ArticleDirectory
- 27.1 Password Technology
- 27.2 virtual private network and Virtual Private Network
- 27.3 wireless security network WLAN
27.1 cryptographic technology 27.1.1 terms: plaintext, ciphertext, key, Algorithm
Encrypted c = E (m)
Decrypt M = D (c)
Then M = D (E (m ))
Encryption and decryption with keys indicates M = d {k} (E {k} (m ))
27.1.2 symmetric and asymmetric encryption
1. Symmetric Key Algorithm
If equation M = d {K1} (E {K1} (M) is true, that is, encryption and decryption both use the same key, the algorithm is "symmetric ".
Common symmetric key algorithms: sdbi, idea, RC4, Des, 3DES
1. Advantages and Disadvantages of Symmetric Key Algorithms
Advantages:
Fast encryption/Decryption speed;
Simple key management;
Suitable for one-to-one Information Encryption Transmission.
Disadvantages:
The encryption algorithm is simple, the key length is limited (56bit/128bit), and the encryption strength is not high;
Key Distribution is difficult, and it is not suitable for one-to-many encrypted information transmission.
2. Asymmetric Key Algorithm
If the equation M = d {d-priv} (E {d-Pub} (M) is true, the algorithm is "asymmetric ".
Common asymmetric key algorithms: RSA and ECC
3. Advantages and Disadvantages of Asymmetric Key Algorithms
Advantages
The encryption algorithm is complex, the key length is arbitrary, and the encryption strength is high;
Suitable for one-to-many encrypted information exchange.
Disadvantages
Slow encryption/Decryption speed;
Complex key management;
Ciphertext attacks are fragile and do not apply to encrypted data transmission.
27.1.3 Hash Algorithm
Common hash algorithms: SDH, Sha, and MD5
27.1.4 information digest algorithm and digital fingerprint
The abstract can be seen as a "digital fingerprint" of a long file ".
27.1.5 digital signature and Verification
27.1.6 digital timestamp technology
The digital timestamp technology is a variant of the digital signature technology.
Data transmission (DTS) is one of the security services for online e-commerce.
27.1.7 transmit symmetric keys using asymmetric keys 27.1.8 National password and security product management
Password levels include commercial passwords, common passwords, top secret passwords, and military passwords.
27.2 virtual private network and virtual private network 1. Basic concepts of VPN and VLAN
VPN and VLAN are temporary and secure connections on a shared network (generally Internet.
2. Differences between IPSec VPN and MPLS VPN
IPSec is an open-source framework defined by the IETF IPSec Working Group.
Rfc2547 defines a mechanism of MPLS (Multi-Protocol Label Switching) that allows service providers to use their IP backbone networks to provide VPN services to users ).
27.3 wlan27.3.1 WLAN features
Security, QoS support, and scalability
27.3.2 WLAN Security Mechanism
1. WEP
The connection peer-to-peer protocol WEP is the first security mechanism provided by the 802.1 standard to establish a wireless network security environment.
WEP uses the RC4 dense stream, which is generated by the combination of the unique or data/icv and the 24 is IV. The key length is 40 bits.
2. WEP2
The IV Space of WEP2 is 128 bits and supports cerberusv.
1. WPA
Wi-Fi Alliance announcement
Content: one is to replace WEP with a better TKIP encryption system, and the other is a user Identity Authentication System Based on 802.1x standards.
4. China Standard WAPI