Symmetric cryptosystems have a shared key system, which creates the problem of secure key distribution
Asymmetric cryptography uses public and private key pairs, eliminating the need for complex password distribution systems
7.1.1 Public and private keys
7.1.2 RSA (both encryption and digital signature)
The RSA algorithm relies on the inherent computational difficulty of factoring large prime numbers
7.1.3 EI Gamal
Advantages of EI Gamal: Public release, free to use (extended Diffie-Hellman key exchange protocol, supports message encryption and decryption)
Disadvantage: Any message encrypted by the algorithm is doubled in length
7.1.4 Elliptic Curve Cryptosystem (ECC)
A 1088-bit RSA key is equivalent to the key strength of a 160-bit elliptic curve cryptosystem.
7.2 Hash functions
Purpose of hash function: Produce message digest
Basic requirements for hash functions:
Input values can be of any length
The output value has a fixed length
Hash functions are relatively easy to compute for any input value
Hash functions are one-way
Hash functions are collision free
7.2.1 SHA
SHA-1 is not safe, SHA-2 is theoretically not safe
7.2.2 MD2
Non-one-way function, no longer used
7.2.3 MD4
MD4 has a message digest conflict and is not a secure hash algorithm
7.2.4 MD5
512-bit message grouping, 128-bit message digest
Hash function and the length of the generated function value
7.3 Digital signature
The goal of digital signatures
It can guarantee the receiver that the message does come from the sender declared by itself, and non-repudiation is implemented
Assure the receiver that the message has not changed during transmission
Message signatures themselves do not provide privacy protection, only integrity and non-repudiation in encryption goals.
7.3.1 HMAC hash-based message authentication code
Implements some digital signature functions to ensure the integrity of the message transmission process, but does not provide non-repudiation
HMAC relies on a shared secret key and therefore does not provide non-repudiation
7.3.2 Digital signature standards
DSS standard encryption algorithm
Digital Signature Algorithm (DSA)
RSA algorithm (can both digitally sign and encrypt!)
Elliptic Curve Digital Signature Algorithm (ECDSA)
7.4 Public Key Infrastructure (PKI)
The main advantage of public key encryption is that it becomes easy to communicate between two parties who do not know each other. The trusted public key infrastructure layer makes this possible.
7.4.1 Certificate
Digital certificates provide assurance to both parties that the person they are communicating with is indeed who they claim to be.
7.4.2 Certificate Authority
Certificate authorities (CAs) tie the infrastructure together and are neutral organizations that provide notarization services for digital certificates
7.4.3 Certificate generation and revocation
register
The process of proving your identity to a certificate authority in some way is called registration
verify
Verify the certificate by checking the CA's digital signature against the CA's public key, then checking that the certificate is not in the CRL (Certificate Revocation List)
Cancel
Reasons for certificate revocation: The certificate is damaged, the certificate is issued incorrectly, the details of the certificate change, the security association changes
Certificate revocation techniques:
Certificate revocation list: The disadvantage is that it must be downloaded and cross-referenced, and there is a time delay between the revocation of the certificate and notifying the user of the revocation.
Online Certificate Status Protocol: Addressing the inherent latency of certification revocation lists
7.4.4 Management of asymmetric keys
Choose an encryption system
Select key
When using public key encryption, be sure to ensure the confidentiality of the private key
The secret key should be discontinued after a period of service
Key backup
7.5 Applications of cryptography
7.5.1 Portable devices
Currently, mainstream operating systems include disk encryption functions, and commercial tools provide additional functions and management capabilities.
7.5.2 Email
Email rules
Email confidentiality, encrypted email
Message integrity, hashing
Email authentication and integrity, digital signature
Email confidentiality, integrity, identity authentication and non-repudiation, email encryption and digital signature
Email standards
Reliable Privacy (PGP) commercial versions of RSA and IDEA encryption protocols use MD5 to generate message digests; the free version uses Diff-Hellman key exchange, CAST 128-bit encryption/decryption algorithm and SHA-1 hash function
S/MIME (Secure Multipurpose Internet Mail Extensions): relies on X.509 certificates to exchange cryptographic system keys. This supports AES, 3DES and RSA
7.5.3 Web applications
SSL protocol, the goal of SSL is to establish a secure communication channel
The POODLE attack (Poodle attack) showed that there were major flaws in the SSL 3.0 feedback mechanism of TLS. Many organizations gave up support for SSL and relied on the security of TLS.
Steganography and watermarking
Steganography: A method of embedding a secret message within another message using cryptographic techniques
Watermark: Detect copies and track the source of copies
7.5.4 Digital Rights Management (DRM)
Music, movies, e-books, video games, documents
7.5.5 Network connection
Link encryption
Link encryption uses software or hardware solutions to establish a secure tunnel between two points
End-to-end encryption secures communications between both parties and can be implemented independently of link encryption
The difference between link encryption and end-to-end encryption: In link encryption, all data will be encrypted, and the next data will be re-decrypted and then encrypted, which reduces the routing speed. End-to-end encryption does not encrypt the header, tail, address and routing data, which is easy. Attacked by sniffers and eavesdroppers
SSH is end-to-end encrypted
IPSec (Internet Key Exchange (IKE) solves the problem of securely establishing or updating shared keys in an insecure network environment such as the Internet.)
IPSec provides encryption, access control, non-repudiation, and message authentication through public key cryptography and generally uses the IP protocol
IPSec components:
Authentication header (AH), provides integrity and non-repudiation guarantees, provides identity authentication and access control, and can prevent replay attacks
Encapsulating Secure Payload (ESP) provides confidentiality and integrity of packet contents, provides limited authentication, and prevents replay attacks
IPSec has two operating modes:
Transport mode: only packet payload is encrypted, designed for peer-to-peer communication
Tunnel mode: The entire packet is encrypted, designed for inter-gateway communication
ISAKMP (Internet Security Association Key Management Protocol)
Provide background security support services for IPSec by negotiating, establishing, modifying and deleting security associations.
ISAKMP basic requirements:
Perform identity association on communication peers
Establish and manage security associations
Provides a secret key generation mechanism
protect against threats
Wireless Internet
Limited Equivalency Privacy (WEP)
WiFi Secure Access: Eliminate cryptographic weaknesses that compromise WEP (client to wireless access point) via TKIP (Temporal Key Integrity Protocol)
7.6 Cryptographic attacks
Analytical attacks: algebraic operations that attempt to reduce the complexity of the algorithm, focusing on the logic of the algorithm itself
Implementation attack: Exploiting weaknesses in the implementation of cryptographic systems, involving errors and permissions, and methods used to program encryption systems
Statistical attack: An attempt to discover vulnerabilities in the hardware or operating system hosting the cryptographic application
Brute force attack: trying possible, valid key or password combinations, rainbow tables and specialized, scalable hardware involved and developed to brute force
Frequency analysis and ciphertext-only attack: Possessing encrypted ciphertext information is a ciphertext-only attack; frequency analysis is a proven technique against simple passwords
Known plaintext attack: The attacker has a copy of the encrypted message and the plaintext message used to generate the ciphertext
Selected ciphertext attack: The attacker is able to decrypt a selected portion of the ciphertext message and can use the decrypted portion of the message to discover the secret key
Selected plaintext attack: The attacker is able to encrypt selected plaintext information and can analyze the ciphertext output by the encryption algorithm.
Meet-in-the-middle attack: against algorithms that use two rounds of encryption
Man-in-the-middle attack: A malicious person places himself between two communicating parties and intercepts all communications
Birthday attack: Collision attack or reverse hash matching, looking for flaws in the one-to-one correspondence property of hash functions, based on the probability that two different messages using the same hash function will produce a common message digest
Replay attack: intercept encrypted messages between communicating parties and replay the captured information to open a new session