Mainperformance
Keymanagementincludesallaspectsfromkeygenerationtokeydestruction.Mainlymanifestedinthemanagementsystem,managementagreementandkeygeneration,distribution,replacementandinjection,etc.Formilitarycomputernetworksystems,duetousermobility,affiliationandcoordinatedcombatcommandarecomplicated,higherrequirementsareputforwardforkeymanagement.
Prosessi
Avainten luominen
Avaimenpituuden pitäisi olla tarpeeksi pitkä.Yleensä mitä suurempiavaimenpituus,suurimpivastaava avaintila ja sitä vaikeampi on hyökkääjän käyttää salasanojen arvaamista.
Chooseagoodkeyandavoidweakkeys.Therandombitstringgeneratedbytheautomaticprocessingdeviceisagoodkey.Whenchoosingakey,youshouldavoidchoosingaweakkey.
Forpublickeycryptosystems,keygenerationismoredifficultbecausethekeymustsatisfycertainmathematicalcharacteristics.
Keygenerationcanbeachievedthroughonlineorofflineinteractivenegotiation,suchascryptographicprotocols.
Keydistribution
Theuseofsymmetricencryptionalgorithmsforconfidentialcommunicationrequiresthesharingofthesamekey.Usually,amemberofthesystemselectsasecretkeyfirst,andthentransmitsittoanothermemberorothermembers.TheX9.17standarddescribestwotypesofkeys:keyencryptionkeysanddatakeys.Thekeyencryptionkeyencryptsotherkeysthatneedtobedistributed;whilethedatakeyonlyencryptstheinformationflow.Thekeyencryptionkeyisgenerallydistributedmanually.Toenhanceconfidentiality,thekeycanalsobedividedintomanydifferentpartsandthensentoutondifferentchannels.
Vahvistusavain
Avain lähetetään, ja siihen on liitetty joitakin virheentunnistus- tai virheenkorjausbittejä. Kun avain onvirhelähetyksessä, se voidaan helposti kuitata ulos, ja tarvittaessa avain voidaan lähettää uudelleen.
Thereceivingendcanalsoverifywhetherthereceivedkeyiscorrect.Thesenderencryptsaconstantwiththekey,andthensendsthefirst2-4bytesoftheciphertexttogetherwiththekey.Atthereceivingend,dothesamework.Ifthedecryptedconstantatthereceivingendcanmatchtheconstantatthesendingend,thetransmissioniserror-free.
Updatingthekey
Whenthekeyneedstobechangedfrequently,itisindeeddifficulttodistributethenewkeyfrequently.Aneasiersolutionistochangethekeyfromtheoldone.Anewkeyisgeneratedfromthekey,sometimescalledakeyupdate.Youcanuseaone-wayfunctiontoupdatethekey.Ifbothpartiessharethesamekeyandoperatewiththesameone-wayfunction,thesameresultwillbeobtained.
Avainten tallennus
Avaimet voidaan tallentaa aivoihin,magneettiraitakortti,älykortti.Avain voidaan myös jakaa kahteen osaan, puolikas tallennetaan liittimeen ja toinen ontallennettu ROM-avaimeen.Voidaan myös käyttää samanlaisia menetelmiäsalaukseen ja salausavaimeen.
Varmuuskopiointiavain
Avainvarmistukseen voidaan käyttää avaimenperää, salausjakoa, salaisuuksien jakamista jne.
Theeasiestwayistouseakeyescrowcenter.Keyescrowrequiresalluserstohandovertheirkeystothekeyescrowcenter,andthekeyescrowcenterbacksupandkeepsthekeys(suchaslockedinasafesomewhereorencryptedandstoredwiththemasterkey),Oncetheuser'skeyislost(suchastheuserforgetsthekeyortheuseraccidentallydies),inaccordancewithcertainrulesandregulations,theuser'skeycanbeobtainedfromthekeyescrowcenter.Anotherbackupsolutionistousesmartcardsastemporarykeyescrow.Forexample,Alicestoresthekeyinthesmartcard,andgivesittoBobwhenAliceisaway.BobcanusethecardtodoAlice'swork.WhenAlicereturns,Bobreturnsthecard.Becausethekeyisstoredinthecard,BobIdon'tknowwhatthekeyis.
Secretdivisiondividesthesecretintomanypieces.Eachpiecedoesnotmeananything,butwhenthesepiecesareputtogether,thesecretwillbereproduced.
Paremminkäytä salaisuuksienjakoprotokollaa.JaakeyKintonblocks,jakaista osistakutsutaan "varjokseen".Tiedessään lisää lohkoja voi laskeaavaimenK,tietäen,ettäym-1 tai vähemmän lohkojaei voida laskeaAvainK,jokakutsutaan(m,n)kolmeksi menetelmä, projektigeometria, lineaarialgebra, SunTzutheorem jne.
Lagrangin interpolaatiopolynomijärjestelmä on helposti ymmärrettävä salaisuuksien jakamisen (m,n) kynnysjärjestelmä.
Secretsharingsolvestwoproblems:first,ifthekeyisaccidentallyorintentionallyexposed,theentiresystemisvulnerabletoattack;second,ifthekeyislostordamaged,allinformationinthesystemcannotbeused.
Keyvalidityperiod
Encryptionkeyscannotbeusedindefinitely.Thereareseveralreasons:thelongerthekeyisused,thegreaterthechanceofitbeingleaked;ifthekeyisHasbeenleaked,thenthelongerthekeyisused,thegreatertheloss;thelongerthekeyisused,thegreaterthetemptationforpeopletospendenergydecipheringit-evenbruteforceattacks;formultipleciphertextsencryptedwiththesamekeyItisgenerallyeasiertoperformcryptanalysis.
Differentkeysshouldhavedifferentvalidityperiods.
Thevalidityperiodofthedatakeymainlydependsonthevalueofthedataandtheamountofencrypteddatainagiventime.Thegreaterthevalueandthedatatransferrate,themorefrequentlythekeysusedwillbereplaced.
Keyencryptionkeysdonotneedtobechangedfrequently,becausetheyareonlyusedoccasionallyforkeyexchange.Insomeapplications,thekeyencryptionkeyisonlychangedonceamonthorayear.
Theencryptionkeyusedtoencryptthesaveddatafilecannotbechangedfrequently.Usuallyeachfileisencryptedwithauniquekey,andthenallkeysareencryptedwithakeyencryptionkey.Thekeyencryptionkeyiseithermemorizedorstoredinasafeplace.Ofcourse,losingthiskeymeanslosingallfileencryptionkeys.
Thevalidityperiodoftheprivatekeyinthepublickeycryptographyapplicationvariesaccordingtotheapplication.Theprivatekeyusedfordigitalsignatureandidentificationmustlastforseveralyears(orevenlife),andtheprivatekeyusedforthecointossprotocolshouldbedestroyedimmediatelyaftertheagreementiscompleted.Evenifthesecurityofthekeyisexpectedtolastforalifetime,itisnecessarytoconsiderchangingthekeyonceeverytwoyears.Theoldkeystillneedstobekeptsecretincasetheuserneedstoverifytheprevioussignature.Butthenewkeywillbeusedtosignthenewfiletoreducethenumberofsignaturefilesthatacryptanalystcanattack.
Tuhoa avain
Jos avain on vaihdettava, vanha avain on tuhottava ja avain on tuhottava fyysisesti.
Hallintajärjestelmä
Julkisen avaimen salasanan avulla on helpompi hallita. Riippumatta siitä, kuinka monta ihmistä verkossa on, jokaisella on vain yksi julkinen avain.
Itisnotenoughtouseapublic/privatekeypair.Theimplementationofanygoodpublickeycryptographyneedstoseparatetheencryptionkeyfromthedigitalsignaturekey.Butasinglepairofencryptionandsigningkeysisnotenough.LikeanIDcard,aprivatekeyprovesarelationship,andpeoplehavemorethanonerelationship.Forexample,Alicecansignadocumentinthenameofaprivateperson,thevicepresidentofthecompany,etc.
InthefinancialICcardjointpilotprojectsofcommercialbanks,thesecuritycontrolandmanagementofkeysbybanksatalllevelsisthekeytothesecurityoftheapplicationsystem.
"RT-KMSKeyManagementSystem" noudattaa"ChinaFinancial Integrated Circuit(IC)CardSpecification"(v1.0)"ja"BankICCardJointPilotTechnicalPlan"jäsenpankkien riippumattomuuden helpottamiseksi.
p>Korttien myöntäminen, kortinlukijoiden jakamisen toteuttaminen ja pankkien välisten tapahtumien suorittaminen eri paikoissa.
Securitymechanism
InthenationalbankICcardjointpilotprogram,banksatalllevelsusekeymanagementsystemstoimplementkeysecuritymanagement.Thekeymanagementsystemadoptsthe3DESencryptionalgorithmandusesthethree-levelmanagementsystemofthebankheadoffice,theregionalbranchofthePeople’sBankofChina(commercialbankheadoffice),andmemberbankstosecurelysharethepublicmasterkeyandrealizecardintercommunication.,Equipmentsharing.
Theentiresecuritysystemstructuremainlyincludesthreetypesofkeys:thenationally-usedconsumer/cashwithdrawalmasterkeyGMPKoftheheadoffice,theconsumption/cashwithdrawalmasterkeyMPKoftheissuingbank,andothersoftheissuingbank
Masterkey. Avaimen tarkoituksen mukaan järjestelmä ottaa käyttöön erilaisia käsittelystrategioita.
Suunnitteluperiaatteet
(1)Kaikki avaimet ladataan ja tuodaan salatekstinä.
(2)Avain koskee viranomaisenvalvontaa, ja eri organisaatioilla tai henkilökunnalla on eri valtuudet lukea, kirjoittaa, päivittää ja käyttää erilaisia avaimia.
(3)Inordertoensurethesecurityofkeyuseandconsidertheneedsofactualuse,thesystemcangeneratemultiplesetsofmasterkeys.Ifoneofthekeysisleakedorattacked,theapplicationsystemcanbestoppedimmediatelyTheuseofthissetofkeysandtheuseofbackupkeys,soastoavoidthewasteofexistinginvestmentandequipmentasmuchaspossible,andreducetheriskofsystemuse.
(4)Userscanchoosedifferentcombinationsandconfigurationsofthekeymanagementsubsystemaccordingtoactualneeds.
(5)Avainpalvelu,tallennus- ja varmuuskopiointiavaimensalauskoneen muodossa.
Managementtechnology
Technologyclassification
1.Symmetrickeymanagement.Symmetricencryptionisrealizedbasedonthecommonkeepingofsecrets.Bothpartiestothetradethatadoptsymmetricencryptiontechnologymustensurethattheyusethesamekey,thattheexchangeofeachother'skeysissafeandreliable,andalsosetupprocedurestopreventkeyleakageandchangekeys.Inthisway,themanagementanddistributionofsymmetrickeyswillbecomeapotentiallydangerousandcumbersomeprocess.Therealizationofsymmetrickeymanagementthroughpublickeyencryptiontechnologymakesthecorrespondingmanagementsimplerandmoresecure,andatthesametimesolvesthereliabilityandauthenticationproblemsinthepuresymmetrickeymode.Thetradingpartycangenerateauniquesymmetrickeyforeachexchangeofinformation(suchaseachEDIexchange)andencryptthekeywithapublickey,andthenencrypttheencryptedkeywiththekeyTheinformation(suchasEDIexchange)issenttothecorrespondingtradingpartytogether.Sinceauniquekeyisgeneratedforeachinformationexchange,eachtradingpartynolongerneedstomaintainthekeyandworryabouttheleakageorexpirationofthekey.Anotheradvantageofthismethodisthatevenifakeyisleaked,itwillonlyaffectonetransaction,andwillnotaffectallthetransactionrelationshipsbetweenthetradingparties.Thismethodalsoprovidesasecurewaytoissuesymmetrickeysbetweentradingpartners.
2.Publickeymanagement/digitalcertificate.Digitalcertificates(publickeycertificates)canbeusedtoexchangepublickeysbetweentradingpartners.ThestandardX.509developedbytheInternationalTelecommunicationUnion(ITU)definesdigitalcertificates.ThisstandardisequivalenttotheISO/IEC9594-8:195standardjointlyissuedbytheInternationalOrganizationforStandardization(ISO)andtheInternationalElectrotechnicalCommission(IEC).Digitalcertificatesusuallyincludethenamethatuniquelyidentifiestheownerofthecertificate(ie,thetradingparty),thenamethatuniquelyidentifiesthecertificateissuer,thepublickeyofthecertificateowner,thedigitalsignatureofthecertificateissuer,thevalidityperiodofthecertificate,andtheserialnumberofthecertificate,etc..Thecertificateissuerisgenerallycalledacertificateauthority(CA),whichisanorganizationtrustedbyallpartiesinthetrade.Digitalcertificatescanplayaroleinidentifyingtradingpartiesandarecurrentlyoneofthetechnologieswidelyusedine-commerce.
3.Standardspecificationsrelatedtokeymanagement.Atpresent,relevantinternationalstandardizationorganizationshavestartedtoformulatetechnicalstandardsandspecificationsonkeymanagement.TheInformationTechnologyCommittee(JTC1)underISOandIEChasdraftedaninternationalstandardspecificationforkeymanagement.Thespecificationismainlycomposedofthreeparts:oneisthekeymanagementframework;thesecondisthemechanismusingsymmetrictechnology;thethirdisthemechanismusingasymmetrictechnology.Thespecificationhasnowenteredthestageofvotingondraftinternationalstandardsandwillsoonbecomeanofficialinternationalstandard.
Digitaalinen allekirjoitus
Digitalsignatureisanothertypeofapplicationofpublickeyencryptiontechnology.Itsmainmethodis:thesenderofthemessagegeneratesa128-bithashvalue(ormessagedigest)fromthemessagetext.Thesenderusesitsownprivatekeytoencryptthishashvaluetoformthesender'sdigitalsignature.Then,thisdigitalsignaturewillbesenttotherecipientofthemessageasanattachmenttothemessagetogetherwiththemessage.Thereceiverofthemessagefirstcalculatesa128-bithashvalue(ormessagedigest)fromthereceivedoriginalmessage,andthenusesthesender'spublickeytodecryptthedigitalsignatureattachedtothemessage.Ifthetwohashvaluesarethesame,thereceivercanconfirmthatthedigitalsignatureisfromthesender.Throughthedigitalsignature,theauthenticationandnon-repudiationoftheoriginalmessagecanberealized.
ISO/IECJTC1isalreadydraftingrelevantinternationalstandards.Thepreliminarytitleofthestandardis"InformationTechnologySecurityTechnologywithAttachedDigitalSignatureScheme",whichconsistsoftwoparts:anoverviewandanidentity-basedmechanism.
Salausalgoritmi
Johdatus salaukseenTietueiden mukaan vuonna 400 eKr. muinaiset kreikkalaiset keksivätvaihtosalauksen. Vuonna 1881 maailman ensimmäinen puhelinturvapatentti ilmestyi.
Withthedevelopmentofinformationtechnologyanddigitalsociety,people’sawarenessoftheimportanceofinformationsecurityandconfidentialitycontinuestoincrease,soin1997,theNationalBureauofStandardsannouncedtheimplementationofthe"USDataEncryptionStandard(DES)"Thecivilforcesbegantofullyinterveneintheresearchandapplicationofcryptography,usingencryptionalgorithmssuchasDES,RSA,andSHA.Asthedemandforencryptionstrengthcontinuestoincrease,AESandECChaverecentlyappeared.
Usingcryptographycanachievethefollowingpurposes:
Luottamuksellisuus: Estä käyttäjän tunnistaminen tai tietojen lukeminen.
Tietojen eheys: Estä tietojen muuttaminen.
Identiteettivarmennus: varmistaaksesi, että tiedot ovat tietystä osapuolesta peräisin.
2.IntroductiontoencryptionalgorithmsAccordingtodifferentkeytypes,moderncryptographictechnologiesaredividedintotwocategories:symmetricencryptionalgorithms(secretkeyencryption)andasymmetricencryptionalgorithms(publickeyencryption).
Thesymmetrickeyencryptionsystemusesthesamesecretkeyforencryptionanddecryption,andbothpartiesincommunicationmustobtainthiskeyandkeepthekeysecret.
Epäsymmetrisen avaimen salausjärjestelmän käyttämät salausavain (julkinen avain) ja salauksenpurkuavain (yksityinen avain) ovat erilaisia.
Symmetricencryptionalgorithm
Inasymmetricencryptionalgorithm,onlyonekeyisusedtoencryptanddecryptinformation,thatis,thesamekeyisusedforencryptionanddecryption.Commonlyusedalgorithmsinclude:DES(DataEncryptionStandard):adataencryptionstandard,whichisfasterandissuitableforencryptinglargeamountsofdata.
3DES(TripleDES):Perustuu DES:iin,joukko tietoja salattu kolme kertaa kolmella eri avaimella, vahvemmalla.
AES (Advanced Encryption Standard): Advanced Encryption Standard, sen jälkeen seuraavan sukupolven salausalgoritmistandardi, nopealla nopeudella ja korkealla suojaustasolla;
InOctober2000,NIST(AmericanNationalStandardAndTechnologyAssociation)announcedtheadoptionofanewkeyencryptionstandardselectedfrom15candidatealgorithms.RijndaelwasselectedasthefutureAES.Rijndaelwasfoundedinthesecondhalfof1999byresearchersJoanDaemenandVincentRijmen.AESisincreasinglybecomingthedefactostandardforencryptingvariousformsofelectronicdata.
National Institute of StandardsandTechnology (NIST) muotoili uuden Advanced Encryption Standard (AES) -spesifikaation 26. toukokuuta 2002.
AlgorithmprincipleTheAESalgorithmisbasedonpermutationandpermutationoperations.Permutationistorearrangedata,andreplacementistoreplaceonedataunitwithanother.AESusesseveraldifferentmethodstoperformpermutationandpermutationoperations.
AESisaniterative,symmetrickeyblockcipher,itcanuse128,192,and256-bitkeys,anduse128-bit(16-byte)blockstoencryptanddecryptdata.Unlikepublickeyciphersthatusekeypairs,symmetrickeyciphersusethesamekeytoencryptanddecryptdata.Thenumberofbitsoftheencrypteddatareturnedbytheblockcipheristhesameastheinputdata.Iterativeencryptionusesaloopstructureinwhichtheinputdataisrepeatedlyreplacedandreplaced.
AES:n ja 3DES:n vertailu
Algoritmin nimi | > Algoritmityyppi | > Avaimen pituus | > Nopeus | p>Salauksen purkuaika (rakennuskoneet255 avaimen sekuntia) | > ResurssitKulutus |
| > AES | > Symmetrinen lohkosalaus | > 128 192 256 bittiä | > Korkea | > 149 biljoonaa vuotta | > matala |
| > 3DES | Symmetricfeistel-salasana | > 112 bittiä tai 168 bittiä | > matala | 46100 miljoonaa vuotta | > Keskikokoinen |
Epäsymmetrinen goritmi
Yleiset symmetriset salausalgoritmit ovat seuraavat:
RSA:InventedbyRSA,itisapublickeyalgorithmthatsupportsvariable-lengthkeys.Thelengthofthefileblockthatneedstobeencryptedisalsovariable;
p>
DSA(Digitaalinen allekirjoitusalgoritmi):Digitaalinen allekirjoitusalgoritmi,on standardiDSS(Digital Signature Standard);
ECC(EllipticCurvesCryptography):EllipticCurvesCryptography.
In1976,becausesymmetricencryptionalgorithmscouldnolongermeettheneeds,DiffieandHellmanpublishedanarticlecalled"NewTrendsinCryptography",whichintroducedtheconceptofpublickeyencryption.AdelmanproposedtheRSAalgorithm.
Withtheprogressandimprovementofthemethodofdecomposinglargeintegers,theincreaseofcomputerspeedandthedevelopmentofcomputernetworks,inordertoensurethesecurityofdata,theRSAkeyneedstoincreasecontinuously.However,theincreaseofthekeylengthleadstoAsthespeedofencryptionanddecryptionhasbeengreatlyreduced,hardwareimplementationhasbecomemoreandmoreunbearable,whichhasbroughtaheavyburdentoapplicationsthatuseRSA,soanewalgorithmisneededtoreplaceRSA.
In1985,N.KoblitzandMillerproposedtheuseofellipticcurvesincryptographicalgorithms,basedonthediscretelogarithmproblemECDLPinpointgroupsonellipticcurvesoverfinitefields.ECDLPisamoredifficultproblemthanthefactorizationproblem,itisexponentiallydifficult.
Principle-thedifficultproblemontheellipticcurveThediscretelogarithmproblemontheellipticcurveECDLPisdefinedasfollows:GivenaprimenumberpandanellipticcurveE,forQ=kP,findPandQFindapositiveintegerkthatislessthanp.ItcanbeprovedthatitiseasiertocalculateQfromkandP,butitismoredifficulttocalculatekfromQandP.
Correspondingtheadditionoperationintheellipticcurvetothemodularmultiplicationoperationinthediscretelogarithm,andthemultiplicationoperationintheellipticcurvecorrespondingtothemodularexponentiationoperationinthediscretelogarithm,wecanbuildbasedonThecorrespondingcryptosystemoftheellipticcurve.
Forexample,correspondingtotheDiffie-Hellmanpublickeysystem,wecanimplementitontheellipticcurveinthefollowingway:selectthegeneratorPonE,andrequireenoughgroupelementsgeneratedbyP,andthecommunicationpartiesAAndBselectsaandbrespectively,aandbarekeptsecret,butaPandbParemadepublic,andthekeyusedforcommunicationbetweenAandBisabP,whichisnotknowntoathirdparty.
ThecorrespondingELGamalcryptosystemcanbeimplementedontheellipticcurveinthefollowingway:
Upota yksinkertainen teksti PmpointonE:hen, valitse kohta B∈E ja jokainen käyttäjäValitse kokonaisluku,0
K=kG[missäK,GarepointsonEp(a,b),jakisanintegerlessthann(pisteenG nisojärjestys)]
ItisnotdifficulttofindthatgivenkandG,itiseasytocalculateKaccordingtotheruleofaddition;butgivenKandG,itisrelativelydifficulttofindk.
Tämä on elliptisen käyrän salausalgoritmin aiheuttama ongelma.Kutsumme pistettä Gperuspiste, k(yksityinen avain)jaKjulkinen avain.
ComparisonofECCandRSAComparedwithECCandRSA,Hasabsoluteadvantagesinmanyaspects,mainlyreflectedinthefollowingaspects:
Vahva hyökkäyksen vastainen. Sama avaimenpituus, sen hyökkäysvastaisuus on aina vahvempi.
Theamountofcalculationissmallandtheprocessingspeedisfast.TheoverallspeedofECCismuchfasterthanthatofRSAandDSA.
Thestoragespaceissmall.ThekeysizeandsystemparametersofECCaremuchsmallerthanthoseofRSAandDSA.More,itmeansthatitoccupiesamuchsmallerstoragespace.ThisisofspecialsignificancefortheapplicationofencryptionalgorithmsonICcards.
Lowbandwidthrequirements.WhenencryptinganddecryptinglongmessagesAtthistime,thethreetypesofcryptosystemshavethesamebandwidthrequirements,butwhenappliedtoshortmessages,theECCbandwidthrequirementsaremuchlower.ThelowbandwidthrequirementsmakeECChaveawiderangeofapplicationprospectsinthefieldofwirelessnetworks.
ECCThesecharacteristicsmakeitsuretoreplaceRSAandbecomeageneralpublickeyencryptionalgorithm.Forexample,thecreatorsoftheSETprotocolhaveadopteditasthedefaultpublickeyencryptionalgorithminthenextgenerationSETprotocol.
ThefollowingtwoRepresentsthecomparisonofthesecurityandspeedofRSAandECC.
Rikkomisen aika (MIPS-vuotta) td> | RSA/DSA(avaimen pituus) | ECC-avaimen pituus | RSA/ECCkeylengthratio |
| > 10 | > 512 | > 106 | > 5:1 |
| > 10 | > 768 | > 132 | > 6:1 |
| > 10 | > 1024 | > 160 | > 7:1 |
| > 10 | > 2048 | > 210 | > 10:1 |
| > 10 | > 21000 | > 600 | > 35:1 |
RSA- ja ECC-turvamoduulien vertailu
| > Toiminto | > SecurityBuilder1.2 | > BSAFE3.0 |
163-bittinen ECC(ms) | > 1 023 bitin RSA(ms) | |
Avainparien luominen | > 3.8 | > 4 708,3 |
Allekirjoitus p> | > 2.1 (ECNRA) | > 228.4 |
| > 3.0 (ECDSA) | ||
| > Sertifiointi | > 9,9 (ECNRA) | > 12.7 |
| > 10,7 (ECDSA) | ||
Diffie – Hellmankeychange | > 7.3 | > 1 654,0 |
RSA:n ja ECC:n välinen nopeusvertailu
Hashalgorithm
Hashingalgorithmisalsocalledhashalgorithm,EnglishisHash,whichistotransformaninputofanylength(alsocalledpre-image,pre-image)intoafixed-lengthoutputthroughahashingalgorithm.Theoutputisthehashvalue.Thisconversionisacompressionmapping,thatis,thehashvaluespaceisusuallymuchsmallerthantheinputspace,differentinputsmaybehashedintothesameoutput,anditisimpossibletouniquelydeterminetheinputvaluefromthehashvalue.Simplyput,itisafunctionthatcompressesmessagesofanylengthtoafixed-lengthmessagedigest.
HASHismainlyusedinencryptionalgorithmsinthefieldofinformationsecurity.Itconvertsinformationofdifferentlengthsintomessy128-bitcodes.ThesecodedvaluesarecalledHASHvalues.ItcanalsobesaidthathashistofindakindofThehashofthemappingrelationshipbetweenthedatacontentandthedatastorageaddressistherefinementoftheinformation,anditslengthisusuallymuchsmallerthanthatoftheinformation,anditisafixedlength.Astrongencryptionhashmustbeirreversible,whichmeansthatnopartoftheoriginalinformationcanbederivedfromthehashresult.Anychangeintheinputinformation,evenifitisonlyonebit,willcauseasignificantchangeinthehashresult,whichiscalledtheavalancheeffect.Hashingshouldalsobeanti-collision,thatis,twopiecesofinformationwiththesamehashresultcannotbefound.Thehashresultwiththesecharacteristicscanbeusedtoverifywhethertheinformationhasbeenmodified.
Yksisuuntaista hash-toimintoa käytetään yleensä luomaan viestitiivisteitä, avaimen salausta jne.Yleiset ovat:
MD5(MessageDigestAlgorithm5): Sen on kehittänyt RSADataSecurityCorporationOone-way-halgorithm.
SHA(SecureHash Algorithm):Se voi luoda 160 bitin arvon datan pituuden;
In1993,theSecureHashAlgorithm(SHA)wasadoptedbytheAmericanNationalStandardItwasproposedbytheInstituteofTechnologyandTechnology(NIST)andpublishedastheFederalInformationProcessingStandard(FIPSPUB180);in1995,arevisedversionofFIPSPUB180-1wasreleased,usuallycalledSHA-1.SHA-1isbasedontheMD4algorithm,anditsdesignlargelyimitatesMD4.Itisnowrecognizedasoneofthesafesthashingalgorithmsandiswidelyused.
PrincipleSHA-1isadataencryptionalgorithm.Theideaofthealgorithmistoreceiveapieceofplaintextandthenconvertitintoapieceof(usuallysmaller)ciphertextinanirreversibleway.ItcanalsobesimpleTheunderstandingofistheprocessoftakingastringofinputcodes(calledpre-mappingorinformation)andconvertingthemintoashort-length,fixed-digitoutputsequencethatisahashvalue(alsoknownasinformationdigestorinformationauthenticationcode).
Thesecurityoftheone-wayhashfunctionliesinitsstrongone-wayoperationintheprocessofgeneratingthehashvalue.Ifthepasswordisembeddedintheinputsequence,noonecangeneratethecorrecthashvaluewithoutknowingthepassword,thusensuringitssecurity.SHAdividestheinputstreamintoblocksof512bits(64bytes)perblock,andproduces20bytesofoutputcalledthemessageauthenticationcodeormessagedigest.
Algoritmin syöttöviestin enimmäispituus ei ylitä 264 bittiä, ja tuotettu ulostulo on 160-bittinen viestitiiviste.Syöte käsitellään 512-bittisissä ryhmissä.SHA-1 on palautumaton, törmäyksenesto ja sillä on hyvä vaikutus.
Thedigitalsignaturecanberealizedthroughthehashalgorithm.Theprincipleofdigitalsignatureistoconverttheplaintexttobetransmittedintoamessagedigestthroughafunctionoperation(Hash)(differentplaintextcorrespondstodifferentmessagedigests),Themessagedigestisencryptedandsenttotherecipienttogetherwiththeplaintext.Therecipientwillgenerateanewmessagedigestofthereceivedplaintextandcompareitwiththesender'ssentmessagedigest.Thecomparisonresultisconsistent,indicatingthattheplaintexthasnotbeenchanged.Ifitisinconsistent,itmeansTheplaintexthasbeentamperedwith.
MAC(InformationAuthenticationCode)isahashresult.Partoftheinputinformationisapassword.OnlyparticipantswhoknowthispasswordcanrecalculateandverifythevalidityoftheMACcode.ThegenerationofMACisshowninthefigurebelow.
Tietoja |
Salasana |
Hashfunktio |
Tiedon todennuskoodi |
SHA-1:n ja MD5:n vertailu, koska molemmat ovat peräisin MD4:stä ja SHA-1:stä ja MD5:stä eroavat toisistaan.yhdennäköisyys.
Securityagainstforcedsupply:ThemostsignificantandimportantdifferenceisthattheSHA-1abstractislongerthantheMD5abstract32bits.Usingforcetechnology,thedifficultyofgeneratinganymessagesothatitsdigestisequaltoagivendigestisa2-orderoperationforMD5,anda2-orderoperationforSHA-1.Inthisway,SHA-1hasgreaterstrengthagainstforcedattacks.
Salausanalyysin turvallisuus: MD5:n suunnittelun vuoksi se on alttiina salausanalyysihyökkäyksille, ja SHA-1 ei ole alttiina sellaisille keskusteluhyökkäyksille.
Nopeus: Samalla laitteistolla SHA-1 toimii hitaammin kuin MD5.
Kahden vertailu
Symetrian ja symmetristen goritmien vertailu
Theprinciplesofthetwoencryptionmethodsaresummarizedabove.Generallyspeaking,therearemainlythefollowingaspectsDifferent:
1.Intermsofmanagement:thepublickeycryptographicalgorithmonlyneedslessresourcestoachieveitspurpose.Inthedistributionofkeys,thereisanexponentialleveldifferencebetweenthetwo(oneisnoneIsn).Therefore,theprivatekeycryptographicalgorithmisnotsuitablefortheuseofWAN,andmoreimportantly,itdoesnotsupportdigitalsignatures.
2.Intermsofsecurity:Sincethepublickeycryptographicalgorithmisbasedonanunsolvedmathematicalproblem,itisalmostimpossibletocrack.Fortheprivatekeycryptographicalgorithm,althoughitisimpossibletocracktheoreticallybyAES,fromtheperspectiveofcomputerdevelopment.Thepublickeyismoreadvantageous.
3.Fromthepointofviewofspeed:ThesoftwareimplementationspeedofAEShasreachedseveralmegabitsortensofmegabitspersecond.Itis100timesthepublickey.Ifimplementedbyhardware,thisratiowillbeexpandedto1000times.
ThechoiceofencryptionalgorithmThepreviouschaptershaveintroducedsymmetricdecryptionalgorithmsandasymmetricencryptionalgorithms.Manypeoplearewondering:Sowhichoneshouldweuseinactualuseisbetter?
Weshoulddetermineaccordingtoourowncharacteristics.Sincetherunningspeedofasymmetricencryptionalgorithmismuchslowerthanthatofsymmetricencryptionalgorithm,whenweneedtoencryptalargeamountofdata,itisrecommendedtousesymmetricencryptionalgorithmtoimproveEncryptionanddecryptionspeed.
Symmetricencryptionalgorithmcannotrealizesignature,sosignaturecanonlybeasymmetricalgorithm.
Asthekeymanagementofthesymmetricencryptionalgorithmisacomplexprocess,themanagementofthekeydirectlydeterminesitssecurity,sowhentheamountofdataissmall,wecanconsiderusinganasymmetricencryptionalgorithm.
Intheactualoperationprocess,weusuallyadoptthemethod:useanasymmetricencryptionalgorithmtomanagethekeyofthesymmetricalgorithm,andthenusethesymmetricencryptionalgorithmtoencryptthedata,sothatwehaveintegratedtwotypesofencryptionalgorithmsTheadvantageofnotonlyrealizestheadvantagesoffastencryptionspeed,butalsorealizestheadvantagesofsafeandconvenientkeymanagement.
Jos salausalgoritmi ei ole valittu, kuinka monta bittiä avainta tulisi käyttää?Yleensä mitä pidempi avain, sitä hitaampi käyntinopeus.Se tulisi valita sen tietoturvatason mukaan, jota todella tarvitsemme.Yleensä 1024-bittistä numeroa suositellaan.
Themodernapplicationofcryptography,withthepopularizationofcommercialapplicationsofcryptography,publickeycryptographyhasreceivedunprecedentedattention.Inadditiontotraditionalcryptographicapplicationsystems,thePKIsystemisbasedonpublickeycryptography,providingfunctionssuchasencryption,signature,authentication,keymanagement,anddistribution.
Confidentialcommunication:Confidentialcommunicationisthecauseofcryptography.Whenusingpublicandprivatekeycryptographyforconfidentialcommunication,therecipientoftheinformationcandecrypttheinformationonlyifheknowsthecorrespondingkey.
Digitalsignature:Digitalsignaturetechnologycanreplacetraditionalhandwrittensignatures,andfromasecurityperspective,digitalsignatureshaveagoodanti-counterfeitingfunction.Ithasawiderangeofapplicationenvironmentsingovernmentagencies,militaryfields,andcommercialfields.
Secretsharing:Secretsharingtechnologyreferstotheuseofcryptographictechniquestosplitasecretinformationintonpiecesofinformationcalledsharingfactors,anddistributethemtonmembers,onlyk(k≤n)legalmembersThesecretinformationcanberecoveredbythesharingfactorof,andanyoneorm(m≤k)memberscooperateswithoutknowingthesecretinformation.Theuseofsecretsharingtechnologycancontrolanysecretinformation,commands,etc.thatneedtobecontrolledbymultiplepeople.
Authenticationfunction:transmitsensitiveinformationonopenchannels,usesignaturetechnologytoverifytheauthenticityandintegrityofthemessage,andverifytheidentityofthecommunicationsubjectbyverifyingthepublickeycertificate.
Keymanagement:Thekeyisamorefragileandimportantlinkinthesecuritysystem.Thepublickeycryptosystemisapowerfultooltosolvethekeymanagementwork;thepublickeycryptosystemisusedforkeynegotiationandgeneration,Thetwopartiesinconfidentialcommunicationdonotneedtosharesecretinformationinadvance;publickeycryptosystemsareusedforkeydistribution,protection,keyescrow,andkeyrecovery.
Basedonthepublickeycryptosystem,inadditiontotheabovegeneralfunctions,thefollowingsystemscanalsobedesignedandimplemented:securee-commercesystem,electroniccashsystem,electronicelectionsystem,electronicbiddingsystem,electroniclotterysystem,etc.
Theemergenceofthepublickeycryptosystemisthebasisforthedevelopmentofcryptographyfromthetraditionalgovernment,militaryandotherapplicationfieldstocommercialandcivilianuse.Atthesametime,thedevelopmentoftheInternetande-commercehasopenedupabroaderfieldforthedevelopmentofcryptography.prospect.
ThefutureofencryptionalgorithmsWiththeimprovementofcalculationmethods,theaccelerationofcomputeroperationspeed,andthedevelopmentofnetworks,moreandmorealgorithmshavebeencracked.
Atthe2004InternationalConferenceonCryptography(Crypto'2004),ProfessorWangXiaoyunfromShandongUniversity,China,madeareportondecipheringMD5,HAVAL-128,MD4andRIPEMDalgorithms,whichmadethepresentinternationaltoppasswordsAcademicexpertsareshocked,whichmeansthatthesealgorithmswillbeeliminatedfromtheapplication.Subsequently,SHA-1wasalsodeclaredtohavebeencracked.
TherearethreeattackexperimentsthathaveanimpactonDESinhistory.In1997,using70,000computersfromvariouscountriesatthattime,ittook96daystocracktheDESkey.In1998,theElectronicFrontierFoundation(EFF)usedaspecialcomputerbuiltfor$250,000tocracktheDESkeyin56hours.In1999,EFFcompletedthecrackingworkin22hoursand15minutes.therefore.DES,whichoncemadeoutstandingcontributions,cannolongermeetourgrowingneeds.
Recently,agroupofresearcherssuccessfullydecomposeda512-bitintegerandannouncedtheRSAcracking.
Wesaythatdatasecurityisrelative.Itcanbesaidthatitissafeforacertainperiodoftimeandundercertainconditions.Withthedevelopmentofhardwareandnetwork,ortheemergenceofanotherWangXiaoyun,thecurrentcommonlyusedencryptionalgorithmsareItmaybecrackedinashorttime.Atthattime,wehavetouselongerkeysormoreadvancedalgorithmstoensuredatasecurity.Therefore,encryptionalgorithmsstillneedtobecontinuouslydevelopedandimprovedtoprovidehigherencryptionsecuritystrengthandcalculatingspeed.
Overviewofthesetwoalgorithms,oneisfromDESto3DEStoAES,andtheotherisfromRSAtoECC.Itsdevelopmentangleisallconsideringthesimplicityofthekey,thelowcost,theeaseofmanagement,thecomplexityofthealgorithm,thesecurityofconfidentiality,andthespeedofcalculation.Therefore,thedevelopmentofalgorithmsinthefuturemustbebasedontheseperspectives,andthesetwoalgorithmsareoftencombinedinactualoperations,andanewalgorithmthatcombinestheadvantagesofthetwoalgorithmswillappearinthefuture.Atthattime,therealizationofe-commercewillsurelybefasterandsafer.