What is a digital signature? What are public and private keys

digital signature

Here, refer to Ruan Yifeng's digital signature explanation, for details, please see: What is a digital signature? - Ruan Yifeng's weblog

1. Bob has two keys, one is the public key and the other is the private key.

2. Bob gives the public key to his friends - Patty, Doug, Susan - each one.

3. Susan is writing a confidential letter to Bob. After she finished writing, she encrypted it with Bob's public key to achieve the effect of secrecy.

4. After Bob receives the letter, he decrypts it with the private key and sees the content of the letter. What I want to emphasize here is that as long as Bob's private key is not leaked, the letter is safe and cannot be decrypted even if it falls into the hands of others.

5. Bob wrote back to Susan and decided to use "digital signature". After he finished writing, he first used the Hash function to generate a digest of the letter.

6. Then, Bob uses the private key to encrypt this digest to generate a "digital signature" (signature).

7. Bob attaches this signature to the letter and sends it to Susan together.

8. After receiving the letter, Susan removes the digital signature, decrypts it with Bob's public key, and obtains the summary of the letter. This proves that the letter was indeed sent by Bob.

9. Susan then uses the Hash function on the letter itself, and compares the result with the summary obtained in the previous step. If the two match, it proves that the letter has not been altered.

10. A complication arises. Doug wanted to trick Susan by secretly using Susan's computer and exchanging his own public key for Bob's. At this point, Susan actually has Doug's public key, but thinks it's Bob's. Therefore, Doug can pretend to be Bob, use his private key to make a "digital signature", write to Susan, and ask Susan to decrypt with fake Bob's public key.

11. Later, Susan feels something is wrong and finds herself unable to determine whether the public key really belongs to Bob. She thought of a way and asked Bob to go to a "certificate authority" (CA for short) to certify the public key. The certificate center uses its own private key to encrypt Bob's public key and some related information to generate a "digital certificate".

12. After Bob gets the digital certificate, he can rest assured. If you write a letter to Susan in the future, you only need to attach the digital certificate while signing the letter.

13. After Susan receives the letter, she uses the CA's public key to unlock the digital certificate, and then she can get Bob's real public key, and then she can prove whether the "digital signature" is really signed by Bob.

14. Next, let's look at an example of applying "digital certificate": https protocol. This protocol is mainly used for web encryption.

15. First, the client sends an encrypted request to the server.

16. After the server encrypts the webpage with its own private key, it sends it to the client together with its own digital certificate.

17. The "Certificate Manager" of the client (browser) has a list of "Trusted Root Certification Authorities". The client will check whether the public key to unlock the digital certificate is in the list according to this list.

18. If the URL recorded in the digital certificate is inconsistent with the URL you are browsing, it means that this certificate may be used fraudulently, and the browser will issue a warning.

19. If the digital certificate is not issued by a trusted authority, the browser will issue another warning.

20. If the digital certificate is reliable, the client can use the server's public key in the certificate to encrypt information and then exchange encrypted information with the server.

public key and private key

digital certificate

A digital certificate is an authoritative electronic document that provides a means of verifying one's identity on the Internet. Its role is similar to the driver's driver's license or daily life certificate. It is issued by an authoritative organization - CA Certificate Authority (Certificate Authority) center, and people can use it to identify each other's identity in Internet communication. That is, the encryption technology with digital certificate as the core can encrypt and decrypt information transmitted on the network, digital signature and signature verification, to ensure the confidentiality and integrity of information transmitted online, the authenticity of the identity of the transaction entity, and the non-repudiation of signed information. Of course, in the process of digital certificate authentication, the role of digital certificate certification center (CA) as an authoritative, impartial and reliable third party is crucial. Digital certificates must also be unique and reliable.

Use the certificate in the browser

Most of the websites we visit have corresponding certificates

insert image description here

We can find this certificate in the settings of the browser (Chrome here)

If we set it as untrustworthy, we will warn you when you visit the corresponding website, telling you that the website is not safe, for the reasons mentioned above.

insert image description here

You can also import certificates to access certain websites that you think are safe but do not have imported certificates.

insert image description here

Private key algorithm:

Private key encryption algorithm , also known as symmetric encryption algorithm , because the decryption key and encryption key of this algorithm are the same. Also because the same key is used for both encryption and decryption, this key cannot be made public.
The private key is that as long as there is a key, it can be unlocked.

Public key algorithm:

Public and private keys come in pairs
The public key is called the public key, and the key known only to you is called the private key
Data encrypted with the public key can only be decrypted with the corresponding private key
Data encrypted with the private key can only be decrypted with the corresponding public key
If it can be decrypted with the public key, it must be encrypted with the corresponding private key.
If it can be decrypted with the private key, it must be encrypted with the corresponding public key.

The public key means that having the key may not be able to unlock it, and the corresponding unlocking key must be used to unlock it, which increases the difficulty.

The difference between private key and public key:

S.NO	private key	public key
1	Private keys are faster than public keys	Public keys are slower than private keys
2	The same key and algorithm are used to encrypt and decrypt messages	In public key cryptography, two keys are used, one for encryption and the other for decryption.
3	In private key cryptography, the key is kept secret.	In public key cryptography, one of the two keys is kept secret.
4	Private keys are symmetric because there is only one key called the secret key	Public keys are asymmetric because there are two types of keys: private and public.
5	In this type of cryptography, the sender and receiver need to share the same secret key	In this type of cryptography, the sender and receiver do not need to share the same secret key.
6	In this cryptography, the key is private	In this type of cryptography, the public key can be public and the private key private.

Format of digital certificate

According to different servers and server versions, we need to use different certificate formats. For mainstream servers on the market, there are probably the following formats:

.DER .CER, the file is in binary format, only saves the certificate, not the private key.
.PEM, generally in text format, can save certificates and private keys.
.CRT, can be in binary format or text format, same as .DER format, does not save the private key.
.PFX .P12, in binary format, contains both the certificate and the private key, generally protected by a password.
.JKS, in binary format, contains both the certificate and the private key, generally protected by a password.

THE

This format is binary file content, and Java and Windows servers prefer this encoding format.

OpenSSL view

openssl x509 -in certificate.der -inform der -text -noout

Convert to PEM:

openssl x509 -in cert.crt -inform der -outform pem -out cert.pem

PEM

Privacy Enhanced Mail, generally in text format, -----BEGIN...starts with and -----END...ends with . The content in the middle is BASE64 encoded. This format can save the certificate and private key. Sometimes we also change the suffix of the private key in PEM format to .key to distinguish the certificate from the private key. You can see the contents of the file for details.

This format is commonly used with Apache and Nginx servers.

OpenSSL view:

openssl x509 -in certificate.pem -text -noout

Convert to DER:

openssl x509 -in cert.crt -outform der -out cert.der

CRT

The abbreviation of Certificate may be in PEM encoding format or DER encoding format. How to view please refer to the first two formats.

PFX

Predecessor of PKCS#12, this format is a binary format, and the certificate and private key are stored in a PFX file. Typically used for IIS servers on Windows. The formatted file generally has a password to ensure the security of the private key.

OpenSSL view:

openssl pkcs12 -in for-iis.pfx

Convert to PEM:

openssl pkcs12 -in for-iis.pfx -out for-iis.pem -nodes

JKS

Java Key Storage, it is easy to know that this is the exclusive format of JAVA, and a keytooltool called in JAVA can be used to convert the format. Typically used for Tomcat servers.

keytool -import -noprompt -keystore cacerts -storepass changeit -keypass changeit -alias elasticsearch -fil e ca.crt;

Create a certificate case locally

generate certificate

#!/bin/bash
read -p "请输入服务器ip地址:" serverIp
echo '服务器ip为: $serverIp'

echo '------------------------------------'
echo '创建根证书RSA私钥:'
echo '此处需要两次输入密码，请务必记住该密码，在后面步骤会用到'
bash -c "openssl genrsa -aes256 -out ca-key.pem 4096"

echo '------------------------------------'
echo '创建CA证书:'
echo '该步骤以上一步生成的密钥创建证书，也就是自签证书，也可从第三方CA机构签发'
bash -c "openssl req -new -x509 -days 3650 -key ca-key.pem -sha256 -out ca.pem"

echo '------------------------------------'
echo '创建服务器私钥:'
bash -c "openssl genrsa -out server-key.pem 4096"

echo '------------------------------------'
echo '创建服务器签名请求证书文件:'
bash -c "openssl req -subj '/CN=$serverIp' -sha256 -new -key server-key.pem -out server.csr"

echo '------------------------------------'
echo '创建extfile.cnf的配置文件'
echo subjectAltName = IP:$serverIp,IP:0.0.0.0 >> extfile.cnf \
echo extendedKeyUsage = serverAuth >> extfile.cnf

echo '------------------------------------'
echo '创建签名生效的服务器端证书文件:'
bash -c "openssl x509 -req -days 3650 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \-CAcreateserial -out server-cert.pem -extfile extfile.cnf"

echo '------------------------------------'
echo '创建客户端私钥:'
bash -c "openssl genrsa -out key.pem 4096"

echo '------------------------------------'
echo '创建客户端签名请求证书文件:'
bash -c "openssl req -subj '/CN=client' -new -key key.pem -out client.csr"

echo '------------------------------------'
echo 'extfile.cnf文件中增加配置:'
echo extendedKeyUsage = clientAuth >> extfile.cnf

echo '------------------------------------'
echo '创建签名生效的客户端证书文件:'
bash -c "openssl x509 -req -days 3650 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem \-CAcreateserial -out cert.pem -extfile extfile.cnf"

echo '------------------------------------'
echo '删除无用文件:'
bash -c "rm -v client.csr server.csr"

echo '------------------------------------'
echo '为证书授权:'
bash -c "chmod -v 0400 ca-key.pem key.pem server-key.pem"
bash -c "chmod -v 0444 ca.pem server-cert.pem cert.pem"


echo '------------------------------------'
echo '证书有效期:'
bash -c "openssl x509 -in ca.pem -noout -dates"

Java import certificate

JavaThe certificate store is inside a directory in Javathe root directory lib/security.
In the following commands, ca.crtand cacertsrespectively correspond to the certificate to be imported and the path of the certificate store. The following commands are written relative paths, so ca.crtthey must be in securitythe directory, and cacertsthe file itself exists.

keytool -import -noprompt -keystore cacerts -storepass changeit -keypass changeit -alias elasticsearch -file ca.crt;

A brief introduction to HTTPS, SSL, and TSL

HTTPS（Hypertext Transfer Protocol Secure ）

HTTPS (full name: Hypertext Transfer Protocol Secure [5] ) is an HTTP channel aimed at security, which ensures the security of the transmission process through transmission encryption and identity authentication on the basis of HTTP [1]. HTTPS adds SSL on the basis of HTTP, and the security basis of HTTPS is SSL, so the detailed content of encryption requires SSL. HTTPS has a different default port than HTTP and an encryption/authentication layer (between HTTP and TCP). The system provides authentication and encrypted communication methods. It is widely used in security-sensitive communications on the World Wide Web, such as transaction payments, etc.

SSL(Transport Layer Security)

SSL (Secure Socket Layer) is a network security protocol first adopted by Netscape. It is a security protocol implemented on the transmission communication protocol (TCP/IP), using public key technology. SSL widely supports various types of networks while providing three basic security services, all of which use public key technology.

The process of SSL handshake

An SSL handshake will have the following events:

Client and server exchange X. 509 certificate so that both parties can confirm each other. During this process, the entire proof chain can be exchanged, or only some underlying proofs can be exchanged. The verification of the certificate includes: checking the validity date and verifying the signature authority of the certificate.
The client computer randomly generates a set of keys, which are used for information encryption and MAC calculation. These keys are encrypted with the server's public key before being sent to the server. There are four keys in total for server-to-client and client-to-server communication.
Information encryption algorithm (for encryption) and Hash function (for ensuring information integrity) are used together. Netscape's SSL implementation is: the client provides a list of all algorithms it supports, and the server chooses the cipher it thinks is the most effective. Server administrators can use or prohibit certain passwords.

TLS(Transport Layer Security)

Transport Layer Security (TLS) is used to provide confidentiality and data integrity between two communicating applications.
The protocol consists of two layers: TLS Record Protocol (TLS Record) and TLS Handshake Protocol (TLS Handshake).

TLS handshake process

Once the client and server agree to use the TLS protocol, they negotiate a stateful connection using a handshake process to transfer data. Through the handshake, the client and server negotiate various parameters for creating a secure connection:

When a client connects to a server that supports the TLS protocol and requires the creation of a secure connection and lists supported cipher combinations (encryption cipher algorithms and hash algorithms), the handshake begins;
The server decides the encryption algorithm and hash algorithm from this list and notifies the client;
The server sends back its digital certificate, which usually contains the server's name, trusted certificate authorities (CAs), and the server's public key;
The client verifies the validity of the server certificate it receives;
In order to generate a session key for a secure connection, the client encrypts the randomly generated key with the server's public key and sends it to the server, only the server can decrypt it with its own private key;
Using random numbers, two parties generate symmetric keys for encryption and decryption. This is the handshake of the TLS protocol, and the connection after the handshake is secure until the connection (is) closed. If any of the above steps fail, the TLS handshake process fails and all connections are dropped.