1. Abstract
Through easy-to-understand explanations, this series allows you to easily understand the basic principles and application methods of digital signatures just like reading a novel (even if you are a business executive who is not proficient in computers, you can read this article article). Then we will go deeper into the technical details step by step, and finally we will give a DEMO that uses digital signatures in the B/S information system .
Since digital signatures are based on asymmetric encryption technology, we need to talk about symmetric encryption and asymmetric encryption technology first.
(1) Symmetric encryption
What is encryption? Encryption is a technique for "messing the data out". Encryption technology involves 4 kinds of stuff:
1. Plaintext: Data that can be recognized by a person or program. For example, a text file, a piece of lyrics, a Word document, an MP3 , a picture file, a video, and so on.
2. Encryption algorithm: The method of messing up the data.
3. Key (password): A string given when you perform an encryption operation, so that the encryption algorithm not only "mess up" the plaintext, but also makes it "different". In this way, even if others have obtained the decryption algorithm, if there is no password used in the original encryption, the decryption operation cannot be performed.
4. Ciphertext: The result of the plaintext encrypted by the encryption algorithm and key. It looks like a bunch of gibberish, and no one or program can know what it means.
As an example of encryption, I will demonstrate the encryption process using the "Jing's Replacement Encryption Algorithm" that I coined.
明文:good good study, day day up.
key: google
Jing's substitution encryption algorithm: replace all the letters "d" in the plaintext with the key.
Ciphertext: Replace all the letters "d" in "good good study, day day up." with "google" to get the ciphertext "googoogle googoogle stugoogley, googleay googleay up.". Is this ciphertext messy? Most people don't know what it means.
So what is decryption? Decryption is the process of converting ciphertext back into plaintext.
For example, "Jing's Replacement Decryption Algorithm" is to replace all strings in the ciphertext that are the same as the key with "d".
Ciphertext: googoogle googoogle stugoogley, googleay googleay up. Ciphertext: google
Jing's replacement decryption algorithm: replace all strings in the ciphertext that are the same as the key with "d".
Plaintext: Replace all "google" in "googoogle googoogle stugoogley, googleay googleay up." with "d" to get the plaintext "good good study, day day up.".
You must have noticed that the key we use for encryption and decryption must be the same, for example in the above example, both encryption and decryption must use the same key "google". So things like "Jing's replacement encryption algorithm" are called symmetric encryption algorithms. The most popular symmetric encryption algorithms are DES and AES . In addition, there are IDEA, FEAL, LOKI, Lucifer, RC2, RC4, RC5, Blow fish, GOST, CAST, SAFER, SEAL and so on. The file encryption function of WinRAR uses the AES encryption algorithm.
(2) Asymmetric encryption
Asymmetric encryption algorithm is a different kind of encryption algorithm, its key is not 1, but 2 (a pair), let's call them key K1 and key K2. The characteristic of the asymmetric encryption algorithm is that if the key K1 is used for encryption, there is and only the key K2 can decrypt ; . Note the meaning of "have and only" - if encryption is performed with key K1, it cannot be decrypted with key K1; similarly, if encryption is performed with key K2, it cannot be decrypted with key K2. This is a very important feature, as for how to use this feature in practice, see below.
2. Story
我想给Clark传送一个AV小电影,又怕被他的老婆发现......
话说俺得了一个很不错的AV小电影,想通过网络传送给Clark,可是又怕被他的老婆发现(因为Clark的老婆是一个超级黑客,她可以使用sniffer技术截获任何通过网线传送给Clark的数据。别跟我说用VPN,它超出了本文讨论的范围),怎么办呢?对了,我们需要一个“将数据搞乱掉”的技术——加密技术。我先使用WinRAR对小电影进行压缩,然后加上密码“TswcbyyqjsjhfL”(还记得么?WinRAR的文件加密功能使用的是叫作AES的对称加密算法)。接着,将这个加密后的文件通过QQ传送给Clark。然后,兴冲冲地拨打Clark的手机: “喂?Clark么?好久不见,呵呵......我给你发了个好东东呦,在QQ上,收到没?......密码是TswcbyyqjsjhfL,对,就是天生我才必有用,千金散尽还复来的首字母,第一个和最后一个字母要大写呦......”
可是,Clark,我是真的不知道你的老婆大人刚刚就在你的身边呀!而且你也知道,我打电话从来都是喜欢很大声的......呜呜呜...... 在Clark跪了一夜的搓衣板之后,我们都明白:如果是已经保存在自己硬盘上的文件,使用对称加密技术进行加密是没有问题的;如果是两个人通过网络传输文件,使用对称加密就很危险——因为在传送密文的同时,还必须传送解密密钥。我们需要一个与众不同的加密算法,一个不需要传递解密密钥的加密算法。非对称加密正好可以满足我们的需要。基本思路是这样的:首先,生成一对满足非对称加密要求的密钥对(密钥K1和密钥K2)。然后,将密钥K1公布在网上,任何人都可以下载它,我们称这个已经公开的密钥K1为公钥;密钥K2自己留着,不让任何人知道,我们称这个只有自己知道的密钥K2为私钥。当我想给Clark传送小电影时,我可以用Clark的公钥对小电影进行加密,之后这个密文就连我也无法解密了。这个世界上只有一个人能将密文解密,这个人就是拥有私钥的Clark。
后来......
后来,Clark痛定思痛,决定申请一个数字证书。流程是这样的:首先,登录当地的数字证书认证中心网站,填表->出示个人有效证件原件和复印件->缴费->等待数字证书认证中心制作数字证书->领取数字证书。如果您的公司需要申请大量的数字证书,还可以与认证中心的销售人员商量,先领取免费的试用版的数字证书供技术人员试用。
应用1:后来的后来,我又得到了一本电子版的不良漫画,当然,我又想到了Clark。我先在数字证书认证中心下载了Clark的公钥证书(就是一个含有公钥信息的文件),使用非对称加密算法对不良漫画进行加密,再将密文通过QQ传送给Clark。然后,我兴冲冲地拨打Clark的手机: “喂?Clark么?好久不见,呵呵......我给你发了个好东东呦,在QQ上,收到没?......已经用你的公钥加密了。用你的私钥解密就行了^_^ ,Clark兴冲冲地插入他的私钥(忘了说了,私钥并不是一个文件,而是一个USB设备,外形就跟U盘一样,至于为什么要这样,下一篇再说),解密,然后开始看漫画......哈哈!
应用2:Clark,俺这个月手头有点紧...... 唉,这个月买了太多的书,到月底揭不开锅了。正巧在QQ上遇到了Clark: 1-2-3:“Clark,我需要200两纹银,能否借给我?” Clark:“没问题。我这就给你转账。请给我一张借条。” 1-2-3:“太谢谢了,我这就用Word写一个借条给你。” 然后,我新建一个Word文档,写好借条,存盘。然后,然后怎么办呢?我不能直接把借条发送给Clark,原因有: 1. 我无法保证Clark不会在收到借条后将“纹银200两”改为“纹银2000两”。 2. 如果我赖账,Clark无法证明这个借条就是我写的。 3. 普通的Word文档不能作为打官司的证据。 好在我早就申请了数字证书。我先用我的私钥对借条进行加密,然后将加密后的密文用QQ发送给Clark。Clark收到了借条的密文后,在数字证书认证中心的网站上下载我的公钥,然后使用我的公钥将密文解密,发现确实写的是“借纹银200两”,Clark就可以把银子放心的借给我了,我也不会担心Clark会篡改我的借条,原因是: 1. 由于我发给Clark的是密文,Clark无法进行修改。Clark倒是可以修改解密后的借条,但是Clark没有我的私钥,没法模仿我对借条进行加密。这就叫防篡改。
2. 由于用我的私钥进行加密的借条,有且只有我的公钥可以解密。反过来讲,能用我的公钥解密的借条,一定是使用我的私钥加密的,而只有我才拥有我的私钥,这样Clark就可以证明这个借条就是我写的。这就叫防抵赖。
3. 如果我一直赖着不还钱,Clark把我告上了法庭,这个用我的私钥加密过的Word文档就可以当作程堂证供。因为我国已经出台了《中华人民共和国电子签名法》,使数字签名具有了法律效力。 您一定已经注意到了,这个使用我的私钥进行了加密的借条,具有了防篡改、防抵赖的特性,并且可以作为程堂证供,就跟我对这个借条进行了“签名”的效果是一样的。对了,“使用我的私钥对借条进行加密”的过程就叫做数字签名。(由于数字签名算法的速度比较慢,所以在实际对文件签名的过程比上面提到的方法稍稍复杂一些,这个在下一篇再讲)。
应用3:我是1-2-3,我真的是1-2-3,我是真的1-2-3
正如您已经知道的,Clark的老婆是一名超级黑客——就是传说中能用计算机作任何事的人。这不,不久前她就轻松入侵了QQ数据库,下载了Clark的所有好友的ID和密码以及聊天记录。然后,时不时地伪装成Clark的好友跟Clark聊天,搞得Clark最近总是神经兮兮、疑神疑鬼的。这不,昨天我在QQ上遇到了Clark:
1-2-3:“Clark,最近还好吧?我又搞到一个好东东呦,要不要?” Clark:“48475bbt556”
Clark wasn't crazy, and that "48475bbt556" wasn't some kind of clearance code between me and Clark. This "48475bbt556" is what Clark typed randomly on the keyboard, but I know what Clark means. I immediately paste "48475bbt556" into Word, encrypt the Word document with my private key, and send the Word document to Clark. Clark decrypted the Word document with my public key over there, opened it, and found that "48475bbt556" was written in it, so he knew that the QQ side was indeed the real me. Because I am the only person in this world who owns my private key, and Clark's wife can't imitate it no matter how powerful it is. This is the verification function of digital signatures.
By the way, not only people can apply for digital certificates, but also devices (such as web servers ) can apply for digital certificates (called device certificates). Using the verification function of digital signature, you can verify the identity of the server , which is the ultimate solution for anti-phishing.
Three, thinking questions
If Clark sent me the same string (e.g. "1234") every time, instead of hitting some random (random) character on the keyboard every time, Clark's wife would use Clark's laziness to imitate me to chat with Clark QQ, why is this?