Encryption/decryption/signature/certificate-Principle Introduction

Introduction

In some of the more important scenarios, passing data over the network requires encryption to ensure security. This article will briefly describe some of the concepts of encryption and decryption, as well as related digital signatures, certificates.

Encryption and decryption

When it comes to encryption, perhaps everyone is familiar with MD5. MD5 is actually just a hashing operation, or can be called unidirectional encryption, which means that plaintext (the original data) cannot be deduced based on ciphertext (encrypted data). What we want to explain below is that we can decrypt and restore the data after the encryption. For the object to be encrypted, some people are called the message, some people call it data, some people call it information, in order to avoid confusion, in the later part of this article, I unify it as a message . So what is encryption? Encryption is the ability to encode messages to create a secure way to communicate, so that only you and the recipients you expect will understand.

So how can we call IT security? Messages are securely passed on both the receiver and the sender, typically to meet the following three points:

1. The sender of the message is able to determine that the message is only intended to be decrypted by the receiving party (there is no guarantee that third parties cannot obtain it, but that third parties cannot decrypt it).
2. The receiver of the message can determine who sent the message (the recipient of the message can determine the sender of the message).
3. The receiver of the message can determine that the message has not been tampered with (the integrity of the message must be acknowledged).

Encryption is usually divided into two ways: symmetric and asymmetric, and then we'll look at symmetric cryptography.

Symmetric encryption

The idea of symmetric encryption is very simple, which is to have something called a key that encrypts the message before it is sent and decrypts it with the same key after the message is received. According to the key to generate the encrypted message (ciphertext) of this process, by the encryption algorithm to complete , encryption algorithm is usually public. Its flow is as follows:

1. The sender encrypts the message using a key.
2. The receiving party decrypts the message using the same key.

You can use the following diagram to represent:

There are two problems with symmetric cryptography:

1. Although a key can be used to ensure that messages are delivered securely, how do you ensure that the keys are securely delivered? Because the sender and receiver always have an initial communication to pass the key, how is security guaranteed at this time?
2. The recipient can decrypt the message based on the key, but because of the problem above, the message is likely to be sent by a third party (illegally acquiring the key) and the receiver cannot discern it.

In order to solve the above two problems, we need to introduce asymmetric encryption.

Asymmetric encryption

Both the receiver and the sender of the asymmetric encryption hold two keys, one is public, called the public key , and one is self-safekeeping, called the private key . An asymmetric encryption rule is a message that is encrypted by the public key of a person, and can only be decrypted by the private key of A; The message encrypted by A's private key can only be decrypted by the public key of a. at this point we can draw the receiver, the sender has two public key two private key four keys, we first look at two simple ways, both of which are only using two keys.

The first mode uses only the receiver's public and private keys, known as encryption mode.

Encryption mode

In cryptographic mode, the recipient of the message publishes the public key and holds the private key. For example, the sender wants to send the message "Hello,jimmy" to the receiver, and its steps are:

1. The sender uses the recipient's public key to encrypt the message and then sends it.
2. The receiver decrypts the message with its own private key.

You can use the following image to describe:

In this mode, if a third party intercepts a message from the sender because he doesn't have the recipient's private key, the message doesn't make sense to him. It can be seen that it meets the key point of the message security delivery at the beginning of this article: the sender of the message is able to determine that the message is only intended to be decrypted by the receiving party (it is not guaranteed that third parties cannot obtain it, but that third parties cannot decrypt it).

In addition, because the receiver's public key is public, anyone can use the public key to encrypt the message and go to the receiver, and the receiver cannot discriminate the message and know who sent it. So, it doesn't meet the message we're starting to put forward. Two: The receiver of the message can determine who sent the message (the recipient of the message can determine the sender of the message).

This problem can be solved in the authentication mode below.

Authentication Mode

In authentication mode, the sender of the message publishes the public key and holds the private key. For example, the sender wants to send the message "Welcome to Tracefact.net" to the receiver, and its steps are:

1. The sender encrypts the message with his private key and sends it.
2. The receiver decrypts the message using the sender's public key.

You can use the following diagram to express:

In this mode, if the sender is called Ken, the receiver is called Matthew, because Matthew can only use Ken's public key to decrypt the message, and cannot use Molly, Sandy, or any other person's public key to decrypt the message. So he must be able to make sure that the message was sent by Ken. Therefore, this pattern satisfies the key point two of the message security passed forward.

At the same time, because Ken's public key is public, any third party that intercepts the message can use Ken's public key to decrypt the message, in other words, The message is now unsafe. Therefore, in contrast to the encryption mode, it does not meet the key point of the message security pass that was presented earlier.

Regardless of whether the encryption mode or authentication mode, does not solve the encryption and decryption of the key three: the receiver must be able to confirm that the message has not been changed. To solve this problem, a digital signature is introduced.

Basic implementation of digital signature

Digital signature is actually the above asymmetric encryption authentication mode, but did a little bit of improvement, added hash algorithm. We are more familiar with the hashing algorithm may be MD5, many open-source forums have adopted this algorithm. Hashing algorithm has three characteristics: one is irreversible, from the results can not be deduced from the original data; the second is that the original data, even if the little change, will make the hash value changes greatly; third, no matter how large or how little data, there is always a fixed-length hash value (common 32-bit 64-bit). The resulting hash value is often referred to as a digest of the Message (Digest).

So how to ensure the integrity of the data by introducing a hash function? That is, the receiver is able to confirm that the message was actually sent by the sender, and that it was not modified halfway. The specific process is as follows:

1. The sender makes a hash operation of the message that it wants to pass and gets the message digest.
2. The sender encrypts the digest with its own private key and sends the message and the encrypted digest to the receiver.
3. The receiver uses the sender's public key to decrypt the message and message digest (confirming the sender).
4. The receiving party hashes the received message and gets a message digest.
5. The receiver compares the message digest obtained in the previous step with the message digest sent by the sender. If the same, the message has not been changed, and if different, the message has been tampered with.

This process can be expressed in the following diagram:

As we can see, the digital signature strengthens the authentication mode of asymmetric encryption by introducing hashing algorithm, which ensures the integrity of the message. In addition, notice that the asymmetric encryption algorithm above only encrypts the message digest and does not encrypt the message itself . Asymmetric encryption is a very time-consuming operation that can significantly increase the execution speed of a program because it encrypts only the message digest, resulting in a significant reduction in computational computation. At the same time, it still does not ensure that the message is not intercepted by a third party, not only that, because the message is delivered in clear text, the third party does not even need the sender's public key, you can view the message directly.

In order to solve this problem, it is only necessary to combine the authentication mode, encryption mode and message digest of Asymmetric encryption, which is the advanced mode below.

Advanced implementations

Since this process is slightly more complex than the above, we divide it into two parts: sender and receiver. First look at the steps the sender needs to perform:

1. The message is hashed to get a message digest.
2. Encrypt the message digest with your own private key (authentication mode: Ensures that the receiver can confirm itself).
3. The message is encrypted using the receiver's public key (encryption mode: ensures that the message can only be decrypted by the intended recipient).
4. Sends a message and a message digest.

Now let's take a look at the steps the receiver takes:

1. The message digest is decrypted with the sender's public key (confirming who sent the message).
2. Use your own private key to decrypt the message (securely obtaining the information that is actually available).
3. Hashes the message to get a message digest.
4. Compares the message digest obtained in the previous step with the message digest that was decrypted in the first step (confirming that the message was tampered with).

As can be seen in this way, the receiver, the sender of all the four keys, and the use of the message digest, so that all three of the previously proposed security pass all the conditions are satisfied. So is this the best way to do it? No, because we've already said that asymmetric encryption is a time-consuming operation, so this scheme is inefficient. In fact, we can solve the problem of the key transmission in symmetric encryption, if you have forgotten can turn to the front to see, that is, we can use the high-level implementation of this method to the symmetric encryption of the key transfer, for the actual data passing, the use of symmetric encryption to complete, Because it's safe now.

Certificate mechanism

A concept related to digital signatures is the certificate mechanism, what is the certificate used to do? In the various modes above, we have always used the assumption that the recipient or sender's public key is always correct (it is actually the other party's announcement). In fact, unless the other hand hands the public key to us, if not to take action, the two sides in the network to pass the public key, the same can be tampered with. So how do we solve this problem? A certificate mechanism is required: it is possible to introduce an impartial third party, when a party wants to publish the public key, it submits its own identity and public key to the third party, the third party confirms its identity and, if there is no problem, packages its information and public key into Certificate (Certificate). And this impartial third party, is often said the certification authority (Certificate Authority). When we need to get the public key, we just need to get its certificate and extract the public key from it.

Encryption/decryption/signature/certificate-Principle Introduction