Chapter 10 Cryptography and Applications
10.1 The concept of cryptography and development history
10.1.1 concept of cryptography
1. cryptography including password program to learn and cryptanalysis.
Password learn programming encoded main information, build a variety of safe and effective cryptographic algorithms and protocols used for message encryption, certification.
Learn cryptanalysis is the study of deciphering the code gets the message, or the message forgery.
10.1.2 the history of cryptology
- The first stage:
classical password, Caesar cipher
encryption algorithm to use more alternative and replacement for the character. - The second stage:
mechanical instead of manual calculation of
security still depends cryptographic algorithms secret cryptographic algorithm itself.
The most representative is ENIGMA machine wheel - The third stage:
Shannon published "Communication Theory of Secrecy Systems" cross-era papers as cryptography laid the theoretical foundation, cryptography began to become a science. - Phase IV:
Cryptography entered a new phase of public key cryptography.
Now, cryptography has been widely used, password standardization and applications century unprecedented attention governments, academia and industry to promote the research and application of cryptography.
10.2 cryptographic algorithms
Password divided into three categories according to their functional characteristics: a symmetric cipher (also known as the traditional password), public key cryptography (also called asymmetric cryptography) and Secure Hash Algorithm.
10.2.1 symmetric ciphers
1. Basic symmetric cryptographic algorithm is the same key for encryption and decryption, or relatively easily derived, also known as a single key algorithm.
Symmetric ciphers are often divided into stream cipher and block cipher algorithm.
2. The block cipher is the number after the plaintext message encoded representation (referred to as plaintext digital) sequence of length N is divided into groups (may be viewed as a vector of length N), are converted into each other under the control of the key long digital output (the ciphertext digital) sequence.
3. The stream cipher is the use of a small key (manufactured arbitrary element) by some complex operations (encryption algorithm) to generate a large number of pseudo-random bit stream for encrypting the plaintext bit stream.
10.2.2 asymmetric cryptographic algorithm
Public-key cryptosystem is built on the basis of mathematical functions, rather than based on alternative and replacement operation. In public key cryptography, a different encryption key and decryption key, the decryption key corresponding deduced computationally infeasible by the encryption key. Cryptographic algorithms and key systems can be made public, only the decryption key secret.
10.2.3 hash function
Hash (the Hash) function is a basic method for message authentication, message integrity, and is mainly used for digital signatures.
10.3 cyberspace security cryptographic applications
- Confidentiality Protection: confidentiality protection is usually solved by encryption
- Integrity Protection: cyclic redundancy check code is a kind of integrity protection measures
- Identifiability protection: protection generally can be identified by a digital signature to achieve
- Protection of non-repudiation: a period of additional data by embedding only the sender or can be generated in the transmission data
- The validity of the authorization certificate to ensure authorized access: authorization and access control issues
10.3.1 Public Key Infrastructure
1.PKI overview of
key infrastructure has become a public-key infrastructure.
2.PKI architecture
PKI system generally consists of CA, registration authority (RA), digital certificates, certificate / CRL libraries and end-entity parts, etc.
- CA
To ensure true and reliable digital certificates need to establish a credible institution, the author is responsible for generating a digital certificate issuance, management, the organization that is the certification authority CA.
The main function:- Issuing and managing certificates
- CRL issuance and management
- The establishment of RA, audit and management
- RA
application is responsible for digital certificates, audit and registration, but also extends CA certification bodies.
Features:- Audit user identity information, to ensure its authenticity
- Management and maintenance of user identity information in the region
- Download the digital certificate
- Issuing and managing digital certificates
- Registration blacklist
- Digital certificate
digital certificate signed by a CA through a period of three, has a body of data that contains identity information and public key, is proof of the identity of each entity, unique and authoritative. A pair of public digital certificate and private key, respectively.
Certificate body generally include the following:- version number
- serial number
- Signature Algorithm representation
- Issuer
- Validity
- Principal name
- Body public
- Release the unique identifier
- Theme unique identifier
- Extension field
- Certificate / CRL libraries
certificate / CRL library is mainly used to publish, store digital certificates and certificate revocation lists for users to query, obtain a digital certificate for other users, the system used in the CRL.
- Terminal entity
terminal entity refers to an end user who has a public / private key and corresponding public key certificate, may be a person, device, and other processes.
3.PKI interoperability model
need to adopt new models to build and manage the new relationship between them.
PKI common interoperability model are:
- Strict hierarchical model
tree model or hierarchical model
army vertical industries school love Oh
hierarchy model, the trust built on strict hierarchical mechanism, the advantage is similar to the structure of its institutions and many organizations or units, easy planning, the drawback is different CA units must be under a common management of the CA, the root CA will lead to risk concentration. - Net trust structure model
the confidence dispersed to two or more CA, in this configuration, each terminal can be trusted entity CA issuing the certificate, and if the trust between the CA, the certificate issuing places another point manner. Trust advantage mesh structure of the model in a flexible triple structure, easy to expand, for the organization dynamic. Select the disadvantage of three certification path more difficult. - Trust bridge structure model
of each root CA are cross-certify with the CA at the center, but to the as interconnected at the center of the bridge is referred to as CA CA
4.PKI application and development of
PKI as a security measure basis, the network is widely used. PKI is also growing, mainly as follows:
- Attribute certificate
AC is an important part of the privilege management infrastructure. The core idea is to target resources management, access control to resources will be handed over to full unified access control management by the owner of the resource. - Roaming certificate
which is provided by third-party software, you only need to properly configure the system, the software can allow users to access their public / private key pair. - Wireless PKI
10.3.2 Virtual Private Network
1. Virtual Private Network
Virtual Private Network ( VPN ) usually refers to the public network, the tunnel technology, establish a temporary, secure network. VPN from the "virtual" (virtual), "special or private" (private) and "Network" (network) components.
2.VPN features
- low cost
- Security
- Quality of Service
- Manageable
- reason
- Scalability
3.VPN working principle and key technologies
- Tunneling
Tunneling is performed by encapsulating the data, to establish a data channel in the public network, so that packets transmitted through the tunnel.
Three kinds of tunneling protocols: Layer Two Tunneling Protocol, a third and a fourth layer Layer Two Tunneling Protocol Tunneling Protocol.- Layer Two Tunneling Protocol data link layer, the principle is first encapsulated into a variety of network protocols PPP packet, then the entire packet into the tunnel protocol, this data packet through the two layers of encapsulation by a second layer protocol transmission.
- Principle third layer tunneling protocol is a network layer protocol directly into the various network tunneling protocol, the data packet forming a third layer protocols rely for transmission.
- The fourth layer tunneling protocol at the transport layer for data encapsulation.
- Encryption technology
in VPN implementation, a large number of communication traffic encryption symmetric encryption algorithm, while the use of asymmetric cryptography in the management and distribution of symmetric encryption key. - User authentication techniques and equipment
in addition to the traditional authentication protocol, using PKI authentication system has IPSec, SSL protocol, etc., in these protocols, the communication parties by exchanging digital certificate is verified to confirm the identity of each other. IPSec technology
IPSec protocol to provide protection for IP and upper layer protocols. Security processing of the packets of high intensity at the IP layer provides services including access control, integrity, authentication and confidentiality, including. It consists of two parts security protocols and key agreement protocol.
Ipsee Security Encapsulating Security Protocol given load (ESP) and Authentication Header (AH) two mechanisms.ESP communication mechanism to provide confidentiality, integrity protection; AH mechanism to provide integrity protection for communications.
IPSec protocol uses Internet Key Exchange (IKE) protocol for security parameter negotiation. Security parameters set is called a security association (SA).- IPSec architecture
- Authentication Header protocol
for enhancing the IP layer security, the protocol may provide connectionless data integrity, data origin authentication and anti-replay service attacks.
AH authentication is implemented mainly based on MAC, the two sides need to share a secret key that contains a hash value with a key in the header.
AH format comprises five fixed-length field and a variable length authentication data fields:
1) next header
2) load length
3) reserved
4) Security Parameter Index
5) SEQ ID NO
6) authentication data
- Encapsulating Security Payload
Encapsulating Security Payload ( the ESP ) is an enhanced protocol of the IP layer security protocol IPSec, defined by RFC2406. In addition to the ESP protocol may provide connectionless data integrity, data origin authentication and anti-replay service attack, but also provides packet data stream encryption and encryption services.
ESP packet consists of four fixed-length field and a variable length 3 domains:
1) the Security Parameter Index
2) SEQ ID NO
3) payload data
4) filling
5) filling length
6) Next Header
7) authentication data
- Security association
security association (SA) is the basis of IPSec. AH and ESP protocols use SA to secure communications.
Using a security protocol triplet uniquely identifies SA, the triplet comprising security parameter index (SPI), IP destination address and security protocol ID (AH or ESP). - Internet Key Exchange
IKE is a hybrid protocol. Defined by the RFC 2409, which contains three different protocols to relevant part:
1) Internet Security Association and Key Management Protocol ( ISAKMP ) is a general framework for the establishment and management of SA.
2) Oakley protocol is a key generation protocol.
3) Secure Key Exchange Mechanism ( of SKEME ) protocol is an anonymous, non-repudiation key generation scheme.
- Authentication Header protocol
Secure Sockets Layer (SSL) technology
Secure Sockets Layer protocol is located between TCP / IP and a variety of application layer protocol that provides secure support for data communications, has been widely used for authentication and encryption of data transferred between the Web browser and server .Advantage SSL protocol is that it is an application layer protocol independent, high-level application layer protocol can transparently built on top of the SSL protocol.
- Architecture of security protocols by the record protocol, the handshake protocol, change password protocol description and warning of protocols.
- Record Protocol
SSL Record Protocol provides confidentiality and message integrity services for SSL connections.
SSL Record Protocol Definition -> SSL format of the recording head; SSL record data format. - Change Cipher Spec Protocol
SSL change password protocol described by a single byte value of a composition, to indicate the new switch to the negotiated encryption algorithm and a key, the next two communicating parties using these algorithm and key to be protected. - Alert Protocol
Alert Protocol is used to indicate at what time the error occurred, or session between two hosts at what time termination, transfer the relevant warning SSL protocol to the other entity. - Handshake protocol
SSL protocol is the most complex part. The procedure is as follows:
1. The client hello message
2. Server hello message
3. Certificate
4. client authentication requests
5. Key Exchange server
6. The server hello done
7. Wedding client certificate
8. Client key exchange
9. certificate validation
10. change encryption agreed
11. The client end
12. The encrypted data
- Record Protocol
Typical applications 4.VPN way
- Remote Access VPN
Remote Access VPN for enterprise internal staff turnover or remote office environments, business or home office workers use the Internet service provider (ISP) services can be provided and corporate VPN gateway to establish a private tunnel connection. - Intranet VPN
enterprise remote branch office connectivity, can be used intranet VPN, you can establish an encrypted VPN tunnel between two remote network gateway, internal network use at both ends of the VPN tunnel, the same as using a local network communication . - Extranet VPN
will connect customers, suppliers, partners or interest groups to the corporate intranet. It is often used to gateway VPN gateway to establish a secure connection between the internal network of different companies, you need to configure different protocols and devices.
10.3.3 Privilege Management Infrastructure
1.PMI SUMMARY
It provides a mechanism for rights management and access control in a multi-application environment, the access control rights management and separated from the specific application system, such that the flexibility and easy access between the control mechanisms and applications combined.
2.PMI composed of
(1) attribute certificate
PMI using the AC express permission information, life cycle management of rights by a certificate lifecycle management implementation.
(2) Properties authority
attribute authority (AA) is the PMI's core service node, corresponding to the specific application system authorization management system, each department management, SOA powers conferred on it to manage part or all of the attributes.
(3) certificate repository (AC Library)
certificate issued for the library user's PMI AC and AC revocation list (ACRL), for inquiries. When building with PMI and PKI, LDAP PKI can also be used directly as a PMI of AC / ACRL library.
Structure 3.PMI application of
PMI based on a credible basis to provide PKI authentication services on the use of the mode attribute-based authorization certificate, identity mapping application provides user permissions.
- The main difference between the PMI and PKI are:
- PMI mainly authorized management to prove what permissions the user can do.
- Mainly for PKI authentication, proof of user identity.
- The relationship between the two is similar to passport and visa, passport, proof of identity, can be used to uniquely identify an individual, a passport with a visa can have a number of countries, can enter the corresponding country at a given time.
- Similarities:
- Signed digital certificate for the user entity called CA, signature AC entity is called AA.
- PKI trusted source is called the root CA, PMI's trusted source is called SOA.
- CA can have their trust secondary CA, CA can be a secondary agent identification and authentication, SOA can be delegated to a secondary AA.
- If the user needs to abolish its signing key, the CA will issue a CRL. Similarly, if the user needs to repeal the authorization to allow (authorization permissions), AA will issue a AC revoke list.