况下,计算对应的明文是困难的。