Cryptography and Identity Authentication Technology-principles and practical applications of PKI & lt; 1 & gt;

Encryption and decryption authentication 1. symmetric encryption single-key encryption: advantages: 1. faster than asymmetric key encryption 2. A large number of digits is hard to crack. Disadvantages: 1. A security mechanism is required to distribute keys. 2. difficult to manage keys 3. symmetric encryption provides confidentiality, but does not provide authentication and anti-denial. Algorithm: DES, IDEA, RC2, RC4, RC5, AES, SKIPJACK 2. asymmetric encryption: Private key | public key Note: key pairs are used when asymmetric key algorithms are used. Public key encryption and Private Key decryption. The protection of confidentiality. Digital Signature: identity authentication function: 1.A uses the private key of A to encrypt information. 2. A transmits the encrypted information to B. The confidentiality of information cannot be guaranteed. Advantages: 1. Better key distribution function; 2. More scalability. 3. Provides source authentication and anti-credit function. Disadvantages: 1. Slow speed. 2. complicated mathematical models. Algorithm: RSA, Ecc, Differ-Hellman, ELGamal, and DSA. 3. Flow password and group password: symmetric password algorithm: group password and flow password. Group password: applies to the plaintext Group of the ciphertext combination. Group first and then encrypt by group. Stream password: acts on the plaintext stream and ciphertext stream, and one bit is encrypted at a time. Mathematical functions act on every bit. More processing capabilities are required for hardware platforms. IV. initialize the vector value. Increase randomness. 4. hybrid encryption (widely used): 1. symmetric keys encrypt massive data. 2. Asymmetric keys (public keys) encrypt symmetric keys. 2. Use the private key to decrypt the symmetric key. 3. The public key decrypts the document information. Symmetric keys are obtained through algorithms. Differ-Hellman message integrity in number identification 1. Unidirectional hash function: without any function itself, it can convert a variable string or message into a fixed length value. Hash Algorithm --> data message --> message digest --> send --> hash algorithm --> message digest compares the sent message digest for validation. Note: simple hash functions are not secure. 2. About HMAC and CBC-MAC HMAC: hash with authentication code message. Message + symmetric key-hash algorithm-MAC value-message + symmetric key-hash algorithm-MAC value comparison sent MAC value. CBC-MAC: In CBC mode, data is encrypted using symmetric group passwords, and the output plaintext is MAC calculated. Note: Do not use the same key for completing group encryption and authentication. 3. hash algorithms: Message Digest algorithm 2 (MD2) 128-bit hash value message digest algorithm 4 (MD4) 128-bit hash value message digest algorithm 5 (MD5) compared with the MD5 complex HAVAL algorithm, the 128-bit hash algorithm generates a 160-bit hash value which is applied to SHA-I/Hash-256-sha-384/sha-512 sha-1: 160/256 256 3 in DSA. digital Signature: prevents data tampering or denial of service during transmission. A -- "data message --" hash a through hash -- "encrypt a's private key hash value a --" Get data message a -- "a's Public Key decryption hash value -- get the hash calculation result comparison of data message a on the local device. Note: digital signatures do not guarantee confidentiality. functions include integrity, source authentication, and anti-repudiation. Asymmetric keys are used but are not confidential. 4. Digital Signature Standard: The secure hash algorithm is used to ensure message integrity. digital signatures are used to digitize secure hashing. Algorithm: RSA and DSA can only be used for digital signature. 5. Iris, fingerprint, and face identification with various biometric identification technologies. Fingerprint assessment machine, notebook face recognition, and retina recognition technology.