Application Techniques and usage of system security encryption and decryption

In the age of information and network, computers are playing an increasingly important role in our work and life. More and more users use computers to obtain and process information, and store their most important information in the form of data files. Some people describe that the Internet is like the most free world. Here you can use your imagination to create a small world of your own, but if we lack the minimum security means in our network, where can we start with freedom? Therefore, encryption is widely recognized and adopted by the industry as an important means of network system security. What should I do if I forget my password? Of course, we can solve the problem by removing the information password. Therefore, it is very important for users to master network encryption and decryption technologies. I will introduce some network encryption and decryption methods to my friends, I hope this will help you.

1. Folder encryption for Windows systems

Everyone will have some privacy that is unwilling to be known, such as work plans and personal information. To protect these secrets, encryption software has become the first choice for many people. However, the popular encryption software on the Internet basically encrypts files or folders directly. Therefore, it takes a lot of time to process large files or many files, in addition, to use these files, you also need to decrypt them. After using these files, you need to re-encrypt them, which is very troublesome. Is there any tool that can be encrypted and used as easily as common files? Of course, you can use the built-in functions of Windows to meet your requirements.

1. file encryption

(1) In Windows 9X/Me/2000

Enter the folder to be encrypted, right-click the folder, and select "Custom folder" in the pop-up menu ". Next, click "Next" in the Wizard, select "Custom", select "select or edit Html template for this folder", and select "standard" in the template type ", select "Edit template" and click "Next". (In Win98, select "create or edit HTML document" in the Wizard ). A text file named "Folder" is opened. Find the <script language = "JavaScript"> Field in the file and enter the following content below it (the comment content is in the Chinese Double quotation marks and does not need to be entered ):

Var pass = prompt ("Please Enter the Password"); "Enter in brackets after the prompt command
Enter the prompt language after entering the folder, which can be Chinese. The semicolon can be omitted. This line must be a single line"
If (pass! = "123") "The password is 123 or another password"
{Window. location = "c:"} "if the password is incorrect, go to disk c, or set it to another partition, but it can only be the root directory"

After saving the file, exit the file settings to take effect. After the folder. htt file is created, you can directly find the folder. htt file in the folder after you need to change the settings next time. Then, open it in notepad and modify it. After saving the file, the setting will take effect. If it is in the WinMe operating system, there is no <script language = "JavaScript"> field. The field we are looking for is <script>. Put the above content after this field.

(2) In Windows XP

In Windows XP, the custom folder does not have the corresponding options to edit the template, and the folder. htt file in the folder is invalid. At this time, we can "save the country by curve": first create an encrypted folder in Windows2000 in the above way, and then copy the folder to Windows XP as a whole.

With the above method, we can encrypt the private folder. Although relatively simple, it can also play a certain role, especially for those who have no intention of spying on others' privacy.

2. File decryption:

Here we will introduce how to decrypt these folders, especially when you forget the password after encryption.

(1) cancel all passwords (applicable to Windows 98/Me systems)

Go to an unencrypted folder, click the "View" command on the menu bar, and cancel the "view by web page" option. Click "View" again, select "Folder Options", and select the "View" tab in the pop-up dialog box. Click "similar to the current folder" and click "OK" to cancel the encryption of all folders on the local machine.

(2) cleverly display the password

Method 1 cancels the encryption attribute of all encrypted folders, and cannot decrypt a single folder. It is not applicable to Win2000 and XP systems. In fact, there is a common method to crack this type of encrypted folder in 98 or 2000/XP systems. We can even enter the encrypted folder as we enter our own folder: assume that the encrypted folder is d: \ lj, enter d: \ lj \ folder settings \ folder in the address bar. htt, you can open the change settings file (folder. htt ). We only need to find several lines of encrypted code in the modified file, and the password will be displayed in front of us without reservation. Write down the password, and then open the encrypted folder so that we can easily access it!
2. Encrypt Your webpage

It is a very hard job to create a web page. When you see some people simply copy and paste their own content, you can even add your work to their own copyrights, how do you feel? In this way, let some people who get nothing and continue to steal the fruits of your work? Is there a way to stop them?

In fact, it is impossible to prevent such behavior to the full extent, but we can block such behavior to the maximum extent by setting many obstacles so that they can turn away. Here, I recommend an encryption method. JavaScript is a new Web description language developed by Sun and Netscape, this language can be embedded into HTML files, allowing you to design interactive web content. The simplest result of using javascript encryption is that the browser cannot right-click the browser, when you right-click an image to save or copy text, a warning window or favorites will pop up.

(1) Use the pop-up window to block the right mouse

Place the following code in the

<Script language = "javascript"> function click () {if
(Event. button = 2) {alert ('You are not allowed to right-click this site. Use the left button !) }}
Document. onmousedown = click </script>

(2) Right-click "add favorites"

Place the following code in the <Script language = "javascript">
Function click ()
{
If (event. button = 2)
{
Window. external. addFavorite ('HTTP: // www.yesky.com /)
}
}
Document. onmousedown = click
</Script>

3. Data Encryption

With the advent of the Internet era, floppy disks are far from meeting people's needs for storing large volumes of information. More and more people are choosing CDs to back up data, in this way, the precious data in the computer can be stored for a longer time. If we burn data on a CD using the traditional method, we can only back up some common data, but it is dangerous to back up some very important data, the information may be illegally obtained by others.

Here we will introduce a software named "disc encryption master", which is a disc encryption production tool. You can use this tool to visually modify the CD image file (ISO), especially hide the directories and files in the CD image file, convert common files into ultra-large files, and change normal directories into file directories. It allows you to modify ISO file systems in multiple formats and easily create your own personalized encrypted discs.

1. Hide image files

Compared with other encrypted disc software, the disc encryption master has a simple operation and is easy to use for the first time. It can also select directories and files to be encrypted at will, and the encrypted files can be directly run on the CD.

Because the disc encryption master does not directly support making files into ISO image files, it only supports encryption of ISO image files. Therefore, when you encrypt a CD, you must first create an image file for the CD before you can use the disc encryption master to modify and set the image file, to hide files or directories in an image file. At present, there are a lot of software for creating CD image files. I will not describe them here. Once the image file is created, you can open the main interface of the disc encryption master and execute the "file"/"Open File" command in the menu bar, you can also click the "open a CD image file" button in the toolbar. In the subsequent file selection dialog box, select the prepared CD image file, so that all the content in the image file is displayed, it is automatically displayed in the subwindow on the right of the main interface. Select the folder to be hidden, right-click it, and click "Hide selected directory" in the shortcut menu. This way, the folder icon of the specified directory becomes a hidden icon, once an image file is burned to a CD, you will not see the hidden folders or files.

2. Set the CD Password

We can also set a personalized password for the CD to deny unauthorized access by others. When setting a personalized password, you can first open the image file to be protected, and then follow the above method to hide some important files or folders, then, click the "file"/"CD password" command. In Figure 2, you can set the password.

The disc encryption master provides you with three types of passwords. If you select the date format, you must enter a valid date as the password for accessing the disc. After the disc starts, the computer date will be automatically verified in the background. Only when the date is correct can the content in the CD be accessed. If you select the password format, click "Next", enter the password twice in the pop-up interface, and then click "finish" to complete the disc encryption, in the future, you need to enter the password to access the disc. If you use a key as the password, the disc will automatically detect the keys on the keyboard once it is started. If it is correct, you will be able to access the disc.

In addition, to ensure absolute security of data on the CD, I suggest that you select the "prohibit copying the CD even if the password is correct" option. In this case, it can effectively prevent friends or people you trust from using your data as your own. After the password is verified, you can specify the permission to access the CD, for example, to open the CD browser directly to browse the entire CD, or to access only the specified directory on the CD. After completing the above settings, follow the on-screen prompts to gradually complete the following tasks. Finally, you will see the prompt page, which indicates that you have successfully encrypted the disc.

3. "face changing" files

In addition to the above method to directly encrypt the disc, we can also convert the files to be protected into ultra-large files, or convert important folders into files, this can also achieve the purpose of indirect encryption and hiding. When you need to change a file to an oversized file, you can right-click the file to be hidden and run the "change to oversized file" command in the context menu, in this way, the size of the specified file will be increased to 2 GB, so that the normal application cannot open the file, which naturally achieves the purpose of hiding the file. In addition, if you run the "Change directory to file" command, you can change the directory "face" to a file, so that visitors cannot access the content in the specified directory. To restore the access to a file or directory, Run "change to normal size" or "change file to directory ".

After setting, you can directly save or burn the encrypted image file, so that an encrypted disc can be completely completed. Of course, to ensure the encryption is successful, you 'd better before burning, use a professional virtual optical drive to test whether the password of the optical drive is set successfully. Is this method simple and practical!
Iv. Application of encryption technology in network commerce

Encryption technology is widely used in many aspects, but it is most widely used in e-commerce and VPN. The following is a brief description.

1. applications in e-commerce

E-business requires customers to perform various business activities online without worrying about theft of their credit cards. In the past, in order to prevent credit card numbers from being stolen, users generally ordered by phone and then paid by using their credit card. Nowadays, people are using RSA (a public/private key) encryption technology to improve the security of credit card transactions, making e-commerce more practical.

Many people know that NETSCAPE is a leading provider of Internet technology in the Internet business. It provides an Internet-based technology based on RSA and secret keys, known as the Secure Sockets Layer (Secure Sockets Layer, SSL ).

Many people may know that Socket is a programming interface and does not provide any security measures. SSL not only provides a programming interface, but also provides a safe service, SSL3.0 has been applied to servers and browsers, while SSL2.0 can only be applied to servers.

2. VPN applications

VPN. The full name is Virtual Private Network. The Chinese name is generally Virtual Private Network or Virtual Private Network. It refers to a Public Open Network (such as the Internet) as the basic transmission media. by encrypting and verifying network traffic, it protects private information transmitted on the public network from being stolen or tampered, this provides end users with Network service technologies similar to the performance of Private networks. VPN encryptor is a network security device based on VPN technology. It uses VPN technology to encrypt and decrypt data and ensure the security of data transmitted on the Internet.

Using VPN Encryptors, although data is still transmitted through the public network, due to the role of VPN Encryptors, a private tunnel is established between the headquarters and branches to form a virtual private network, all data is transmitted through the Virtual Private Network to protect the data from external attacks. In practical applications, VPN Encryptors can solve the following problems:

(1) Data Source Identity Authentication: confirms that the data packet is sent by the claimed sender.

(2) ensure data integrity: confirm that the content of the data packet has not been modified during transmission, whether it is intentionally modified or a random transmission error occurs.

(3) Data Confidentiality: hides plaintext messages.

(4) replay attack protection: the attacker cannot intercept data packets and issue data packets at a later time without being detected.

V. Application of EFS Technology

In Windows2000, Microsoft adopted an encrypted file system (EFS) based on public key encryption technology ). In Windows XP, the encrypted file system is further improved so that multiple users can access the encrypted file at the same time. However, while using EFS to encrypt files, it also creates a lot of trouble, such as reinstalling the system and failing to open EFS encrypted folders.

1. Backup and import keys for decryption

Click Start> Run. In the run dialog box, enter certmgr. msc open the Certificate Manager, open the "personal> Certificate" under "Certificate> current user", as long as you have performed encryption operations, in the right window, there will be a certificate with the same name as the user name (if there are multiple certificates, select "expected purpose" as "encrypted file system.

Right-click the certificate and choose "all tasks> export". In the "Certificate export wizard" that appears, select "export private key ", enter a password as required by the Wizard to protect the exported private key and store it as a file with the PFX suffix.

When the encrypted file account encounters a problem or needs to access or decrypt the previously encrypted file after the system is re-installed, right-click the backup certificate and select "Install PFX ", the "Certificate import wizard" is displayed. Enter the password used to protect the backup certificate when you export the certificate. Then, select "automatically select the certificate storage area" in the Wizard. After that, you can access the previously encrypted file.

2. Reliable EFS encryption

In the absence of backup, it is almost impossible to decrypt EFS. Although many methods are popular on the Internet, the feasibility is minimal. We recommend that you do not waste time. In Windows 2000/XP, each user has a Security Identifier (Security Identifier) to distinguish their identities. each user's SID is different and unique. When data is encrypted for the first time, the operating system generates the user's key based on the encrypted SID, and saves the public key and key separately for data encryption and decryption. If the current key is not backed up before the system is reinstalled, it means that no previous user key can be generated in any case. decryption of a file requires both the public key and the password, therefore, you cannot open folders encrypted by EFS.

EFS encryption is secure and reliable. Can I re-create an identical user once a user account is deleted, as mentioned at the beginning? The answer is no. Although the re-created user has the same name as the previous user, the system does not allocate the same SID (Remember, it is impossible to have the same SID! Unless it is a clone system), so the keys are different, and the encrypted file cannot be opened.

6. How to ensure mail security

1. encryption and decryption

The security of the email must first ensure that the email is not stolen or changed by irrelevant persons, and the recipient must be sure that the email is sent by a valid sender. You can use the public key system for this purpose. In actual use, a user holds a key, called a private key, and discloses the other key. This key is called a public key. When a user sends an email, he first uses a one-way decomposition function to get a fixed-length decomposition value from the email. The value is related to the content of the email, which is called the fingerprint of the email, then use your own key to encrypt the fingerprint. The recipient can use his/her public key to decrypt the email and then generate a new fingerprint for comparison. This ensures that the email is sent by him rather than a counterfeit email, and that the email is not changed during sending, this process is called digital signature and verification. He can also use the recipient's public key for encryption, which ensures that only the recipient with the corresponding key can decrypt to obtain the plaintext information of the email.

2. Digital Signature

Before you describe the digital signature, you must first explain what is "message digest ), simply put, it is to use some algorithm to calculate a number that can reflect the "essence" of an email. Once any change in the number of emails changes, then this number plus the author's name (in fact in the author's key) and date can be used as a signature. A digital signature is to encrypt the above "essence" with a private key, attach it to the email, and then encrypt the entire email with B's public key. After receiving the ciphertext, Party B decrypts the email with its private key to obtain the original text and signature of Party, the verification system of Party B also calculates an "excellent" from the original text, and uses the public key of Party A to decrypt the signature to obtain the number of comparisons, if yes, it indicates that the email was sent by. In fact, the digital signature method has a great application prospect in the commercial field, which can effectively prevent the sender from downloading and tampering with the email.