Mainperformance
Keymanagementincludesallaspectsfromkeygenerationtokeydestruction.Mainlymanifestedinthemanagementsystem,managementagreementandkeygeneration,distribution,replacementandinjection,etc.Formilitarycomputernetworksystems,duetousermobility,affiliationandcoordinatedcombatcommandarecomplicated,higherrequirementsareputforwardforkeymanagement.
Process
Keygeneration
Thekeylengthshouldbelongenough.Generallyspeaking,thelargerthekeylength,thelargerthecorrespondingkeyspace,andthemoredifficultitisforanattackertouseexhaustiveguessingofthepassword.
Chooseagoodkeyandavoidweakkeys.Therandombitstringgeneratedbytheautomaticprocessingdeviceisagoodkey.Whenchoosingakey,youshouldavoidchoosingaweakkey.
Forpublickeycryptosystems,keygenerationismoredifficultbecausethekeymustsatisfycertainmathematicalcharacteristics.
Keygenerationcanbeachievedthroughonlineorofflineinteractivenegotiation,suchascryptographicprotocols.
Keydistribution
Theuseofsymmetricencryptionalgorithmsforconfidentialcommunicationrequiresthesharingofthesamekey.Usually,amemberofthesystemselectsasecretkeyfirst,andthentransmitsittoanothermemberorothermembers.TheX9.17standarddescribestwotypesofkeys:keyencryptionkeysanddatakeys.Thekeyencryptionkeyencryptsotherkeysthatneedtobedistributed;whilethedatakeyonlyencryptstheinformationflow.Thekeyencryptionkeyisgenerallydistributedmanually.Toenhanceconfidentiality,thekeycanalsobedividedintomanydifferentpartsandthensentoutondifferentchannels.
Verificationkey
Thekeyistransmittedwithsomeerrordetectionanderrorcorrectionbitsattached.Whenthekeyhasanerrorintransmission,itcanbeeasilycheckedout,andifIfrequired,thekeycanberetransmitted.
Thereceivingendcanalsoverifywhetherthereceivedkeyiscorrect.Thesenderencryptsaconstantwiththekey,andthensendsthefirst2-4bytesoftheciphertexttogetherwiththekey.Atthereceivingend,dothesamework.Ifthedecryptedconstantatthereceivingendcanmatchtheconstantatthesendingend,thetransmissioniserror-free.
Updatingthekey
Whenthekeyneedstobechangedfrequently,itisindeeddifficulttodistributethenewkeyfrequently.Aneasiersolutionistochangethekeyfromtheoldone.Anewkeyisgeneratedfromthekey,sometimescalledakeyupdate.Youcanuseaone-wayfunctiontoupdatethekey.Ifbothpartiessharethesamekeyandoperatewiththesameone-wayfunction,thesameresultwillbeobtained.
Keystorage
Keyscanbestoredinthebrain,magneticstripecard,smartcard.Thekeycanalsobedividedintotwoparts,onehalfisstoredintheterminalandtheotherisstoredintheROMkey.Itisalsopossibletouseamethodsimilartothekeyencryptionkeytoencryptandsavethehard-to-rememberkey.
Backupkey
Keyescrow,secretdivision,secretsharing,etc.canbeusedforkeybackup.
Theeasiestwayistouseakeyescrowcenter.Keyescrowrequiresalluserstohandovertheirkeystothekeyescrowcenter,andthekeyescrowcenterbacksupandkeepsthekeys(suchaslockedinasafesomewhereorencryptedandstoredwiththemasterkey),Oncetheuser'skeyislost(suchastheuserforgetsthekeyortheuseraccidentallydies),inaccordancewithcertainrulesandregulations,theuser'skeycanbeobtainedfromthekeyescrowcenter.Anotherbackupsolutionistousesmartcardsastemporarykeyescrow.Forexample,Alicestoresthekeyinthesmartcard,andgivesittoBobwhenAliceisaway.BobcanusethecardtodoAlice'swork.WhenAlicereturns,Bobreturnsthecard.Becausethekeyisstoredinthecard,BobIdon'tknowwhatthekeyis.
Secretdivisiondividesthesecretintomanypieces.Eachpiecedoesnotmeananything,butwhenthesepiecesareputtogether,thesecretwillbereproduced.
Abetterwayistouseasecretsharingprotocol.DividethekeyKintonblocks,andeachpartiscalledits"shadow".KnowinganymormoreblockscancalculatethekeyK,knowingthatanym-1orlessblockscannotbecalculatedThekeyK,whichiscalledthe(m,n)threshold(threshold)scheme.Atpresent,peoplehaveproposedmanysecretsharingschemesbasedonLagrangianinterpolationpolynomialmethod,projectivegeometry,linearalgebra,SunTzutheorem,etc.
TheLagrangianinterpolationpolynomialschemeisaneasy-to-understandsecretsharing(m,n)thresholdscheme.
Secretsharingsolvestwoproblems:first,ifthekeyisaccidentallyorintentionallyexposed,theentiresystemisvulnerabletoattack;second,ifthekeyislostordamaged,allinformationinthesystemcannotbeused.
Keyvalidityperiod
Encryptionkeyscannotbeusedindefinitely.Thereareseveralreasons:thelongerthekeyisused,thegreaterthechanceofitbeingleaked;ifthekeyisHasbeenleaked,thenthelongerthekeyisused,thegreatertheloss;thelongerthekeyisused,thegreaterthetemptationforpeopletospendenergydecipheringit-evenbruteforceattacks;formultipleciphertextsencryptedwiththesamekeyItisgenerallyeasiertoperformcryptanalysis.
Differentkeysshouldhavedifferentvalidityperiods.
Thevalidityperiodofthedatakeymainlydependsonthevalueofthedataandtheamountofencrypteddatainagiventime.Thegreaterthevalueandthedatatransferrate,themorefrequentlythekeysusedwillbereplaced.
Keyencryptionkeysdonotneedtobechangedfrequently,becausetheyareonlyusedoccasionallyforkeyexchange.Insomeapplications,thekeyencryptionkeyisonlychangedonceamonthorayear.
Theencryptionkeyusedtoencryptthesaveddatafilecannotbechangedfrequently.Usuallyeachfileisencryptedwithauniquekey,andthenallkeysareencryptedwithakeyencryptionkey.Thekeyencryptionkeyiseithermemorizedorstoredinasafeplace.Ofcourse,losingthiskeymeanslosingallfileencryptionkeys.
Thevalidityperiodoftheprivatekeyinthepublickeycryptographyapplicationvariesaccordingtotheapplication.Theprivatekeyusedfordigitalsignatureandidentificationmustlastforseveralyears(orevenlife),andtheprivatekeyusedforthecointossprotocolshouldbedestroyedimmediatelyaftertheagreementiscompleted.Evenifthesecurityofthekeyisexpectedtolastforalifetime,itisnecessarytoconsiderchangingthekeyonceeverytwoyears.Theoldkeystillneedstobekeptsecretincasetheuserneedstoverifytheprevioussignature.Butthenewkeywillbeusedtosignthenewfiletoreducethenumberofsignaturefilesthatacryptanalystcanattack.
Destroythekey
Ifthekeymustbereplaced,theoldkeymustbedestroyed,andthekeymustbephysicallydestroyed.
Managementsystem
Thepublickeypasswordmakesthekeyeasiertomanage.Nomatterhowmanypeoplethereareonthenetwork,everyonehasonlyonepublickey.
Itisnotenoughtouseapublic/privatekeypair.Theimplementationofanygoodpublickeycryptographyneedstoseparatetheencryptionkeyfromthedigitalsignaturekey.Butasinglepairofencryptionandsigningkeysisnotenough.LikeanIDcard,aprivatekeyprovesarelationship,andpeoplehavemorethanonerelationship.Forexample,Alicecansignadocumentinthenameofaprivateperson,thevicepresidentofthecompany,etc.
InthefinancialICcardjointpilotprojectsofcommercialbanks,thesecuritycontrolandmanagementofkeysbybanksatalllevelsisthekeytothesecurityoftheapplicationsystem.
The"RT-KMSKeyManagementSystem"followsthe"ChinaFinancialIntegratedCircuit(IC)CardSpecification(v1.0)"andthe"BankICCardJointPilotTechnicalPlan"tofacilitatetheindependenceofmemberbanks
p>Issuingcards,realizingthesharingofcardreaders,andcompletingcross-banktransactionsindifferentplaces.
Securitymechanism
InthenationalbankICcardjointpilotprogram,banksatalllevelsusekeymanagementsystemstoimplementkeysecuritymanagement.Thekeymanagementsystemadoptsthe3DESencryptionalgorithmandusesthethree-levelmanagementsystemofthebankheadoffice,theregionalbranchofthePeople’sBankofChina(commercialbankheadoffice),andmemberbankstosecurelysharethepublicmasterkeyandrealizecardintercommunication.,Equipmentsharing.
Theentiresecuritysystemstructuremainlyincludesthreetypesofkeys:thenationally-usedconsumer/cashwithdrawalmasterkeyGMPKoftheheadoffice,theconsumption/cashwithdrawalmasterkeyMPKoftheissuingbank,andothersoftheissuingbank
Masterkey.Accordingtothepurposeofthekey,thesystemadoptsdifferentprocessingstrategies.
Designprinciples
(1)Allkeysareloadedandimportedinciphertext.
(2)Thekeyissubjecttostrictauthoritycontrol,anddifferentorganizationsorpersonnelhavedifferentauthoritytoread,write,update,andusedifferentkeys.
(3)Inordertoensurethesecurityofkeyuseandconsidertheneedsofactualuse,thesystemcangeneratemultiplesetsofmasterkeys.Ifoneofthekeysisleakedorattacked,theapplicationsystemcanbestoppedimmediatelyTheuseofthissetofkeysandtheuseofbackupkeys,soastoavoidthewasteofexistinginvestmentandequipmentasmuchaspossible,andreducetheriskofsystemuse.
(4)Userscanchoosedifferentcombinationsandconfigurationsofthekeymanagementsubsystemaccordingtoactualneeds.
(5)Keyservice,storageandbackupareintheformofkeyfoborencryptionmachine.
Managementtechnology
Technologyclassification
1.Symmetrickeymanagement.Symmetricencryptionisrealizedbasedonthecommonkeepingofsecrets.Bothpartiestothetradethatadoptsymmetricencryptiontechnologymustensurethattheyusethesamekey,thattheexchangeofeachother'skeysissafeandreliable,andalsosetupprocedurestopreventkeyleakageandchangekeys.Inthisway,themanagementanddistributionofsymmetrickeyswillbecomeapotentiallydangerousandcumbersomeprocess.Therealizationofsymmetrickeymanagementthroughpublickeyencryptiontechnologymakesthecorrespondingmanagementsimplerandmoresecure,andatthesametimesolvesthereliabilityandauthenticationproblemsinthepuresymmetrickeymode.Thetradingpartycangenerateauniquesymmetrickeyforeachexchangeofinformation(suchaseachEDIexchange)andencryptthekeywithapublickey,andthenencrypttheencryptedkeywiththekeyTheinformation(suchasEDIexchange)issenttothecorrespondingtradingpartytogether.Sinceauniquekeyisgeneratedforeachinformationexchange,eachtradingpartynolongerneedstomaintainthekeyandworryabouttheleakageorexpirationofthekey.Anotheradvantageofthismethodisthatevenifakeyisleaked,itwillonlyaffectonetransaction,andwillnotaffectallthetransactionrelationshipsbetweenthetradingparties.Thismethodalsoprovidesasecurewaytoissuesymmetrickeysbetweentradingpartners.
2.Publickeymanagement/digitalcertificate.Digitalcertificates(publickeycertificates)canbeusedtoexchangepublickeysbetweentradingpartners.ThestandardX.509developedbytheInternationalTelecommunicationUnion(ITU)definesdigitalcertificates.ThisstandardisequivalenttotheISO/IEC9594-8:195standardjointlyissuedbytheInternationalOrganizationforStandardization(ISO)andtheInternationalElectrotechnicalCommission(IEC).Digitalcertificatesusuallyincludethenamethatuniquelyidentifiestheownerofthecertificate(ie,thetradingparty),thenamethatuniquelyidentifiesthecertificateissuer,thepublickeyofthecertificateowner,thedigitalsignatureofthecertificateissuer,thevalidityperiodofthecertificate,andtheserialnumberofthecertificate,etc..Thecertificateissuerisgenerallycalledacertificateauthority(CA),whichisanorganizationtrustedbyallpartiesinthetrade.Digitalcertificatescanplayaroleinidentifyingtradingpartiesandarecurrentlyoneofthetechnologieswidelyusedine-commerce.
3.Standardspecificationsrelatedtokeymanagement.Atpresent,relevantinternationalstandardizationorganizationshavestartedtoformulatetechnicalstandardsandspecificationsonkeymanagement.TheInformationTechnologyCommittee(JTC1)underISOandIEChasdraftedaninternationalstandardspecificationforkeymanagement.Thespecificationismainlycomposedofthreeparts:oneisthekeymanagementframework;thesecondisthemechanismusingsymmetrictechnology;thethirdisthemechanismusingasymmetrictechnology.Thespecificationhasnowenteredthestageofvotingondraftinternationalstandardsandwillsoonbecomeanofficialinternationalstandard.
Digitalsignature
Digitalsignatureisanothertypeofapplicationofpublickeyencryptiontechnology.Itsmainmethodis:thesenderofthemessagegeneratesa128-bithashvalue(ormessagedigest)fromthemessagetext.Thesenderusesitsownprivatekeytoencryptthishashvaluetoformthesender'sdigitalsignature.Then,thisdigitalsignaturewillbesenttotherecipientofthemessageasanattachmenttothemessagetogetherwiththemessage.Thereceiverofthemessagefirstcalculatesa128-bithashvalue(ormessagedigest)fromthereceivedoriginalmessage,andthenusesthesender'spublickeytodecryptthedigitalsignatureattachedtothemessage.Ifthetwohashvaluesarethesame,thereceivercanconfirmthatthedigitalsignatureisfromthesender.Throughthedigitalsignature,theauthenticationandnon-repudiationoftheoriginalmessagecanberealized.
ISO/IECJTC1isalreadydraftingrelevantinternationalstandards.Thepreliminarytitleofthestandardis"InformationTechnologySecurityTechnologywithAttachedDigitalSignatureScheme",whichconsistsoftwoparts:anoverviewandanidentity-basedmechanism.
Encryptionalgorithm
IntroductiontocryptographyAccordingtorecords,in400BC,theancientGreeksinventedthereplacementcipher.In1881,theworld'sfirsttelephonesecuritypatentappeared.DuringtheSecondWorldWar,theGermanmilitaryusedthe"Enigma"cryptographicmachine,andcryptographyplayedaveryimportantroleinthewar.
Withthedevelopmentofinformationtechnologyanddigitalsociety,people’sawarenessoftheimportanceofinformationsecurityandconfidentialitycontinuestoincrease,soin1997,theNationalBureauofStandardsannouncedtheimplementationofthe"USDataEncryptionStandard(DES)"Thecivilforcesbegantofullyinterveneintheresearchandapplicationofcryptography,usingencryptionalgorithmssuchasDES,RSA,andSHA.Asthedemandforencryptionstrengthcontinuestoincrease,AESandECChaverecentlyappeared.
Usingcryptographycanachievethefollowingpurposes:
Confidentiality:Preventtheuser'sidentificationordatafrombeingread.
Dataintegrity:Preventdatafrombeingchanged.
Identityverification:toensurethatthedataissentfromaspecificparty.
2.IntroductiontoencryptionalgorithmsAccordingtodifferentkeytypes,moderncryptographictechnologiesaredividedintotwocategories:symmetricencryptionalgorithms(secretkeyencryption)andasymmetricencryptionalgorithms(publickeyencryption).
Thesymmetrickeyencryptionsystemusesthesamesecretkeyforencryptionanddecryption,andbothpartiesincommunicationmustobtainthiskeyandkeepthekeysecret.
Theencryptionkey(publickey)anddecryptionkey(privatekey)usedbytheasymmetrickeyencryptionsystemaredifferent.
Symmetricencryptionalgorithm
Inasymmetricencryptionalgorithm,onlyonekeyisusedtoencryptanddecryptinformation,thatis,thesamekeyisusedforencryptionanddecryption.Commonlyusedalgorithmsinclude:DES(DataEncryptionStandard):adataencryptionstandard,whichisfasterandissuitableforencryptinglargeamountsofdata.
3DES(TripleDES):BasedonDES,apieceofdataisencryptedthreetimeswiththreedifferentkeys,withhigherstrength.
AES(AdvancedEncryptionStandard):AdvancedEncryptionStandard,thenext-generationencryptionalgorithmstandard,withfastspeedandhighsecuritylevel;
InOctober2000,NIST(AmericanNationalStandardAndTechnologyAssociation)announcedtheadoptionofanewkeyencryptionstandardselectedfrom15candidatealgorithms.RijndaelwasselectedasthefutureAES.Rijndaelwasfoundedinthesecondhalfof1999byresearchersJoanDaemenandVincentRijmen.AESisincreasinglybecomingthedefactostandardforencryptingvariousformsofelectronicdata.
TheNationalInstituteofStandardsandTechnology(NIST)formulatedanewAdvancedEncryptionStandard(AES)specificationonMay26,2002.
AlgorithmprincipleTheAESalgorithmisbasedonpermutationandpermutationoperations.Permutationistorearrangedata,andreplacementistoreplaceonedataunitwithanother.AESusesseveraldifferentmethodstoperformpermutationandpermutationoperations.
AESisaniterative,symmetrickeyblockcipher,itcanuse128,192,and256-bitkeys,anduse128-bit(16-byte)blockstoencryptanddecryptdata.Unlikepublickeyciphersthatusekeypairs,symmetrickeyciphersusethesamekeytoencryptanddecryptdata.Thenumberofbitsoftheencrypteddatareturnedbytheblockcipheristhesameastheinputdata.Iterativeencryptionusesaloopstructureinwhichtheinputdataisrepeatedlyreplacedandreplaced.
ComparisonbetweenAESand3DES
Algorithmname | Algorithmtype | Keylength | Speed | p>Decryptiontime(theconstructionmachinetries255keyspersecond) | ResourcesConsumption |
AES | Symmetricblockcipher | 128,192,256bits | High | 149trillionyears | low |
3DES | Symmetricfeistelpassword | 112bitsor168bits | low | 46100millionyears | Medium |
Asymmetricalgorithm
Commonasymmetricencryptionalgorithmsareasfollows:
RSA:InventedbyRSA,itisapublickeyalgorithmthatsupportsvariable-lengthkeys.Thelengthofthefileblockthatneedstobeencryptedisalsovariable;
p>
DSA(DigitalSignatureAlgorithm):Digitalsignaturealgorithm,isastandardDSS(DigitalSignatureStandard);
ECC(EllipticCurvesCryptography):EllipticCurvesCryptography.
In1976,becausesymmetricencryptionalgorithmscouldnolongermeettheneeds,DiffieandHellmanpublishedanarticlecalled"NewTrendsinCryptography",whichintroducedtheconceptofpublickeyencryption.AdelmanproposedtheRSAalgorithm.
Withtheprogressandimprovementofthemethodofdecomposinglargeintegers,theincreaseofcomputerspeedandthedevelopmentofcomputernetworks,inordertoensurethesecurityofdata,theRSAkeyneedstoincreasecontinuously.However,theincreaseofthekeylengthleadstoAsthespeedofencryptionanddecryptionhasbeengreatlyreduced,hardwareimplementationhasbecomemoreandmoreunbearable,whichhasbroughtaheavyburdentoapplicationsthatuseRSA,soanewalgorithmisneededtoreplaceRSA.
In1985,N.KoblitzandMillerproposedtheuseofellipticcurvesincryptographicalgorithms,basedonthediscretelogarithmproblemECDLPinpointgroupsonellipticcurvesoverfinitefields.ECDLPisamoredifficultproblemthanthefactorizationproblem,itisexponentiallydifficult.
Principle-thedifficultproblemontheellipticcurveThediscretelogarithmproblemontheellipticcurveECDLPisdefinedasfollows:GivenaprimenumberpandanellipticcurveE,forQ=kP,findPandQFindapositiveintegerkthatislessthanp.ItcanbeprovedthatitiseasiertocalculateQfromkandP,butitismoredifficulttocalculatekfromQandP.
Correspondingtheadditionoperationintheellipticcurvetothemodularmultiplicationoperationinthediscretelogarithm,andthemultiplicationoperationintheellipticcurvecorrespondingtothemodularexponentiationoperationinthediscretelogarithm,wecanbuildbasedonThecorrespondingcryptosystemoftheellipticcurve.
Forexample,correspondingtotheDiffie-Hellmanpublickeysystem,wecanimplementitontheellipticcurveinthefollowingway:selectthegeneratorPonE,andrequireenoughgroupelementsgeneratedbyP,andthecommunicationpartiesAAndBselectsaandbrespectively,aandbarekeptsecret,butaPandbParemadepublic,andthekeyusedforcommunicationbetweenAandBisabP,whichisnotknowntoathirdparty.
ThecorrespondingELGamalcryptosystemcanbeimplementedontheellipticcurveinthefollowingway:
EmbedtheplaintextmintothePmpointonE,chooseapointB∈E,andeveryuserChooseanintegera,0
K=kG[whereK,GarepointsonEp(a,b),andkisanintegerlessthann(nistheorderofpointG)]
ItisnotdifficulttofindthatgivenkandG,itiseasytocalculateKaccordingtotheruleofaddition;butgivenKandG,itisrelativelydifficulttofindk.
Thisistheproblemthattheellipticcurveencryptionalgorithmuses.WecallthepointGthebasepoint,k(privtekey),andKthepublickey.
ComparisonofECCandRSAComparedwithECCandRSA,Hasabsoluteadvantagesinmanyaspects,mainlyreflectedinthefollowingaspects:
Stronganti-attack.Thesamekeylength,itsanti-attackismanytimesstronger.
Theamountofcalculationissmallandtheprocessingspeedisfast.TheoverallspeedofECCismuchfasterthanthatofRSAandDSA.
Thestoragespaceissmall.ThekeysizeandsystemparametersofECCaremuchsmallerthanthoseofRSAandDSA.More,itmeansthatitoccupiesamuchsmallerstoragespace.ThisisofspecialsignificancefortheapplicationofencryptionalgorithmsonICcards.
Lowbandwidthrequirements.WhenencryptinganddecryptinglongmessagesAtthistime,thethreetypesofcryptosystemshavethesamebandwidthrequirements,butwhenappliedtoshortmessages,theECCbandwidthrequirementsaremuchlower.ThelowbandwidthrequirementsmakeECChaveawiderangeofapplicationprospectsinthefieldofwirelessnetworks.
ECCThesecharacteristicsmakeitsuretoreplaceRSAandbecomeageneralpublickeyencryptionalgorithm.Forexample,thecreatorsoftheSETprotocolhaveadopteditasthedefaultpublickeyencryptionalgorithminthenextgenerationSETprotocol.
ThefollowingtwoRepresentsthecomparisonofthesecurityandspeedofRSAandECC.
Timeofbreach(MIPSyears) td> | RSA/DSA(keylength) | ECCkeylength | RSA/ECCkeylengthratio |
10 | 512 | 106 | 5:1 |
10 | 768 | 132 | 6:1 |
10 | 1024 | 160 | 7:1 |
10 | 2048 | 210 | 10:1 |
10 | 21000 | 600 | 35:1 |
ComparingRSAandECCsecuritymodules
Function | SecurityBuilder1.2 | BSAFE3.0 |
163-bitECC(ms) | 1,023-bitRSA(ms) | |
Keypairgeneration | 3.8 | 4,708.3 |
Signature p> | 2.1(ECNRA) | 228.4 |
3.0(ECDSA) | ||
Certification | 9.9(ECNRA) | 12.7 |
10.7(ECDSA) | ||
Diffie—Hellmankeyexchange | 7.3 | 1,654.0 |
SpeedcomparisonbetweenRSAandECC
Hashalgorithm
Hashingalgorithmisalsocalledhashalgorithm,EnglishisHash,whichistotransformaninputofanylength(alsocalledpre-image,pre-image)intoafixed-lengthoutputthroughahashingalgorithm.Theoutputisthehashvalue.Thisconversionisacompressionmapping,thatis,thehashvaluespaceisusuallymuchsmallerthantheinputspace,differentinputsmaybehashedintothesameoutput,anditisimpossibletouniquelydeterminetheinputvaluefromthehashvalue.Simplyput,itisafunctionthatcompressesmessagesofanylengthtoafixed-lengthmessagedigest.
HASHismainlyusedinencryptionalgorithmsinthefieldofinformationsecurity.Itconvertsinformationofdifferentlengthsintomessy128-bitcodes.ThesecodedvaluesarecalledHASHvalues.ItcanalsobesaidthathashistofindakindofThehashofthemappingrelationshipbetweenthedatacontentandthedatastorageaddressistherefinementoftheinformation,anditslengthisusuallymuchsmallerthanthatoftheinformation,anditisafixedlength.Astrongencryptionhashmustbeirreversible,whichmeansthatnopartoftheoriginalinformationcanbederivedfromthehashresult.Anychangeintheinputinformation,evenifitisonlyonebit,willcauseasignificantchangeinthehashresult,whichiscalledtheavalancheeffect.Hashingshouldalsobeanti-collision,thatis,twopiecesofinformationwiththesamehashresultcannotbefound.Thehashresultwiththesecharacteristicscanbeusedtoverifywhethertheinformationhasbeenmodified.
One-wayhashfunctionisgenerallyusedtogeneratemessagedigests,keyencryption,etc.Thecommononesare:
MD5(MessageDigestAlgorithm5):ItisdevelopedbyRSADataSecurityCorporationAone-wayhashalgorithm.
SHA(SecureHashAlgorithm):Itcangeneratea160-bitvaluefordataofanylength;
In1993,theSecureHashAlgorithm(SHA)wasadoptedbytheAmericanNationalStandardItwasproposedbytheInstituteofTechnologyandTechnology(NIST)andpublishedastheFederalInformationProcessingStandard(FIPSPUB180);in1995,arevisedversionofFIPSPUB180-1wasreleased,usuallycalledSHA-1.SHA-1isbasedontheMD4algorithm,anditsdesignlargelyimitatesMD4.Itisnowrecognizedasoneofthesafesthashingalgorithmsandiswidelyused.
PrincipleSHA-1isadataencryptionalgorithm.Theideaofthealgorithmistoreceiveapieceofplaintextandthenconvertitintoapieceof(usuallysmaller)ciphertextinanirreversibleway.ItcanalsobesimpleTheunderstandingofistheprocessoftakingastringofinputcodes(calledpre-mappingorinformation)andconvertingthemintoashort-length,fixed-digitoutputsequencethatisahashvalue(alsoknownasinformationdigestorinformationauthenticationcode).
Thesecurityoftheone-wayhashfunctionliesinitsstrongone-wayoperationintheprocessofgeneratingthehashvalue.Ifthepasswordisembeddedintheinputsequence,noonecangeneratethecorrecthashvaluewithoutknowingthepassword,thusensuringitssecurity.SHAdividestheinputstreamintoblocksof512bits(64bytes)perblock,andproduces20bytesofoutputcalledthemessageauthenticationcodeormessagedigest.
Themaximumlengthoftheinputmessageofthealgorithmdoesnotexceed264bits,andtheoutputproducedisa160-bitmessagedigest.Inputisprocessedin512-bitgroups.SHA-1isirreversible,anti-collision,andhasagoodavalancheeffect.
Thedigitalsignaturecanberealizedthroughthehashalgorithm.Theprincipleofdigitalsignatureistoconverttheplaintexttobetransmittedintoamessagedigestthroughafunctionoperation(Hash)(differentplaintextcorrespondstodifferentmessagedigests),Themessagedigestisencryptedandsenttotherecipienttogetherwiththeplaintext.Therecipientwillgenerateanewmessagedigestofthereceivedplaintextandcompareitwiththesender'ssentmessagedigest.Thecomparisonresultisconsistent,indicatingthattheplaintexthasnotbeenchanged.Ifitisinconsistent,itmeansTheplaintexthasbeentamperedwith.
MAC(InformationAuthenticationCode)isahashresult.Partoftheinputinformationisapassword.OnlyparticipantswhoknowthispasswordcanrecalculateandverifythevalidityoftheMACcode.ThegenerationofMACisshowninthefigurebelow.
Enterinformation |
Password |
Hashfunction |
Informationauthenticationcode |
ComparisonbetweenSHA-1andMD5becausebotharederivedfromMD4,andSHA-1andMD5areverydifferentfromeachother.resemblance.Correspondingly,theirstrengthandothercharacteristicsaresimilar,buttherearealsothefollowingdifferences:
Securityagainstforcedsupply:ThemostsignificantandimportantdifferenceisthattheSHA-1abstractislongerthantheMD5abstract32bits.Usingforcetechnology,thedifficultyofgeneratinganymessagesothatitsdigestisequaltoagivendigestisa2-orderoperationforMD5,anda2-orderoperationforSHA-1.Inthisway,SHA-1hasgreaterstrengthagainstforcedattacks.
Securityofcryptanalysis:DuetothedesignofMD5,itisvulnerabletocryptanalysisattacks,andSHA-1isnotvulnerabletosuchattacks.
Speed:Onthesamehardware,SHA-1runsslowerthanMD5.
Comparisonofthetwo
Comparisonofsymmetricandasymmetricalgorithms
Theprinciplesofthetwoencryptionmethodsaresummarizedabove.Generallyspeaking,therearemainlythefollowingaspectsDifferent:
1.Intermsofmanagement:thepublickeycryptographicalgorithmonlyneedslessresourcestoachieveitspurpose.Inthedistributionofkeys,thereisanexponentialleveldifferencebetweenthetwo(oneisnoneIsn).Therefore,theprivatekeycryptographicalgorithmisnotsuitablefortheuseofWAN,andmoreimportantly,itdoesnotsupportdigitalsignatures.
2.Intermsofsecurity:Sincethepublickeycryptographicalgorithmisbasedonanunsolvedmathematicalproblem,itisalmostimpossibletocrack.Fortheprivatekeycryptographicalgorithm,althoughitisimpossibletocracktheoreticallybyAES,fromtheperspectiveofcomputerdevelopment.Thepublickeyismoreadvantageous.
3.Fromthepointofviewofspeed:ThesoftwareimplementationspeedofAEShasreachedseveralmegabitsortensofmegabitspersecond.Itis100timesthepublickey.Ifimplementedbyhardware,thisratiowillbeexpandedto1000times.
ThechoiceofencryptionalgorithmThepreviouschaptershaveintroducedsymmetricdecryptionalgorithmsandasymmetricencryptionalgorithms.Manypeoplearewondering:Sowhichoneshouldweuseinactualuseisbetter?
Weshoulddetermineaccordingtoourowncharacteristics.Sincetherunningspeedofasymmetricencryptionalgorithmismuchslowerthanthatofsymmetricencryptionalgorithm,whenweneedtoencryptalargeamountofdata,itisrecommendedtousesymmetricencryptionalgorithmtoimproveEncryptionanddecryptionspeed.
Symmetricencryptionalgorithmcannotrealizesignature,sosignaturecanonlybeasymmetricalgorithm.
Asthekeymanagementofthesymmetricencryptionalgorithmisacomplexprocess,themanagementofthekeydirectlydeterminesitssecurity,sowhentheamountofdataissmall,wecanconsiderusinganasymmetricencryptionalgorithm.
Intheactualoperationprocess,weusuallyadoptthemethod:useanasymmetricencryptionalgorithmtomanagethekeyofthesymmetricalgorithm,andthenusethesymmetricencryptionalgorithmtoencryptthedata,sothatwehaveintegratedtwotypesofencryptionalgorithmsTheadvantageofnotonlyrealizestheadvantagesoffastencryptionspeed,butalsorealizestheadvantagesofsafeandconvenientkeymanagement.
Iftheencryptionalgorithmisselected,howmanybitsofkeyshouldbeused?Generallyspeaking,thelongerthekey,theslowertherunningspeed.Itshouldbeselectedaccordingtothesecuritylevelweactuallyneed.Generallyspeaking,1024-bitnumbersarerecommendedforRSA,160-bitsforECC,and128-bitsforAES.That'sit.
Themodernapplicationofcryptography,withthepopularizationofcommercialapplicationsofcryptography,publickeycryptographyhasreceivedunprecedentedattention.Inadditiontotraditionalcryptographicapplicationsystems,thePKIsystemisbasedonpublickeycryptography,providingfunctionssuchasencryption,signature,authentication,keymanagement,anddistribution.
Confidentialcommunication:Confidentialcommunicationisthecauseofcryptography.Whenusingpublicandprivatekeycryptographyforconfidentialcommunication,therecipientoftheinformationcandecrypttheinformationonlyifheknowsthecorrespondingkey.
Digitalsignature:Digitalsignaturetechnologycanreplacetraditionalhandwrittensignatures,andfromasecurityperspective,digitalsignatureshaveagoodanti-counterfeitingfunction.Ithasawiderangeofapplicationenvironmentsingovernmentagencies,militaryfields,andcommercialfields.
Secretsharing:Secretsharingtechnologyreferstotheuseofcryptographictechniquestosplitasecretinformationintonpiecesofinformationcalledsharingfactors,anddistributethemtonmembers,onlyk(k≤n)legalmembersThesecretinformationcanberecoveredbythesharingfactorof,andanyoneorm(m≤k)memberscooperateswithoutknowingthesecretinformation.Theuseofsecretsharingtechnologycancontrolanysecretinformation,commands,etc.thatneedtobecontrolledbymultiplepeople.
Authenticationfunction:transmitsensitiveinformationonopenchannels,usesignaturetechnologytoverifytheauthenticityandintegrityofthemessage,andverifytheidentityofthecommunicationsubjectbyverifyingthepublickeycertificate.
Keymanagement:Thekeyisamorefragileandimportantlinkinthesecuritysystem.Thepublickeycryptosystemisapowerfultooltosolvethekeymanagementwork;thepublickeycryptosystemisusedforkeynegotiationandgeneration,Thetwopartiesinconfidentialcommunicationdonotneedtosharesecretinformationinadvance;publickeycryptosystemsareusedforkeydistribution,protection,keyescrow,andkeyrecovery.
Basedonthepublickeycryptosystem,inadditiontotheabovegeneralfunctions,thefollowingsystemscanalsobedesignedandimplemented:securee-commercesystem,electroniccashsystem,electronicelectionsystem,electronicbiddingsystem,electroniclotterysystem,etc.
Theemergenceofthepublickeycryptosystemisthebasisforthedevelopmentofcryptographyfromthetraditionalgovernment,militaryandotherapplicationfieldstocommercialandcivilianuse.Atthesametime,thedevelopmentoftheInternetande-commercehasopenedupabroaderfieldforthedevelopmentofcryptography.prospect.
ThefutureofencryptionalgorithmsWiththeimprovementofcalculationmethods,theaccelerationofcomputeroperationspeed,andthedevelopmentofnetworks,moreandmorealgorithmshavebeencracked.
Atthe2004InternationalConferenceonCryptography(Crypto'2004),ProfessorWangXiaoyunfromShandongUniversity,China,madeareportondecipheringMD5,HAVAL-128,MD4andRIPEMDalgorithms,whichmadethepresentinternationaltoppasswordsAcademicexpertsareshocked,whichmeansthatthesealgorithmswillbeeliminatedfromtheapplication.Subsequently,SHA-1wasalsodeclaredtohavebeencracked.
TherearethreeattackexperimentsthathaveanimpactonDESinhistory.In1997,using70,000computersfromvariouscountriesatthattime,ittook96daystocracktheDESkey.In1998,theElectronicFrontierFoundation(EFF)usedaspecialcomputerbuiltfor$250,000tocracktheDESkeyin56hours.In1999,EFFcompletedthecrackingworkin22hoursand15minutes.therefore.DES,whichoncemadeoutstandingcontributions,cannolongermeetourgrowingneeds.
Recently,agroupofresearcherssuccessfullydecomposeda512-bitintegerandannouncedtheRSAcracking.
Wesaythatdatasecurityisrelative.Itcanbesaidthatitissafeforacertainperiodoftimeandundercertainconditions.Withthedevelopmentofhardwareandnetwork,ortheemergenceofanotherWangXiaoyun,thecurrentcommonlyusedencryptionalgorithmsareItmaybecrackedinashorttime.Atthattime,wehavetouselongerkeysormoreadvancedalgorithmstoensuredatasecurity.Therefore,encryptionalgorithmsstillneedtobecontinuouslydevelopedandimprovedtoprovidehigherencryptionsecuritystrengthandcalculatingspeed.
Overviewofthesetwoalgorithms,oneisfromDESto3DEStoAES,andtheotherisfromRSAtoECC.Itsdevelopmentangleisallconsideringthesimplicityofthekey,thelowcost,theeaseofmanagement,thecomplexityofthealgorithm,thesecurityofconfidentiality,andthespeedofcalculation.Therefore,thedevelopmentofalgorithmsinthefuturemustbebasedontheseperspectives,andthesetwoalgorithmsareoftencombinedinactualoperations,andanewalgorithmthatcombinestheadvantagesofthetwoalgorithmswillappearinthefuture.Atthattime,therealizationofe-commercewillsurelybefasterandsafer.