Gestione delle chiavi

Mainperformance

Keymanagementincludesallaspectsfromkeygenerationtokeydestruction.Mainlymanifestedinthemanagementsystem,managementagreementandkeygeneration,distribution,replacementandinjection,etc.Formilitarycomputernetworksystems,duetousermobility,affiliationandcoordinatedcombatcommandarecomplicated,higherrequirementsareputforwardforkeymanagement.

Process

Keygeneration

Thekeylengthshouldbelongenough.Generallyspeaking,thelargerthekeylength,thelargerthecorrespondingkeyspace,andthemoredifficultitisforanattackertouseexhaustiveguessingofthepassword.

Chooseagoodkeyandavoidweakkeys.Therandombitstringgeneratedbytheautomaticprocessingdeviceisagoodkey.Whenchoosingakey,youshouldavoidchoosingaweakkey.

Forpublickeycryptosystems,keygenerationismoredifficultbecausethekeymustsatisfycertainmathematicalcharacteristics.

Keygenerationcanbeachievedthroughonlineorofflineinteractivenegotiation,suchascryptographicprotocols.

Keydistribution

Theuseofsymmetricencryptionalgorithmsforconfidentialcommunicationrequiresthesharingofthesamekey.Usually,amemberofthesystemselectsasecretkeyfirst,andthentransmitsittoanothermemberorothermembers.TheX9.17standarddescribestwotypesofkeys:keyencryptionkeysanddatakeys.Thekeyencryptionkeyencryptsotherkeysthatneedtobedistributed;whilethedatakeyonlyencryptstheinformationflow.Thekeyencryptionkeyisgenerallydistributedmanually.Toenhanceconfidentiality,thekeycanalsobedividedintomanydifferentpartsandthensentoutondifferentchannels.

Verificationkey

Thekeyistransmittedwithsomeerrordetectionanderrorcorrectionbitsattached.Whenthekeyhasanerrorintransmission,itcanbeeasilycheckedout,andifIfrequired,thekeycanberetransmitted.

Thereceivingendcanalsoverifywhetherthereceivedkeyiscorrect.Thesenderencryptsaconstantwiththekey,andthensendsthefirst2-4bytesoftheciphertexttogetherwiththekey.Atthereceivingend,dothesamework.Ifthedecryptedconstantatthereceivingendcanmatchtheconstantatthesendingend,thetransmissioniserror-free.

Updatingthekey

Whenthekeyneedstobechangedfrequently,itisindeeddifficulttodistributethenewkeyfrequently.Aneasiersolutionistochangethekeyfromtheoldone.Anewkeyisgeneratedfromthekey,sometimescalledakeyupdate.Youcanuseaone-wayfunctiontoupdatethekey.Ifbothpartiessharethesamekeyandoperatewiththesameone-wayfunction,thesameresultwillbeobtained.

Keystorage

Keyscanbestoredinthebrain,magneticstripecard,smartcard.Thekeycanalsobedividedintotwoparts,onehalfisstoredintheterminalandtheotherisstoredintheROMkey.Itisalsopossibletouseamethodsimilartothekeyencryptionkeytoencryptandsavethehard-to-rememberkey.

Backupkey

Keyescrow,secretdivision,secretsharing,etc.canbeusedforkeybackup.

Theeasiestwayistouseakeyescrowcenter.Keyescrowrequiresalluserstohandovertheirkeystothekeyescrowcenter,andthekeyescrowcenterbacksupandkeepsthekeys(suchaslockedinasafesomewhereorencryptedandstoredwiththemasterkey),Oncetheuser'skeyislost(suchastheuserforgetsthekeyortheuseraccidentallydies),inaccordancewithcertainrulesandregulations,theuser'skeycanbeobtainedfromthekeyescrowcenter.Anotherbackupsolutionistousesmartcardsastemporarykeyescrow.Forexample,Alicestoresthekeyinthesmartcard,andgivesittoBobwhenAliceisaway.BobcanusethecardtodoAlice'swork.WhenAlicereturns,Bobreturnsthecard.Becausethekeyisstoredinthecard,BobIdon'tknowwhatthekeyis.

Secretdivisiondividesthesecretintomanypieces.Eachpiecedoesnotmeananything,butwhenthesepiecesareputtogether,thesecretwillbereproduced.

Abetterwayistouseasecretsharingprotocol.DividethekeyKintonblocks,andeachpartiscalledits"shadow".KnowinganymormoreblockscancalculatethekeyK,knowingthatanym-1orlessblockscannotbecalculatedThekeyK,whichiscalledthe(m,n)threshold(threshold)scheme.Atpresent,peoplehaveproposedmanysecretsharingschemesbasedonLagrangianinterpolationpolynomialmethod,projectivegeometry,linearalgebra,SunTzutheorem,etc.

TheLagrangianinterpolationpolynomialschemeisaneasy-to-understandsecretsharing(m,n)thresholdscheme.

Secretsharingsolvestwoproblems:first,ifthekeyisaccidentallyorintentionallyexposed,theentiresystemisvulnerabletoattack;second,ifthekeyislostordamaged,allinformationinthesystemcannotbeused.

Keyvalidityperiod

Encryptionkeyscannotbeusedindefinitely.Thereareseveralreasons:thelongerthekeyisused,thegreaterthechanceofitbeingleaked;ifthekeyisHasbeenleaked,thenthelongerthekeyisused,thegreatertheloss;thelongerthekeyisused,thegreaterthetemptationforpeopletospendenergydecipheringit-evenbruteforceattacks;formultipleciphertextsencryptedwiththesamekeyItisgenerallyeasiertoperformcryptanalysis.

Differentkeysshouldhavedifferentvalidityperiods.

Thevalidityperiodofthedatakeymainlydependsonthevalueofthedataandtheamountofencrypteddatainagiventime.Thegreaterthevalueandthedatatransferrate,themorefrequentlythekeysusedwillbereplaced.

Keyencryptionkeysdonotneedtobechangedfrequently,becausetheyareonlyusedoccasionallyforkeyexchange.Insomeapplications,thekeyencryptionkeyisonlychangedonceamonthorayear.

Theencryptionkeyusedtoencryptthesaveddatafilecannotbechangedfrequently.Usuallyeachfileisencryptedwithauniquekey,andthenallkeysareencryptedwithakeyencryptionkey.Thekeyencryptionkeyiseithermemorizedorstoredinasafeplace.Ofcourse,losingthiskeymeanslosingallfileencryptionkeys.

Thevalidityperiodoftheprivatekeyinthepublickeycryptographyapplicationvariesaccordingtotheapplication.Theprivatekeyusedfordigitalsignatureandidentificationmustlastforseveralyears(orevenlife),andtheprivatekeyusedforthecointossprotocolshouldbedestroyedimmediatelyaftertheagreementiscompleted.Evenifthesecurityofthekeyisexpectedtolastforalifetime,itisnecessarytoconsiderchangingthekeyonceeverytwoyears.Theoldkeystillneedstobekeptsecretincasetheuserneedstoverifytheprevioussignature.Butthenewkeywillbeusedtosignthenewfiletoreducethenumberofsignaturefilesthatacryptanalystcanattack.

Destroythekey

Ifthekeymustbereplaced,theoldkeymustbedestroyed,andthekeymustbephysicallydestroyed.

Managementsystem

Thepublickeypasswordmakesthekeyeasiertomanage.Nomatterhowmanypeoplethereareonthenetwork,everyonehasonlyonepublickey.

Itisnotenoughtouseapublic/privatekeypair.Theimplementationofanygoodpublickeycryptographyneedstoseparatetheencryptionkeyfromthedigitalsignaturekey.Butasinglepairofencryptionandsigningkeysisnotenough.LikeanIDcard,aprivatekeyprovesarelationship,andpeoplehavemorethanonerelationship.Forexample,Alicecansignadocumentinthenameofaprivateperson,thevicepresidentofthecompany,etc.

InthefinancialICcardjointpilotprojectsofcommercialbanks,thesecuritycontrolandmanagementofkeysbybanksatalllevelsisthekeytothesecurityoftheapplicationsystem.

The"RT-KMSKeyManagementSystem"followsthe"ChinaFinancialIntegratedCircuit(IC)CardSpecification(v1.0)"andthe"BankICCardJointPilotTechnicalPlan"tofacilitatetheindependenceofmemberbanks

p>

Issuingcards,realizingthesharingofcardreaders,andcompletingcross-banktransactionsindifferentplaces.

Securitymechanism

InthenationalbankICcardjointpilotprogram,banksatalllevelsusekeymanagementsystemstoimplementkeysecuritymanagement.Thekeymanagementsystemadoptsthe3DESencryptionalgorithmandusesthethree-levelmanagementsystemofthebankheadoffice,theregionalbranchofthePeople’sBankofChina(commercialbankheadoffice),andmemberbankstosecurelysharethepublicmasterkeyandrealizecardintercommunication.,Equipmentsharing.

Theentiresecuritysystemstructuremainlyincludesthreetypesofkeys:thenationally-usedconsumer/cashwithdrawalmasterkeyGMPKoftheheadoffice,theconsumption/cashwithdrawalmasterkeyMPKoftheissuingbank,andothersoftheissuingbank

Masterkey.Accordingtothepurposeofthekey,thesystemadoptsdifferentprocessingstrategies.

Designprinciples

(1)Allkeysareloadedandimportedinciphertext.

(2)Thekeyissubjecttostrictauthoritycontrol,anddifferentorganizationsorpersonnelhavedifferentauthoritytoread,write,update,andusedifferentkeys.

(3)Inordertoensurethesecurityofkeyuseandconsidertheneedsofactualuse,thesystemcangeneratemultiplesetsofmasterkeys.Ifoneofthekeysisleakedorattacked,theapplicationsystemcanbestoppedimmediatelyTheuseofthissetofkeysandtheuseofbackupkeys,soastoavoidthewasteofexistinginvestmentandequipmentasmuchaspossible,andreducetheriskofsystemuse.

(4)Userscanchoosedifferentcombinationsandconfigurationsofthekeymanagementsubsystemaccordingtoactualneeds.

(5)Keyservice,storageandbackupareintheformofkeyfoborencryptionmachine.

Managementtechnology

Technologyclassification

1.Symmetrickeymanagement.Symmetricencryptionisrealizedbasedonthecommonkeepingofsecrets.Bothpartiestothetradethatadoptsymmetricencryptiontechnologymustensurethattheyusethesamekey,thattheexchangeofeachother'skeysissafeandreliable,andalsosetupprocedurestopreventkeyleakageandchangekeys.Inthisway,themanagementanddistributionofsymmetrickeyswillbecomeapotentiallydangerousandcumbersomeprocess.Therealizationofsymmetrickeymanagementthroughpublickeyencryptiontechnologymakesthecorrespondingmanagementsimplerandmoresecure,andatthesametimesolvesthereliabilityandauthenticationproblemsinthepuresymmetrickeymode.Thetradingpartycangenerateauniquesymmetrickeyforeachexchangeofinformation(suchaseachEDIexchange)andencryptthekeywithapublickey,andthenencrypttheencryptedkeywiththekeyTheinformation(suchasEDIexchange)issenttothecorrespondingtradingpartytogether.Sinceauniquekeyisgeneratedforeachinformationexchange,eachtradingpartynolongerneedstomaintainthekeyandworryabouttheleakageorexpirationofthekey.Anotheradvantageofthismethodisthatevenifakeyisleaked,itwillonlyaffectonetransaction,andwillnotaffectallthetransactionrelationshipsbetweenthetradingparties.Thismethodalsoprovidesasecurewaytoissuesymmetrickeysbetweentradingpartners.

2.Publickeymanagement/digitalcertificate.Digitalcertificates(publickeycertificates)canbeusedtoexchangepublickeysbetweentradingpartners.ThestandardX.509developedbytheInternationalTelecommunicationUnion(ITU)definesdigitalcertificates.ThisstandardisequivalenttotheISO/IEC9594-8:195standardjointlyissuedbytheInternationalOrganizationforStandardization(ISO)andtheInternationalElectrotechnicalCommission(IEC).Digitalcertificatesusuallyincludethenamethatuniquelyidentifiestheownerofthecertificate(ie,thetradingparty),thenamethatuniquelyidentifiesthecertificateissuer,thepublickeyofthecertificateowner,thedigitalsignatureofthecertificateissuer,thevalidityperiodofthecertificate,andtheserialnumberofthecertificate,etc..Thecertificateissuerisgenerallycalledacertificateauthority(CA),whichisanorganizationtrustedbyallpartiesinthetrade.Digitalcertificatescanplayaroleinidentifyingtradingpartiesandarecurrentlyoneofthetechnologieswidelyusedine-commerce.

3.Standardspecificationsrelatedtokeymanagement.Atpresent,relevantinternationalstandardizationorganizationshavestartedtoformulatetechnicalstandardsandspecificationsonkeymanagement.TheInformationTechnologyCommittee(JTC1)underISOandIEChasdraftedaninternationalstandardspecificationforkeymanagement.Thespecificationismainlycomposedofthreeparts:oneisthekeymanagementframework;thesecondisthemechanismusingsymmetrictechnology;thethirdisthemechanismusingasymmetrictechnology.Thespecificationhasnowenteredthestageofvotingondraftinternationalstandardsandwillsoonbecomeanofficialinternationalstandard.

Digitalsignature

Digitalsignatureisanothertypeofapplicationofpublickeyencryptiontechnology.Itsmainmethodis:thesenderofthemessagegeneratesa128-bithashvalue(ormessagedigest)fromthemessagetext.Thesenderusesitsownprivatekeytoencryptthishashvaluetoformthesender'sdigitalsignature.Then,thisdigitalsignaturewillbesenttotherecipientofthemessageasanattachmenttothemessagetogetherwiththemessage.Thereceiverofthemessagefirstcalculatesa128-bithashvalue(ormessagedigest)fromthereceivedoriginalmessage,andthenusesthesender'spublickeytodecryptthedigitalsignatureattachedtothemessage.Ifthetwohashvalues​​arethesame,thereceivercanconfirmthatthedigitalsignatureisfromthesender.Throughthedigitalsignature,theauthenticationandnon-repudiationoftheoriginalmessagecanberealized.

ISO/IECJTC1isalreadydraftingrelevantinternationalstandards.Thepreliminarytitleofthestandardis"InformationTechnologySecurityTechnologywithAttachedDigitalSignatureScheme",whichconsistsoftwoparts:anoverviewandanidentity-basedmechanism.

Encryptionalgorithm

IntroductiontocryptographyAccordingtorecords,in400BC,theancientGreeksinventedthereplacementcipher.In1881,theworld'sfirsttelephonesecuritypatentappeared.DuringtheSecondWorldWar,theGermanmilitaryusedthe"Enigma"cryptographicmachine,andcryptographyplayedaveryimportantroleinthewar.

Withthedevelopmentofinformationtechnologyanddigitalsociety,people’sawarenessoftheimportanceofinformationsecurityandconfidentialitycontinuestoincrease,soin1997,theNationalBureauofStandardsannouncedtheimplementationofthe"USDataEncryptionStandard(DES)"Thecivilforcesbegantofullyinterveneintheresearchandapplicationofcryptography,usingencryptionalgorithmssuchasDES,RSA,andSHA.Asthedemandforencryptionstrengthcontinuestoincrease,AESandECChaverecentlyappeared.

Usingcryptographycanachievethefollowingpurposes:

Confidentiality:Preventtheuser'sidentificationordatafrombeingread.

Dataintegrity:Preventdatafrombeingchanged.

Identityverification:toensurethatthedataissentfromaspecificparty.

2.IntroductiontoencryptionalgorithmsAccordingtodifferentkeytypes,moderncryptographictechnologiesaredividedintotwocategories:symmetricencryptionalgorithms(secretkeyencryption)andasymmetricencryptionalgorithms(publickeyencryption).

Thesymmetrickeyencryptionsystemusesthesamesecretkeyforencryptionanddecryption,andbothpartiesincommunicationmustobtainthiskeyandkeepthekeysecret.

Theencryptionkey(publickey)anddecryptionkey(privatekey)usedbytheasymmetrickeyencryptionsystemaredifferent.

Symmetricencryptionalgorithm

Inasymmetricencryptionalgorithm,onlyonekeyisusedtoencryptanddecryptinformation,thatis,thesamekeyisusedforencryptionanddecryption.Commonlyusedalgorithmsinclude:DES(DataEncryptionStandard):adataencryptionstandard,whichisfasterandissuitableforencryptinglargeamountsofdata.

3DES(TripleDES):BasedonDES,apieceofdataisencryptedthreetimeswiththreedifferentkeys,withhigherstrength.

AES(AdvancedEncryptionStandard):AdvancedEncryptionStandard,thenext-generationencryptionalgorithmstandard,withfastspeedandhighsecuritylevel;

InOctober2000,NIST(AmericanNationalStandardAndTechnologyAssociation)announcedtheadoptionofanewkeyencryptionstandardselectedfrom15candidatealgorithms.RijndaelwasselectedasthefutureAES.Rijndaelwasfoundedinthesecondhalfof1999byresearchersJoanDaemenandVincentRijmen.AESisincreasinglybecomingthedefactostandardforencryptingvariousformsofelectronicdata.

TheNationalInstituteofStandardsandTechnology(NIST)formulatedanewAdvancedEncryptionStandard(AES)specificationonMay26,2002.

AlgorithmprincipleTheAESalgorithmisbasedonpermutationandpermutationoperations.Permutationistorearrangedata,andreplacementistoreplaceonedataunitwithanother.AESusesseveraldifferentmethodstoperformpermutationandpermutationoperations.

AESisaniterative,symmetrickeyblockcipher,itcanuse128,192,and256-bitkeys,anduse128-bit(16-byte)blockstoencryptanddecryptdata.Unlikepublickeyciphersthatusekeypairs,symmetrickeyciphersusethesamekeytoencryptanddecryptdata.Thenumberofbitsoftheencrypteddatareturnedbytheblockcipheristhesameastheinputdata.Iterativeencryptionusesaloopstructureinwhichtheinputdataisrepeatedlyreplacedandreplaced.

ComparisonbetweenAESand3DES

p>

Algorithmname

Algorithmtype

Keylength

Speed

Decryptiontime(theconstructionmachinetries255keyspersecond)

ResourcesConsumption

AES

Symmetricblockcipher

128,192,256bits

High

149trillionyears

low

3DES

Symmetricfeistelpassword

112bitsor168bits

low

46100millionyears

Medium

Asymmetricalgorithm

Commonasymmetricencryptionalgorithmsareasfollows:

RSA:InventedbyRSA,itisapublickeyalgorithmthatsupportsvariable-lengthkeys.Thelengthofthefileblockthatneedstobeencryptedisalsovariable;

p>

DSA(DigitalSignatureAlgorithm):Digitalsignaturealgorithm,isastandardDSS(DigitalSignatureStandard);

ECC(EllipticCurvesCryptography):EllipticCurvesCryptography.

In1976,becausesymmetricencryptionalgorithmscouldnolongermeettheneeds,DiffieandHellmanpublishedanarticlecalled"NewTrendsinCryptography",whichintroducedtheconceptofpublickeyencryption.AdelmanproposedtheRSAalgorithm.

Withtheprogressandimprovementofthemethodofdecomposinglargeintegers,theincreaseofcomputerspeedandthedevelopmentofcomputernetworks,inordertoensurethesecurityofdata,theRSAkeyneedstoincreasecontinuously.However,theincreaseofthekeylengthleadstoAsthespeedofencryptionanddecryptionhasbeengreatlyreduced,hardwareimplementationhasbecomemoreandmoreunbearable,whichhasbroughtaheavyburdentoapplicationsthatuseRSA,soanewalgorithmisneededtoreplaceRSA.

In1985,N.KoblitzandMillerproposedtheuseofellipticcurvesincryptographicalgorithms,basedonthediscretelogarithmproblemECDLPinpointgroupsonellipticcurvesoverfinitefields.ECDLPisamoredifficultproblemthanthefactorizationproblem,itisexponentiallydifficult.

Principle-thedifficultproblemontheellipticcurveThediscretelogarithmproblemontheellipticcurveECDLPisdefinedasfollows:GivenaprimenumberpandanellipticcurveE,forQ=kP,findPandQFindapositiveintegerkthatislessthanp.ItcanbeprovedthatitiseasiertocalculateQfromkandP,butitismoredifficulttocalculatekfromQandP.

Correspondingtheadditionoperationintheellipticcurvetothemodularmultiplicationoperationinthediscretelogarithm,andthemultiplicationoperationintheellipticcurvecorrespondingtothemodularexponentiationoperationinthediscretelogarithm,wecanbuildbasedonThecorrespondingcryptosystemoftheellipticcurve.

Forexample,correspondingtotheDiffie-Hellmanpublickeysystem,wecanimplementitontheellipticcurveinthefollowingway:selectthegeneratorPonE,andrequireenoughgroupelementsgeneratedbyP,andthecommunicationpartiesAAndBselectsaandbrespectively,aandbarekeptsecret,butaPandbParemadepublic,andthekeyusedforcommunicationbetweenAandBisabP,whichisnotknowntoathirdparty.

ThecorrespondingELGamalcryptosystemcanbeimplementedontheellipticcurveinthefollowingway:

EmbedtheplaintextmintothePmpointonE,chooseapointB∈E,andeveryuserChooseanintegera,0

K=kG[whereK,GarepointsonEp(a,b),andkisanintegerlessthann(nistheorderofpointG)]

ItisnotdifficulttofindthatgivenkandG,itiseasytocalculateKaccordingtotheruleofaddition;butgivenKandG,itisrelativelydifficulttofindk.

Key management

Thisistheproblemthattheellipticcurveencryptionalgorithmuses.WecallthepointGthebasepoint,k(privtekey),andKthepublickey.

ComparisonofECCandRSAComparedwithECCandRSA,Hasabsoluteadvantagesinmanyaspects,mainlyreflectedinthefollowingaspects:

Stronganti-attack.Thesamekeylength,itsanti-attackismanytimesstronger.

Theamountofcalculationissmallandtheprocessingspeedisfast.TheoverallspeedofECCismuchfasterthanthatofRSAandDSA.

Thestoragespaceissmall.ThekeysizeandsystemparametersofECCaremuchsmallerthanthoseofRSAandDSA.More,itmeansthatitoccupiesamuchsmallerstoragespace.ThisisofspecialsignificancefortheapplicationofencryptionalgorithmsonICcards.

Lowbandwidthrequirements.WhenencryptinganddecryptinglongmessagesAtthistime,thethreetypesofcryptosystemshavethesamebandwidthrequirements,butwhenappliedtoshortmessages,theECCbandwidthrequirementsaremuchlower.ThelowbandwidthrequirementsmakeECChaveawiderangeofapplicationprospectsinthefieldofwirelessnetworks.

ECCThesecharacteristicsmakeitsuretoreplaceRSAandbecomeageneralpublickeyencryptionalgorithm.Forexample,thecreatorsoftheSETprotocolhaveadopteditasthedefaultpublickeyencryptionalgorithminthenextgenerationSETprotocol.

ThefollowingtwoRepresentsthecomparisonofthesecurityandspeedofRSAandECC.

Timeofbreach(MIPSyears)

td>

RSA/DSA(keylength)

ECCkeylength

RSA/ECCkeylengthratio

10

512

106

5:1

10

768

132

6:1

10

1024

160

7:1

10

2048

210

10:1

10

21000

600

35:1

ComparingRSAandECCsecuritymodules

Function

SecurityBuilder1.2

BSAFE3.0

163-bitECC(ms)

1,023-bitRSA(ms)

Keypairgeneration

3.8

4,708.3

Signature

p>

2.1(ECNRA)

228.4

3.0(ECDSA)

Certification

9.9(ECNRA)

12.7

10.7(ECDSA)

Diffie—Hellmankeyexchange

7.3

1,654.0

Speed​​comparisonbetweenRSAandECC

Hashalgorithm

Hashingalgorithmisalsocalledhashalgorithm,EnglishisHash,whichistotransformaninputofanylength(alsocalledpre-image,pre-image)intoafixed-lengthoutputthroughahashingalgorithm.Theoutputisthehashvalue.Thisconversionisacompressionmapping,thatis,thehashvaluespaceisusuallymuchsmallerthantheinputspace,differentinputsmaybehashedintothesameoutput,anditisimpossibletouniquelydeterminetheinputvaluefromthehashvalue.Simplyput,itisafunctionthatcompressesmessagesofanylengthtoafixed-lengthmessagedigest.

HASHismainlyusedinencryptionalgorithmsinthefieldofinformationsecurity.Itconvertsinformationofdifferentlengthsintomessy128-bitcodes.Thesecodedvalues​​arecalledHASHvalues.ItcanalsobesaidthathashistofindakindofThehashofthemappingrelationshipbetweenthedatacontentandthedatastorageaddressistherefinementoftheinformation,anditslengthisusuallymuchsmallerthanthatoftheinformation,anditisafixedlength.Astrongencryptionhashmustbeirreversible,whichmeansthatnopartoftheoriginalinformationcanbederivedfromthehashresult.Anychangeintheinputinformation,evenifitisonlyonebit,willcauseasignificantchangeinthehashresult,whichiscalledtheavalancheeffect.Hashingshouldalsobeanti-collision,thatis,twopiecesofinformationwiththesamehashresultcannotbefound.Thehashresultwiththesecharacteristicscanbeusedtoverifywhethertheinformationhasbeenmodified.

One-wayhashfunctionisgenerallyusedtogeneratemessagedigests,keyencryption,etc.Thecommononesare:

MD5(MessageDigestAlgorithm5):ItisdevelopedbyRSADataSecurityCorporationAone-wayhashalgorithm.

SHA(SecureHashAlgorithm):Itcangeneratea160-bitvaluefordataofanylength;

In1993,theSecureHashAlgorithm(SHA)wasadoptedbytheAmericanNationalStandardItwasproposedbytheInstituteofTechnologyandTechnology(NIST)andpublishedastheFederalInformationProcessingStandard(FIPSPUB180);in1995,arevisedversionofFIPSPUB180-1wasreleased,usuallycalledSHA-1.SHA-1isbasedontheMD4algorithm,anditsdesignlargelyimitatesMD4.Itisnowrecognizedasoneofthesafesthashingalgorithmsandiswidelyused.

PrincipleSHA-1isadataencryptionalgorithm.Theideaof​​thealgorithmistoreceiveapieceofplaintextandthenconvertitintoapieceof(usuallysmaller)ciphertextinanirreversibleway.ItcanalsobesimpleTheunderstandingofistheprocessoftakingastringofinputcodes(calledpre-mappingorinformation)andconvertingthemintoashort-length,fixed-digitoutputsequencethatisahashvalue(alsoknownasinformationdigestorinformationauthenticationcode).

Thesecurityoftheone-wayhashfunctionliesinitsstrongone-wayoperationintheprocessofgeneratingthehashvalue.Ifthepasswordisembeddedintheinputsequence,noonecangeneratethecorrecthashvaluewithoutknowingthepassword,thusensuringitssecurity.SHAdividestheinputstreamintoblocksof512bits(64bytes)perblock,andproduces20bytesofoutputcalledthemessageauthenticationcodeormessagedigest.

Themaximumlengthoftheinputmessageofthealgorithmdoesnotexceed264bits,andtheoutputproducedisa160-bitmessagedigest.Inputisprocessedin512-bitgroups.SHA-1isirreversible,anti-collision,andhasagoodavalancheeffect.

Thedigitalsignaturecanberealizedthroughthehashalgorithm.Theprincipleofdigitalsignatureistoconverttheplaintexttobetransmittedintoamessagedigestthroughafunctionoperation(Hash)(differentplaintextcorrespondstodifferentmessagedigests),Themessagedigestisencryptedandsenttotherecipienttogetherwiththeplaintext.Therecipientwillgenerateanewmessagedigestofthereceivedplaintextandcompareitwiththesender'ssentmessagedigest.Thecomparisonresultisconsistent,indicatingthattheplaintexthasnotbeenchanged.Ifitisinconsistent,itmeansTheplaintexthasbeentamperedwith.

MAC(InformationAuthenticationCode)isahashresult.Partoftheinputinformationisapassword.OnlyparticipantswhoknowthispasswordcanrecalculateandverifythevalidityoftheMACcode.ThegenerationofMACisshowninthefigurebelow.

Enterinformation

Password

Hashfunction

Informationauthenticationcode

ComparisonbetweenSHA-1andMD5becausebotharederivedfromMD4,andSHA-1andMD5areverydifferentfromeachother.resemblance.Correspondingly,theirstrengthandothercharacteristicsaresimilar,buttherearealsothefollowingdifferences:

Securityagainstforcedsupply:ThemostsignificantandimportantdifferenceisthattheSHA-1abstractislongerthantheMD5abstract32bits.Usingforcetechnology,thedifficultyofgeneratinganymessagesothatitsdigestisequaltoagivendigestisa2-orderoperationforMD5,anda2-orderoperationforSHA-1.Inthisway,SHA-1hasgreaterstrengthagainstforcedattacks.

Securityofcryptanalysis:DuetothedesignofMD5,itisvulnerabletocryptanalysisattacks,andSHA-1isnotvulnerabletosuchattacks.

Speed:Onthesamehardware,SHA-1runsslowerthanMD5.

Comparisonofthetwo

Comparisonofsymmetricandasymmetricalgorithms

Theprinciplesofthetwoencryptionmethodsaresummarizedabove.Generallyspeaking,therearemainlythefollowingaspectsDifferent:

1.Intermsofmanagement:thepublickeycryptographicalgorithmonlyneedslessresourcestoachieveitspurpose.Inthedistributionofkeys,thereisanexponentialleveldifferencebetweenthetwo(oneisnoneIsn).Therefore,theprivatekeycryptographicalgorithmisnotsuitablefortheuseofWAN,andmoreimportantly,itdoesnotsupportdigitalsignatures.

2.Intermsofsecurity:Sincethepublickeycryptographicalgorithmisbasedonanunsolvedmathematicalproblem,itisalmostimpossibletocrack.Fortheprivatekeycryptographicalgorithm,althoughitisimpossibletocracktheoreticallybyAES,fromtheperspectiveofcomputerdevelopment.Thepublickeyismoreadvantageous.

3.Fromthepointofviewofspeed:ThesoftwareimplementationspeedofAEShasreachedseveralmegabitsortensofmegabitspersecond.Itis100timesthepublickey.Ifimplementedbyhardware,thisratiowillbeexpandedto1000times.

ThechoiceofencryptionalgorithmThepreviouschaptershaveintroducedsymmetricdecryptionalgorithmsandasymmetricencryptionalgorithms.Manypeoplearewondering:Sowhichoneshouldweuseinactualuseisbetter?

Weshoulddetermineaccordingtoourowncharacteristics.Sincetherunningspeedofasymmetricencryptionalgorithmismuchslowerthanthatofsymmetricencryptionalgorithm,whenweneedtoencryptalargeamountofdata,itisrecommendedtousesymmetricencryptionalgorithmtoimproveEncryptionanddecryptionspeed.

Symmetricencryptionalgorithmcannotrealizesignature,sosignaturecanonlybeasymmetricalgorithm.

Asthekeymanagementofthesymmetricencryptionalgorithmisacomplexprocess,themanagementofthekeydirectlydeterminesitssecurity,sowhentheamountofdataissmall,wecanconsiderusinganasymmetricencryptionalgorithm.

Intheactualoperationprocess,weusuallyadoptthemethod:useanasymmetricencryptionalgorithmtomanagethekeyofthesymmetricalgorithm,andthenusethesymmetricencryptionalgorithmtoencryptthedata,sothatwehaveintegratedtwotypesofencryptionalgorithmsTheadvantageofnotonlyrealizestheadvantagesoffastencryptionspeed,butalsorealizestheadvantagesofsafeandconvenientkeymanagement.

Iftheencryptionalgorithmisselected,howmanybitsofkeyshouldbeused?Generallyspeaking,thelongerthekey,theslowertherunningspeed.Itshouldbeselectedaccordingtothesecuritylevelweactuallyneed.Generallyspeaking,1024-bitnumbersarerecommendedforRSA,160-bitsforECC,and128-bitsforAES.That'sit.

Themodernapplicationofcryptography,withthepopularizationofcommercialapplicationsofcryptography,publickeycryptographyhasreceivedunprecedentedattention.Inadditiontotraditionalcryptographicapplicationsystems,thePKIsystemisbasedonpublickeycryptography,providingfunctionssuchasencryption,signature,authentication,keymanagement,anddistribution.

Confidentialcommunication:Confidentialcommunicationisthecauseofcryptography.Whenusingpublicandprivatekeycryptographyforconfidentialcommunication,therecipientoftheinformationcandecrypttheinformationonlyifheknowsthecorrespondingkey.

Digitalsignature:Digitalsignaturetechnologycanreplacetraditionalhandwrittensignatures,andfromasecurityperspective,digitalsignatureshaveagoodanti-counterfeitingfunction.Ithasawiderangeofapplicationenvironmentsingovernmentagencies,militaryfields,andcommercialfields.

Secretsharing:Secretsharingtechnologyreferstotheuseofcryptographictechniquestosplitasecretinformationintonpiecesofinformationcalledsharingfactors,anddistributethemtonmembers,onlyk(k≤n)legalmembersThesecretinformationcanberecoveredbythesharingfactorof,andanyoneorm(m≤k)memberscooperateswithoutknowingthesecretinformation.Theuseofsecretsharingtechnologycancontrolanysecretinformation,commands,etc.thatneedtobecontrolledbymultiplepeople.

Authenticationfunction:transmitsensitiveinformationonopenchannels,usesignaturetechnologytoverifytheauthenticityandintegrityofthemessage,andverifytheidentityofthecommunicationsubjectbyverifyingthepublickeycertificate.

Keymanagement:Thekeyisamorefragileandimportantlinkinthesecuritysystem.Thepublickeycryptosystemisapowerfultooltosolvethekeymanagementwork;thepublickeycryptosystemisusedforkeynegotiationandgeneration,Thetwopartiesinconfidentialcommunicationdonotneedtosharesecretinformationinadvance;publickeycryptosystemsareusedforkeydistribution,protection,keyescrow,andkeyrecovery.

Basedonthepublickeycryptosystem,inadditiontotheabovegeneralfunctions,thefollowingsystemscanalsobedesignedandimplemented:securee-commercesystem,electroniccashsystem,electronicelectionsystem,electronicbiddingsystem,electroniclotterysystem,etc.

Theemergenceofthepublickeycryptosystemisthebasisforthedevelopmentofcryptographyfromthetraditionalgovernment,militaryandotherapplicationfieldstocommercialandcivilianuse.Atthesametime,thedevelopmentoftheInternetande-commercehasopenedupabroaderfieldforthedevelopmentofcryptography.prospect.

ThefutureofencryptionalgorithmsWiththeimprovementofcalculationmethods,theaccelerationofcomputeroperationspeed,andthedevelopmentofnetworks,moreandmorealgorithmshavebeencracked.

Atthe2004InternationalConferenceonCryptography(Crypto'2004),ProfessorWangXiaoyunfromShandongUniversity,China,madeareportondecipheringMD5,HAVAL-128,MD4andRIPEMDalgorithms,whichmadethepresentinternationaltoppasswordsAcademicexpertsareshocked,whichmeansthatthesealgorithmswillbeeliminatedfromtheapplication.Subsequently,SHA-1wasalsodeclaredtohavebeencracked.

TherearethreeattackexperimentsthathaveanimpactonDESinhistory.In1997,using70,000computersfromvariouscountriesatthattime,ittook96daystocracktheDESkey.In1998,theElectronicFrontierFoundation(EFF)usedaspecialcomputerbuiltfor$250,000tocracktheDESkeyin56hours.In1999,EFFcompletedthecrackingworkin22hoursand15minutes.therefore.DES,whichoncemadeoutstandingcontributions,cannolongermeetourgrowingneeds.

Recently,agroupofresearcherssuccessfullydecomposeda512-bitintegerandannouncedtheRSAcracking.

Wesaythatdatasecurityisrelative.Itcanbesaidthatitissafeforacertainperiodoftimeandundercertainconditions.Withthedevelopmentofhardwareandnetwork,ortheemergenceofanotherWangXiaoyun,thecurrentcommonlyusedencryptionalgorithmsareItmaybecrackedinashorttime.Atthattime,wehavetouselongerkeysormoreadvancedalgorithmstoensuredatasecurity.Therefore,encryptionalgorithmsstillneedtobecontinuouslydevelopedandimprovedtoprovidehigherencryptionsecuritystrengthandcalculatingspeed.

Overviewofthesetwoalgorithms,oneisfromDESto3DEStoAES,andtheotherisfromRSAtoECC.Itsdevelopmentangleisallconsideringthesimplicityofthekey,thelowcost,theeaseofmanagement,thecomplexityofthealgorithm,thesecurityofconfidentiality,andthespeedofcalculation.Therefore,thedevelopmentofalgorithmsinthefuturemustbebasedontheseperspectives,andthesetwoalgorithmsareoftencombinedinactualoperations,andanewalgorithmthatcombinestheadvantagesofthetwoalgorithmswillappearinthefuture.Atthattime,therealizationofe-commercewillsurelybefasterandsafer.

Related Articles
TOP