Soft test of information security - the third chapter of the basic theory of cryptography notes are very complete!

    Summary of information security engineer tutorial notes (click me to jump (´▽`ʃ♡ƪ))

1. Cryptography Overview※
2. Cryptosystem Classification※
3. Common Cryptographic Algorithms※※
4. Hash function and digital signature※
5. Password Management and Digital Authentication※
6. Security Protocol※
7. Cryptography Network Security Applications
    
    One ※ is to be familiar with, to know the concepts and principles. Two ※ are required to master

   Compared with the first edition of the textbook, the second edition has deleted a large number of cryptographic principles, except for RSA, other cryptographic principles have been deleted. (The content of cryptography in the first edition seems to be more than two hundred pages)
 

  Proposition rules: choose 5 points, case 2-6 points or lower probability big questions

• On April 1, 2005, the country implemented the "Electronic Signature Law of the People's Republic of China"
• In 2006, the Chinese government announced its own commercial encryption algorithm, which was a major event in the history of my country's encryption development.
• The draft of the 2019 "Encryption Law of the People's Republic of China" has been released

1. Basic concepts of cryptography

Cryptography is the core technology and basic support to ensure network and information security

  Cryptography is a discipline that studies information security protection, in order to realize the security of informationConfidentiality, Integrity, Availability and Non-repudiation. Cryptography is mainly composed of two parts: cryptography and cryptanalysis.

  On April 1, 2005, the country implemented the "Electronic Signature Law of the People's Republic of China". In 2006, the Chinese government announced its own commercial encryption law, which became the first major event in the history of my country's encryption development. The draft of the 2019 "Encryption Law of the People's Republic of China" has been announced

The main purpose of cryptography is to keep the plaintext secret to prevent attackers from knowing it (processing the plaintext into ciphertext), while the purpose of cryptanalysis is toIdentify plaintext without knowing the keyscience. (restore ciphertext to plaintext)

• Plaintext refers to messages that need to be protected using cryptographic techniques. The ciphertext refers to the result of processing the plaintext with cryptographic techniques, and is usually called an encrypted message.
• The process of converting plaintext into ciphertext is called encryption, and the reverse process, that is, the process of recovering the original plaintext from ciphertext is called decryption. A set of operational rules used in the encryption process is called an encryption algorithm, and a set of operational rules used in the decryption process is called a decryption algorithm. The operations of encryption and decryption algorithms are usually carried out under the control of keys, which are called encryption key and decryption key respectively. (There are encryption algorithms and encryption functions)
• Symmetric key: The process of encryption and decryption uses the same key. Asymmetric key: different keys are used for encryption and decryption
• If the encryption process is expressed in mathematical formulas,y = f(x,k)

​ Insert image description here

Password Security Analysis

According to the prerequisites that the cryptanalyst already possessed when deciphering, people usually divide the types of cryptanalytic attacks into five types, which are as follows.

The attack is more and more advantageous from top to bottom!

• Ciphertext-only attack: The cryptanalyst only has one or more ciphertexts encrypted with the same key, and has no other usable information. most harmful to attackers.
• Known plaintext attack: the cryptanalyst only knows some plaintext and corresponding ciphertext under the current key
• Chosen plaintext attack: The cryptanalyst can obtain the ciphertext corresponding to the plaintext chosen by himself under the current key
• Ciphertext verification attack: Cryptanalysis can determine whether the ciphertext is "legal" for any selected ciphertext
• Chosen ciphertext attack: In addition to challenging the ciphertext, the ciphertext analyzer can obtain the corresponding plaintext of any chosen ciphertext. this waybest for attackers，Mainly attacks public key cryptosystems, especially digital signatures

2. Classification of password systems

• Private key cryptosystem.
  • Private key cryptosystem, whose key cannot be made public , also known as symmetric cryptosystem, refers to a widely used common cryptosystem, which is characterized by the use of the same key for encryption and decryption
  • The key distribution and management of private key cryptosystem are extremely important. Key distribution must use a secure way, such as by a dedicated person responsible for escorting the key to the recipient. When different recipients carry out encrypted communication or information exchange, several different keys are required. Assuming that there are n users in the network, and users share a key, then there aren(n-2)/2
  • The shortcomings of the private key cryptography system can be attributed to three points: key distribution problems , key management problems , and the inability to authenticate the source (it is equivalent to stealing your QQ number, sending a good morning to your friend, it cannot directly confirm whether it is Not me).
  • Although the private key cryptography system has deficiencies, the private key cryptography algorithm has a fast processing speed, and people often use it for data encryption processing.
  • Typical algorithms for private key encryption include DES, 3DES, RC4, RC5, IDEA, AES, SM1, SM4, etc.

• public key cryptography

  • Also known as asymmetric cryptosystem, its basic principle is to use different key processing methods in the process of encryption and decryption. Among them, the encryption key can be disclosed, and the decryption key only needs to be stored safely. But it is not suitable for the encryption of large amounts of data and plaintext. (Public key algorithms are generally complex, and will be slow if used to encrypt large amounts of data!)

  • Compared with private key cryptography, public key cryptography has the following advantages:

    1. Easy key distribution, the encryption key can be distributed publicly
    2. Less key storage. Message senders in the network can share a public encryption key, thereby reducing the number of keys kept. Message security is achieved as long as the receiver's decryption key is kept secret
    3. Support digital signature. At present, there are three types of public key cryptosystems that have been proven to be safe and effective, namely the RSA system, the ELGamal system, and the elliptic 33 circular curve cryptosystem.

  • Typical algorithms of public key cryptography are: RSA, elliptic curve cryptography, SM2, etc.
    

• hybrid cryptosystem

    The public key cryptosystem is used to assign the password of the private key cryptosystem, and the sender and receiver of the message share the cryptographic key, and then perform encryption and decryption operations according to the private key cryptosystem. The working principle of the cryptographic hybrid system is shown in the figure below:
  
      Step 1: Message sender A encrypts the message to be sent with a symmetric key
      Step 2: A encrypts the symmetric key with B’s public key to form a digital envelope. Then send the encrypted message and digital envelope to B
      Step 3: After receiving A's encrypted message and digital envelope, B decrypts the digital envelope with its own private key, and obtains the symmetric key when A encrypts the message.
      Step 4: B uses the symmetric key used by A to decrypt the transmitted information

3. Common cryptographic algorithms

3.1 DES

  DES (Data Encryption Standard) is the abbreviation of Data Encryption Standard, developed by IBM Corporation. DES is a block encryption algorithm that can support 64-bit plaintext block encryption , and its key length is 56 bits . DES is the most widely used cryptographic algorithm in the world.

  With the increase of computing speed of computer systems and the progress of network computing, the key length of DES56 bits is not enough to guarantee the security of cryptosystem. NIST adopted Triple DES (Triple Data Encryption Algorithm, TDEA) as the national standard during the transition period on October 25, 1999. And began to collect AES (Advanced Encryption Standard) algorithm

  S-box replacement is the key step of DES algorithm. All other operations are linear and easy to analyze, while S-box is nonlinear, which provides better security compared to other steps. The function of the S box is a simple "substitution" operation. The S box is the48 bits compressed to 32 bits, the S-box receives a specific number of input 48 bits, which are converted into 32-bit outputs by 8 boxes.

  An S box is a table with 4 rows and 16 columns, and each item in the box is a decimal number represented by a 4-digit binary number. The 6 inputs of the S box determine which box it corresponds to.Enter the high and low two digits as the number of rows H(first and bottom six digits),The middle four digits are used as the column number L, find the data corresponding to row H and column L in S-BOX

  Take the S8 box in the following figure as an example, input 110011, the combination of the first digit and the sixth digit is 11, so the line number in the s8 box is 3. The middle four digits of the input are 1001, so the number of columns is 9. The number of s boxes with 3 rows and 9 columns is 12. (Note that the range of rows is 0-3, columns are 0-15, binary)

  Ask another question, complete the s box, and fill in the empty spaces (1)-(4). In fact, the answer is very simple, there is no repeated number in each line of s, and it is within 0~15

Although this is rarely tested, it is really convenient to choose multiple-choice questions. It is recommended to remember it.

3.2 IDEA、AES

Just memorize the concept and memorize the specific bits

  idea (international Date Encryption Algorithm) is the abbreviation of the International Data Encryption Algorithm, which is a block encryption processing algorithm .Both plaintext and ciphertext blocks are 64 bits，The key length is 128 bits. The IDEA algorithm can accept 64-bit block encryption processing, and the same algorithm can be used for both encryption and decryption. The design idea of ​​the algorithm is "mixing operations from different algebraic groups".

  The National Institute of Standards and Technology (NIST) has launched a collection of AES algorithm activities, the purpose of which is to determine a non-confidential, open, global free use of the block cipher algorithm. The participating AES algorithm needs to meet the following requirements:

• Passwords must be unclassified and must never be protected like a trade secret
• The full description of the algorithm must be publicly disclosed
• The password must be freely available worldwide
• The cryptosystem supports at least128-bit long packets
• The cipher supports a key length of at least 128, 192 and 256 bits

  The Rijndael algorithm provides the best combination of security, software and hardware performance, low memory requirements, and flexibility, so the National Institute of Standards and Technology decided to choose Rijndeal as AES.

3.3 RSA

RSA is the only one among many cryptographic algorithms that has not been deleted from the calculation process. If there is a big calculation problem, I think RSA is possible, this must be remembered

  In RSA, both public and private keys can be used to encrypt messages, and the key used to encrypt a message is the opposite of the key used to decrypt a message. The RSA algorithm provides a way to protect the confidentiality, integrity, authenticity, and non-repudiation of network communications and data storage. at present,SSH, OpenPGP, S/MIME, and SSL/TLSBoth rely on RSA for encryption and digital signature capabilities. The RSA algorithm is used in the browser to establish a secure connection on the untrustworthy Internet. RSA signature verification is one of the most commonly performed operations in network-connected systems.

  The RSA algorithm is based on the difficulty of factoring large integers. The algorithm steps are as follows:

• The first step is to generate two large prime numbers p and q
• In the second step, calculate the product of these two prime numbersn=pq
• The third step is to calculate the number of integers smaller than n and mutually prime with n, that is, the Euler functionφ(n) = (p-1)(q-1)
• The fourth step is to choose a random number e, which satisfies 1<e<φ(n), and e and φ(n) are relatively prime, that is, gcd(e , φ(n)) = 1
• Step five, calculated=e⁻¹modφ(n)
• Step six,keep d, p and q secret,andpublic n and e, that is, d is used as the private key, and n and e are used as the public key

4. Domestic cipher algorithm

• Domestic cryptographic algorithms refer to commercial cryptographic algorithms that are independently developed by relevant institutions of the national cryptographic drama and have relevant intellectual property rights

• At present, the published domestic encryption algorithms mainly include the following types:

• • SM1 algorithm, is aSymmetric encryption algorithm，Packet length is 128 bits，The key length is also 128 bits
  • SM2 algorithmbased on elliptic curvesAsymmetric encryption algorithm, applied to public-key cryptosystems. Can be used for digital signatures, key exchange, public key encryption
  • SM3 hash algorithmFor a message m of length L ( L<2⁶⁴) bits, after padding and iterative compression, a hash value is generated, and the hash value is output256 bits long。
  • SM4 cryptographic algorithmIs aSymmetric Encryption Algorithm for Blocks. The algorithm'sPacket length is 128 bits，The key length is 128 bits
  • M9 is the identification password algorithm. In the cryptographic system, the user's private key is calculated by the Key Generation Center (KGC) based on the master key and the user ID, and the user's public key is uniquely determined by the user ID, so the user does not need to guarantee its public key through a third party authenticity. Compared with the certificate-based public key cryptosystem, the key management link in the identity cryptosystem can be simplified. SM9 can support the realization ofPublic key encryption, key exchange, digital signatureand other safety features

5. Hash function and digital signature

5.1 Hash function

  The hash function is referred to as the Hash function, which can convert information of any length into a fixed-length hash value (also known as a digital digest or message digest), and the hash value generated by any unreachable message or file is different. Let h represent the Hash function, then h satisfies the following conditions:

   1. h的输入可以是任意长度的消息或文件M
   2. h的输出的长度是固定的
   3. 给定h和M，计算h(M)是容易的；
   4. 给定h的描述，找两个不同消息M1和M2，使得`h(M1)=h(M2)`是计算上不可行的

  Hash algorithm refers to the calculation method of hash or hash value. Hash algorithm, also known as hash algorithm, hash algorithm, hash algorithm or data digest algorithm, can map any length of bits into a fixed-length bit string. Common Hash algorithms are MD5, SHA, SM3.

• MD5 algorithm (Message Digest Algorithm——5)

  • by512-bit data blocks to process inputinto, produce128-bit summary information, that is, MD5 can generate a hash value with a length of 128 bits.
  • Although md5 is widely used, the latest research shows that Professor Wang Xiaoyun and his research team have proposed a method to quickly find collision attacks with the Hash function, which has proved that the security of MD5 is no longer sufficient.

• SHA algorithm (Secure Hash Algorithm)

  • Developed by NIST, SHA-1 is similar to MD5 in design principles and is alsoProcess input in 512-bit chunks，Generates a 160-bit hash value, but SHA-1 has stronger security than MD5
  • The security of the SHA algorithm is continuously improved, and the released versions include SHA-2 and SHA-3. The length of the hash value generated by the SHA algorithm is SHA-224,SHA-256、SHA-384、SHA-512

• SM3 domestic algorithm

• • The commercial encryption hash algorithm standard published by the State Cryptography Administration in 2010. The algorithm messageThe packet length is 512 bits, the output hash value256 bits long, using the Merkle-Damgard structure

5.2 Digital signature

  Digital Signature (Digital Signature) refers tosigneruse private keyThe hash value of the data to be signedThe result of cryptographic operations. The result can only be verified with the signer's public key to confirm the integrity of the data, the authenticity of the signer's identity and the non-repudiation of the signature. (Note!!! Digital signatureData confidentiality cannot be guaranteed！）

  A digital signature should at least meet the following three conditions

非否认。签名者事后不能否认自己的签名
真实性。接收者能验证签名，而任何其他人都不能伪造签名
可鉴别性。当双方关于签名的真伪发生争执时，第三方能解决双方之间发生的争执。

  A digital signature scheme generally consists ofsignature algorithmandVerification Algorithm Composition. The key of the signature algorithm is secret and only the person who signed it has it; while the verification algorithm is public for others to verify. Typical digital signature schemes areRSA signature system, Rabin signature system, ElGamal signature system and DSS (Data Signature Standard) standard.

  Signature differs from encryption in that the purpose of encryption is toProtect information from being accessed by unauthorized users,andThe signature is to make the receiver of the message sure who the sender of the message is，Whether the information has been tampered with by others。

  Suppose A needs to sign and send an electronic contract document to B. The basic process of A digital signature work is as follows

• In the first step, A uses the hash function to obtain the message digest of the electronic contract document
• In the second step, A uses his own private key to encrypt the message digest to form a digital signature
• In the third step, A sends the electronic contract document and digital signature to B

  After B receives the message sent by A, in order to ensure that the electronic contract document is recognized by A, the verification steps are as follows

• In the first step, B uses the same Hash algorithm as A to obtain the summary of the received electronic contract document
• In the second step, B uses A's public key to decrypt the encrypted message digest from A,
• In the third step, B compares the similarities and differences between the message digest generated by itself and the decrypted message digest. If the two are the same, it proves that the message comes from A; if they are different, it proves that the contract document has been tampered with

5. Password management and digital certificates

5.1 Password Management

  The security of cryptographic systems relies on password management. Password management can be mainly divided into three aspects, namelykey management、Password Management Policy、password test

• Key management mainly revolves around the life cycle of the key, including key generation, key storage, key distribution, key use, key update, key revocation, key backup, key recovery, key destruction, key audit
• Password management policy refers to the relevant legal documents, standards and regulations, security quality evaluation, etc. for the country to manage passwords. The country has promulgated the "Regulations on the Administration of Commercial Encryption", which mainly covers scientific research and production management, sales management, use management, and security and confidentiality management of commercial cryptography.
• Cryptographic evaluation refers to the security and compliance evaluation of related products and systems to ensure the security and effectiveness of the passwords of relevant objects and ensure the safe operation of the cryptographic system. At present, the state has established a commercial encryption testing center.

5.2 Digital certificate

  A digital certificate (Digital Certificate), also known as a public key certificate, is a data structure signed by a certificate certification authority (CA) including public key owner information, public key, issuer information, validity period and extended information.

  Signing certificates can be divided intopersonal certificate、Agency certificates and device certificates, can be used forSigning certificate and encryption certificate. Among them, the signature certificate is a digital certificate used to prove the signature public key, and the encryption certificate is a digital certificate used to prove the public key.

  To manage digital certificates, a digital certificate authentication system (CA for short) is generally established based on PKI technology. CA provides digital certificate application, review, issuance, query, release and certificate revocation and other life cycle management services. The composition of the digital certificate authentication system mainly includes directory server, OCSP server (referring to the online certificate protocol, which is used to check the status of digital certificate), registration server, issuing server, etc.

---

6. Safety Protocol

6.1 Diffie-Hellman key exchange protocol

The probability of taking the test is very low

  Diffie-Hellman is mainly based on the difficulty of solving the discrete logarithm problem, for the following equation:

 Among them, d is called the logarithm of M with the base C as the modulo P. On the premise of knowing C and P, it is very easy to find M from d, which is only equivalent to an exponential calculation. And then from M to find d in turn, you need exponential calculations. As the value of P is large enough, sufficient security strength can be achieved.

 If you want to understand the Diffie-Hellman protocol, you can read my previous blog, which is very detailed!

---

6.2 SSH

It is recommended to understand and understand the principle

  SSH is the abbreviation of Secure Shell, that is, a secure shell. It is based on a public key security application protocol and consists of three sub-protocols: the SSH transport layer protocol , the SSH user authentication protocol , and the SSH connection protocol . Integrity checking and other security services.

  SSH Transport Layer ProtocolProvide algorithm negotiation and key exchange, and realize server authentication, and finally form an encrypted secure connection, which provides integrity, confidentiality and compression option services.

  SSH User Authentication ProtocolThen use the service of the transport protocol to establish a connection, and use traditional password authentication, public key authentication, host authentication and other mechanisms to authenticate users

  SSH connection protocolOn the basis of the previous two protocols, use the established authentication connection and decompose it into a variety of different concurrent logical channels, support registration session tunneling and TCP forwarding (TCP-forwarding), and provide flow space for these channels Service and channel parameter negotiation mechanism.

  Currently, there are two versions of SSH, SSH1 and SSH2, among which SSH1 has been disabled due to vulnerabilities, and now users are using SSH2, the SSH2 protocol structure diagram is as follows

  In practical applications, SSH can support multiple security services such as remote login (Telnet), rsh, rlogin, and file transfer (scp) based on the port forwarding technology (as shown in the figure below). Linux systems generally provide SSH services, and the service process port number is 22. Although the ssh protocol is a secure protocol, it is also subject to man-in-the-middle attacks and denial-of-service attacks.

7. Application of cryptography in network security

It is also necessary to understand and leave an impression!

7.1 Common Citation Scenario Types of Cryptography Technology

• password protectionInternet User Security. Through the public key cryptography technology, the user entity information is bound with the password data to form a digital certificate, which identifies the identity of the network user and provides identity authentication services; at the same time, encryption technology is used to protect the user's personal sensitive information.
• Encrypted securityPhysical and Environmental Security. Identify the identity of the visitor in the physical area to ensure the authenticity of the identity of the visitor; protect the storage integrity and confidentiality of the entry and exit records of the electronic access control system; ensure the storage integrity and confidentiality of the video surveillance recording.
• password protectionNetwork communication security. Through the two-way identity authentication of the entity, the authenticity of the identities of both parties in the communication is guaranteed; the integrity of the data in the communication process is guaranteed through digital signatures; the data in the communication process is encrypted; the access authentication of the network equipment is performed using the password security protocol authentication to ensure The authenticity of the identity of the access device.
• password protectionDevice and Computer Security. Use the password security authentication protocol to identify the identity of the user who logs in to the device; use the hash function and potassium cipher to establish a trusted computer environment; use digital signatures to verify the authenticity of the source of important executable programs; use encryption measures to protect important information on the device Resources; use encryption technologies such as SSH and SSL to establish a secure information transmission channel for remote management of devices.
• password protectionApplication and Data Security. Use security protocols and digital certificates to authenticate login users to ensure the authenticity of application system user identities; encrypt application system access control information; apply SSH and SSL and other cryptographic technologies to transmit important data and protect the confidentiality and integrity of important data ;Encrypt and store important data to prevent sensitive data from leaking; use cryptographic technologies such as Hash function and digital signature to protect the integrity of the application system and prevent hacker attacks from tampering.
• using cryptographic techniquesBusiness Application Innovation. Use cryptographic technologies such as digital certificates and digital signatures to construct online invoices; use cryptographic technologies such as Hash functions to construct blockchains; use cryptographic technologies to establish electronic certificates.

7.2 Router security application

  At present, the threats faced by routers include tampering and forgery of routing information exchange, leakage of router management information, and illegal access of routers. Therefore, in order to solve the above-mentioned problems, cryptography has been applied to the security work of routers, and the main uses are as follows.

• Router Password Management, store the administrator password in the configuration file of the router after performing md5 hash calculation
• Remote Secure Access to Routers, Use SSH to remotely securely access the router (the previous Telnet information transmission was in plain text, which easily leaked sensitive password information)
• Router Switching Authentication, Routing information needs to be exchanged between routers to ensure normal network routing, so routing update packets need to be sent between routers. In order to prevent route cheating, routers check the integrity of routing update packets to ensure routing integrity. At present, routers usually implement MD5-HMAC. If the routing information is tampered with during transmission, the receiving router recalculates the Hash value of the routing information received, and then compares it with the Hash value of the routing information of the sending router. If the two Hash values ​​are not the same, the receiving router rejects the routing information. update package

7.3 Other applications

• There are many security applications of cryptography on the web, including web user identity authentication, web service information encryption processing, and web information integrity check. Currently important information website by usingSSL and Digital Certificates, to prevent communication between the browser and the Web serverLeakage or tampering and forgery of communication information
• For email security issues (Simple Mail Transfer Protocol SMTP is sent out in clear text), by usingPGP(Pretty Good Privacy) to protect. PGP is a kind of encryption software, which can prevent unauthorized persons from reading mail, and can add digital signature to user's mail, so that the recipient can be sure of the sender's identity. PGP uses a variety of cryptographic technologies, among which the key management algorithm uses RSA, data encryption algorithm IDEA, integrity detection and digital signature algorithms, and uses MD5, RSA and random number generators. PGP organically integrates these cryptographic technologies. Using the respective advantages of symmetric and asymmetric encryption algorithms, a relatively complete cryptosystem is realized.

There is also a lot of content in this chapter, which is much less than the first edition of the textbook. Since cryptography was the focus of the exam before the revision, but multiple-choice questions are pointed out after the revision, the big question may be several consecutive small questions, or a not difficult calculation with a maximum of 5-6 points. In fact, there are relatively few references, and there have been no answers in 21 years. But it is still recommended to keep it in mind. Multiple questions