Computer Security (2)

Copyright statement: Merge previous blog articles. Original works are not reprinted! Otherwise, legal liability will be held.

1. Hash Function Definition:

Variable-length input is converted to fixed-length output. If the 10g/m data is converted by the function, a fixed-length data is generated.

2. Hash features

Variability: even if the original information changes by 1 bit, the hash output will have unpredictable huge changes. It is usually used to ensure the integrity of transmitted data.

Irreversible: It is impossible or difficult to construct satisfying input information through hash results.

3. digital fingerprints:

The fingerprints of twins are different. The twins cannot be obtained through fingerprints (irreversible)

4. Application scenarios:

Common hash applications: MD5 (128bit) and sha1 (160bit)

The converted MD5 length is 128 bits and The sha1 length is 160 bits.

Ensures data integrity based on the variable-ability feature and verifiable peer

5. Electronic Signature:

Features: Undeniable

6. Two Sides of public key cryptography:

Asymmetric encryption: For application scenarios that require secure transmission, any client a that requires transmission can use the one provided by someone.

Encryption of the public key. When transmitted to end B, only one key can be decrypted.

Electronic Signature: when someone uses their own private key for encryption and discloses the public key. Other terminals can be decrypted,

Obtain the original text and confirm that the file is only owned by someone.

The above describes common methods for ensuring data integrity in computer data transmission. For example, our browser has integrated

Such a function.

7. Digital Certificate

Digital Certificates are a computer-based identity recognition mechanism. The digital certificate is not a digital ID card, but a stamp or stamp on the digital ID card. This line indicates that the identity authentication authority has recognized this holder. A digital certificate is generally produced and issued by a digital certificate certification center. It may be issued by a CA to a user or applied by the user.

The Public Key is stored in the digital certificate as a field. Use a signature to protect the digital certificate itself. The signature is equivalent to the identity authentication of the certificate.

8. Certificate Chain

Differences between certificate signatures: Root Certificate self-signed, non-root certificate parent signature.

Certificate constraints: Subject type = End Entity/CA determines whether a non-root certificate is an end entity certificate. If yes, the certificate is invalid.

Determine the validity period of the certificate