sequence
As a noob, symmetric encryption, asymmetric encryption, digital signature, digital certificate, CA, diff-helman, DES, AED, RSA... none of these will. Therefore, Baidu starts, and first understands it initially.
practical application
I'm a novice... 0 basics, so let's do some practical applications, this is easier to understand than mathematical formulas.
page 1
How does the Enigma cipher machine work? _哔哩哔哩_bilibili
This is a 3D modeling animation.
From here, it can be found that it is symmetrical, if Y->E, then there is also E->Y. Because, with the same wire, if the current flows in from one end, it will definitely flow out from that end, and if it flows in from that end, it will definitely flow out from this end.
page 2
Encrypted demo:
Decrypted demo:
Almost, just upside down.
page 3
It's not a video, it's a long text
How did Alan Turing decipher Ingmar in The Imitation Game? - Answer at 11:30 - Zhihu
A cryptomonster created by a machine that only a machine can defeat.
Initial understanding, Baidu
Following this video, let's take a look at these concepts on Baidu. Ignore the details for now, and just know the general idea here.
passwords in history
seen above...
modern cipher
Existing problems and solutions
Symmetric encryption
At least, you know, the key, is a string of numbers
Principle of Symmetric Encryption - An Ancient Encryption Method_哔哩哔哩_bilibili
Concrete and XOR-related
used reflexive
The reflexiveness of XOR, here is the flipping of chess pieces, which is very vividly explained
asymmetric encryption
The key is also a number
This flow chart is pretty good
Power refers to this, this flow chart is also very vivid
The comments at the bottom of this video are quite vivid... probably a little bit.
Understand asymmetric encryption in four minutes_哔哩哔哩_bilibili
This is a more specific flowchart
Because the modular operation is not very reversible, it cannot be reversed; then, can you guess the key and do it right?
- D is related to E,T
- E is known in the public key, so only T is required
- T is related to p, q, and N=pq, N is known in the public key, so it is enough to deduce pq from N, how to do it - just factorize N. But this calculation is not small, and it is not a big deal, so it is not good to do it right away.
To sum up, it doesn't work if you do it backwards or in the opposite direction.
Also, that pq seems to be randomly generated
Hashing and Integrity
Practical examples:
some features
One-way: think of it as a lossy compression, long becomes short! so there is no way to restore
The drawer principle, 7 drawers and 8 balls, must be repeated. Good hashes don't have this problem.
Application: no need to store passwords in plain text
The random number [salt] is added to prevent dictionary attacks, that is, to calculate in advance and wait there. For example, calculate the commonly used password 123456 in advance, and wait for the rabbit.
message authentication code
To prevent the message from being tampered with by a third party in the middle, it is similar to the one above adding salt and then hashing
But there is still a problem: the middleman records and replays it multiple times...
digital signature
equivalent to signature
The public key is encrypted and the private key is decrypted in reverse.
Is there a comparison process? Both the message and the digital signature have been sent.
There is another problem: the message is too long, and the digital signature [ciphertext] is also very long, which is not easy to transmit.
Therefore, there is such a thing as calculating the digest of the message hash value first, and signing the digest. After the signed digest is decrypted, the digest is obtained, and then the message is hashed again, and if it matches, it will be fine.
this is more specific
Principles of digital signature and digital certificate_哔哩哔哩_bilibili
It will be easier to understand if you read it in pairs with the handwritten signature. Sign to prevent non-acceptance?
It can be used to prevent the downloaded app from being tampered with and implanting other things
But there are also problems. Anything related to the public key and private key will have the problem of man-in-the-middle attack. Digital signatures are the reverse of public and private keys, so they also exist.
Middleman, invisible person; often encountered, because the Internet will go through many proxy servers
what to do? How do I know this public key belongs to bob and not the middleman? Find an organization to certify - digital certificate
digital certificate
Will trent be intercepted by a middleman? Make a trent of trent, doll...
In the end, a root certification authority was set up, not many, not many.
Feasible roots, RCA, not many, so all are pre-buried in the operating system. With this public key, you can verify it layer by layer to see if it is reliable.
Therefore, don't install any magically modified or pirated operating systems.
A more specific flowchart:
Principles of digital signature and digital certificate_哔哩哔哩_bilibili
summary
five tools
Cryptography applications: STL/TLS
It seems to be a mixed encryption process, specifically to let people read books.
some advices
related books
This is the book:
postscript
Probably have a preliminary understanding.