Алгоритам сажетка поруке

Увод

Themessagedigestalgorithmdoesnothavetheproblemofkeymanagementanddistribution,anditissuitableforuseondistributednetworks.Duetotheconsiderableworkloadofitsencryptioncalculation,thispreviousalgorithmisusuallyonlyusedforencryptionwhentheamountofdataislimited.Forexample,thepasswordofacomputerisencryptedwithanirreversibleencryptionalgorithm.Inrecentyears,withtherapidimprovementofcomputerperformance,encryptionspeedisnolongerashacklethatrestrictsthedevelopmentofthisencryptiontechnology,sotheapplicationfieldsofmessagedigestalgorithmscontinuetoincrease.

Themessagedigestalgorithmismainlyusedinthefieldof"digitalsignature"asadigestalgorithmforplaintext.Well-knowndigestalgorithmsincludeRSA'sMD5algorithmandSHA-1algorithmandalargenumberofvariants.

Карактеристике

Карактеристике дигесталгоритма порука:

Messagedigestisanalgorithmthatcombinesinputsofanylengthtoproduceapseudo-randomoutputwithafixedlength.Themainfeaturesofthemessagedigestare:

①Nomatterhowlongtheinputmessageis,thelengthofthecalculatedmessagedigestisalwaysfixed.Forexample,amessagedigestedbytheMD5algorithmhas128bits,andamessagedigestedbytheSHA-1algorithmwilleventuallyhavea160-bitoutput.TheSHA-1variantcangenerate192-bitand256-bitmessagedigests.Itisgenerallybelievedthatthelongerthefinaloutputofthedigest,themoresecurethedigestalgorithm.

②Themessagesummarylooks"random".Thesebitsseemtoberandomlyjumbledtogether.Alargenumberofinputscanbeusedtocheckwhethertheoutputisthesame.Generally,differentinputswillhavedifferentoutputs,andtheoutputsummarymessagecanpasstherandomnesstest.However,adigestisnottrulyrandom,becausetwodigestsforthesamemessagewiththesamealgorithmmusthavethesameresult;ifitistrulyrandom,itcannotbereproducedanyway.Thereforethemessagedigestis"pseudo-random".

③Generally,aslongastheinputmessagesaredifferent,thedigestmessagesgeneratedafterdigestingthemmustalsobedifferent;butthesameinputmustproducethesameoutput.Thisisthenatureofagoodmessagedigestalgorithm:whentheinputchanges,theoutputalsochanges;thedigestsoftwosimilarmessagesareindeednotsimilarorevenquitedifferent.

④Themessagedigestfunctionisaone-wayfunctionwithouttrapdoors,thatis,itcanonlycarryoutaforwardinformationdigest,andcannotrecoveranymessagesfromthedigest,andevennooriginalinformationcanbefoundatall.Informationrelatedinformation.Ofcourse,youcanuseabruteforceattackmethod,thatis,tryeverypossibleinformation,calculateitssummary,andseeifitisthesameastheexistingsummary.Ifyoudothis,youwilldefinitelyrecoverthesummarymessageintheend.Butinfact,theinformationtobeobtainedmaybeoneofinfinitemessages,sothiskindofbruteforceattackisalmostineffective.

⑤Withagoodabstractalgorithm,noonecanfind"collision",although"collision"definitelyexists.Thatis,foragivenabstract,itisimpossibletofindapieceofinformationsothattheabstractisexactlygiven.Inotherwords,twomessagescannotbefoundsothattheirdigestsarethesame.

Апликација

Generally,thedigestofamessageiscalledthefingerprintordigitalsignatureofthemessage.Digitalsignatureisamethodtoensuretheintegrityandnon-repudiationofinformation.Dataintegritymeansthatthemessagereceivedbythesinkmustbetheinformationsentbythesourcewithoutanychangesinthemiddle;thenon-repudiationofinformationmeansthatthesourcecannotdenytheinformationthathasbeensent.Infact,digitalsignaturescanalsorealizetheidentification(authentication)ofthesource,thatis,todeterminewhetherthe"source"istheintendedcommunicationpartnerofthesink.Thedigitalsignatureshouldhaveuniqueness,thatis,thesignaturesofdifferentmessagesarenotthesame;itshouldalsohaveunforgeability,thatis,itisimpossibletofindanothermessagetomakeitThesignatureisthesameasthesignatureofanexistingmessage;itshouldalsohaveirreversibility,thatis,itisimpossibletorestoreanyinformationofthesignedmessagebasedonthesignature.Thesecharacteristicsarepreciselythecharacteristicsofthemessagedigestalgorithm,sothemessagedigestalgorithmissuitableasadigitalsignaturealgorithm.

Дигитални потпис

Digitalsignatureschemeisamethodofstoringmessagesignaturesinelectronicform.Acompletedigitalsignatureschemeshouldconsistoftwoparts:signaturealgorithmandverificationalgorithm.Generallyspeaking,anypublickeycryptosystemcanbeusedaloneasadigitalsignaturescheme.Forexample,whenRSAisusedasadigitalsignaturescheme,itcanbedefinedasfollows:

Thistypeofsignatureactuallyusestheprivatekeyofthesourcetoencryptthemessage,andtheencryptedmessagebecomesthesignature;andthecorrespondingpublickeyisusedtoencryptthemessage.Thekeyisusedforverification.Ifthedecryptedmessagewiththepublickeyisthesameastheoriginalmessage,themessageiscomplete,otherwisethemessageisincomplete.Itisjusttheoppositeprocessofusingpublickeycryptographyformessageconfidentiality.Becauseonlythesourcehasitsownprivatekey,otherscannotre-encryptthesourcemessage,soevenifsomeoneinterceptsandchangesthesourcemessage,thesignaturecannotberegenerated,becauseonlytheprivatekeyofthesourcecanformthecorrectsignature.Similarly,aslongasthesinkverifieswhetherthemessagedecryptedwiththesource’spublickeyisthesameastheplaintextmessage,itcanknowwhetherthemessagehasbeenaltered,anditcanverifywhetherthemessageisindeedfromtheintendedsource,anditcanalsomakethesourceunabletodenyit.Themessagetobesent.Sothiscancompletethefunctionofdigitalsignature

Butthisschemeistoosimple,itcanonlyguaranteetheintegrityofthemessage,butcannotensuretheconfidentialityofthemessage.Moreover,thisschemeneedstoencryptallmessages.Whenthelengthofthemessageisrelativelylarge,theefficiencyisverylow.Themainreasonistheinefficiencyoftheencryptionanddecryptionprocessofthepublickeysystem.Therefore,thisschemeisgenerallynotadvisable.

Дигесталгоритам

Almostalldigitalsignatureschemesmustbeusedtogetherwithafastandefficientdigestalgorithm(Hashfunction).Whenthepublickeyalgorithmisusedincombinationwiththedigestalgorithm,itwillItconstitutesaneffectivedigitalsignaturescheme.

Thisprocessis:firstdigestthemessagewithadigestalgorithm,andthenencryptthedigestvaluewiththeprivatekeyofthesource;thereceiverfirstdigeststhereceivedplaintextwiththesamedigestalgorithmtoforma"standard"Signature",thencomparethequasi-signaturewiththe"signature"decryptedwiththepublickeyofthesource.Iftheyarethesame,themessageisconsideredcomplete,otherwisethemessageisincomplete.

Thismethodmakespublickeyencryptiononlyoperateonthemessagedigest,becausethedigestmessagelengthofadigestalgorithmisfixed,andtheyareallrelatively"short"(relativetothemessage),whichfitsRequirementsforpublickeyencryption.Thisefficiencyhasbeenimproved,anditssecurityhasnotbeenweakenedbytheuseofdigestalgorithms.

Related Articles
TOP