Application techniques and methods of encrypting and decrypting system security-network security

Source: Internet
Author: User
Tags change settings compact decrypt socket

Computers are playing an increasingly important role in our work and life since we entered the era of information and networking. More and more users use computers to get information, process information, and keep their most important information in the form of data files in the computer. Some people describe the network as the most free world, where you can give full play to your imagination, to create a completely your own small universe, but if our network lacks the minimum security means, freedom and how to talk about it? Therefore, as one of the important means of network system security, encryption is widely recognized and adopted by the industry. And what if you forget the password? Of course, we can solve the problem by releasing the information password method. So can not skillfully grasp the network encryption and decryption technology for the user's network security-but crucial, the following I give friends to introduce some network encryption, decryption methods, I hope that we can help.

I. Encrypting Windows system folders

Everyone will have some privacy, such as work plan, personal information and so on, in order to protect these secrets, encryption software has become the first choice for many people. However, the popular encryption software on the Internet is basically a file or folder directly encrypted processing, so in the case of large files or a lot of files need to spend more time, and when you want to use these files, but also need to decrypt it, after use, and then again encrypted, very troublesome. Is there a tool that can be encrypted and used as easily as a regular file? Of course, you can actually take advantage of Windows ' own features to meet this requirement.

1, file encryption

(1) in Windows 9x/me/2000

Go to the folder you want to encrypt, right-click, and choose Customize folder from the pop-up menu. Next, click Next in the wizard, select Customize and check the "Select or edit HTML template for this folder". Select Standard in the template type and select edit this template, click Next (slightly different in Win98, select Create or edit HTML document directly in the wizard). A text file named "folder" will open. Locate the <script language= "JavaScript" field in the file, and enter the following below it (Chinese double quotes are for comment content, no input is required):

var pass=prompt ("Please Enter the Password"); " Prompt in parentheses after the command
After entering the folder, the prompt language can be Chinese. semicolons can be omitted. This row must be on a separate line.
if (pass!= "123") "Password is 123, can also be set to another password"
{window.location= "C:"} "If the password is wrong, then enter the C disk, can also be set to another partition, but only for the root directory"


After saving, exiting the file settings will work. Folder.htt file after the creation, the next time you need to change the settings we can directly find the Folder.htt file in the folder, with Notepad open after the change, save settings can be effective. If the WinME operating system, there is no <script language= "JavaScript" field, we are looking for the field is <script>, put the above content in the field can be.

(2) in Windows XP

There is no option to edit the template in custom folders in Windows XP, and the Folder.htt file directly edited is also invalid. At this time we can "curve the Nation": first in the Windows2000 in the above way to create an encrypted folder, and then copy the folder as a whole to Windows XP can be.

Through the above methods, we can complete the encryption of the private folder. Although relatively simple, but also can play a role, especially for those who have no intention to peep into the privacy of others.

2, File decryption:

Here to tell you how to decrypt such a folder method, especially when you have forgotten the password after encryption, you can come in handy.

(1) Cancel all passwords (applicable to windows98/me system)

Go to an unencrypted folder, click the View command on the menu bar, and cancel the "View by Web page" option. Click "View" again, select "Folder Options", and select the "View" tab in the pop-up dialog box. Click "Similar to current folder" to make sure that all folders on this computer are encrypted.

(2) Clever display password

Using method One will remove the encryption properties for all encrypted folders, cannot decrypt individual folders, and does not apply to Win2000, XP systems. In fact, whether in 98 system or 2000/XP system, crack this type of encryption folder has a common method, we can even enter our own folder as access to the encrypted folder: If the encrypted folder is D:\LJ, then only need to enter the address bar d:\lj\ Folder Settings\folder.htt, you can open the Change settings file (Folder.htt). As long as we found in the file to encrypt a few lines of code, the password is unreservedly presented in front of us. Write down the password, and then open the encrypted folder, we can easily enter the!
Second, for their own web page encryption

It's a hard job to make a Web page, and how would you feel if you saw someone simply copy and paste it and even add your work to his own copyright? Is this the way to allow some unearned people to continue to steal the fruits of your labor? Is there any way to stop them?

In fact, it is not possible to completely stop it, but we can prevent it by setting up a lot of obstacles to make them stop. Here, I recommend an encryption method; JavaScript is a new web description language developed by Sun and Netscape Netscape, a language that can be embedded in HTML files that allow you to design interactive Web content. The simplest way to use JavaScript encryption is to allow viewers to not use the right mouse button, when he clicks the right button to save or copy the text will pop up a warning window or pop-up favorites.

(1) using pop-up windows to lock the right mouse button

Placing the following code in the
<script language= "JavaScript" >function Click () {if
(event.button==2) {alert (' This site is not allowed to use the right button, use the left button! ) }}
Document.onmousedown=click </script>


(2) Pop-up "Add Favorites" block the right mouse button


Place the following code in the <script language= "JavaScript" >
function Click ()
{
if (event.button==2)
{
Window.external.addFavorite (' http://www.yesky.com/)
}
}
Document.onmousedown=click
</script>


Third, for the optical disk encryption

With the advent of the network era, floppy disk has been far from satisfying the need for large capacity information preservation, more and more people began to use CD-ROM to back up the data, so that the computer can save precious data for a longer period of time. If we were to burn the data on a CD in the traditional way, just back up some of the normal stuff, and it would be dangerous to back up some very important data, and the information there would probably be illegally acquired by someone else.

Here to introduce a "CD-ROM encryption master" software, it is a CD-ROM encryption production tools. You can use it to visually modify the CD-ROM image file (ISO), hide the directories and files in the optical image file specifically, turn the normal files into oversized files, and make the normal directory into a file directory. It can modify various formats of the ISO file system, easy to make their own personalized encryption discs.

1. Hide Mirror files

Disc encryption master compared with other encryption disc software, the biggest feature is that the operation is very simple, even if the first time it will be easy to use. It also allows you to randomly select directories and files to encrypt, and the encrypted files can be run directly on the CD.

Because the compact disc encryption master does not directly support the making of files into an ISO image file, only the ISO image file is supported for encryption. So when you encrypt a disc, the first thing you need to accomplish is to make a mirrored file of the disc before you can use the disc encryption master to modify and set up the mirrored file to hide the files or directories in the mirrored file. At present, there are a lot of software for making optical image files, the author does not describe them here. Once the mirrored file is made, you can open the Master interface of the disc encryption master, execute the File/Open File command in the menu bar, or click the Open Disc Image File button in the toolbar, and in the File Selection dialog box that appears, select a previously made CD-ROM image file. All of the content in the mirrored file is automatically displayed in the child window to the right of the main interface. Select the folder you want to hide, right-click it, and execute the Hide selected directory on the shortcut menu, so the folder icon for the specified directory becomes a hidden icon, and once the mirrored file is burned to the disc, you will not see the folders or files that have been hidden.

2, set the optical disk password

We can also deny other people illegal access by setting a personalized password on the disc. When you set up a personalized password, you can open the mirrored file you want to protect, and then press the above method to hide some important files or folders, and then click the File/Disc password command, and then in the Figure 2 interface that pops up, you can set the password.

Optical disc Encryption Master for you to provide three kinds of password form, if the selected date form, you must enter a valid date as the access to the CD-ROM password, after the CD is started, will automatically verify the computer in the background date, only the date is correct, to access the contents of the CD. If you select the password form, you can click the "Next" button, in the pop-up interface, enter the password two times, and finally click the "Finish" button, you can complete the disc encryption, you need to enter the set password, in order to access the disc; If you use the key as a password, the CD will automatically detect the keys on the keyboard , if it is correct, you can access the disc.

In addition, in order to ensure that the data in the CD is absolutely safe, the author recommends that you select the "even if the password is correct, also prohibit copying disc" option, so that you can effectively prevent friends or people you trust, private to your data for yourself. Once the password is authenticated, you can also specify the access to the disc here, such as opening the disc browser directly, browsing the entire disc, or accessing only the specified directories on the disc. When you are done with the above settings, follow the on-screen prompts and step through the tasks below, and you will eventually see the prompt interface, which means that you have successfully encrypted the disc.

3, "Face" hidden documents

In addition to using the above methods to directly encrypt the disc, we can also be the need to protect the file into a large file, or the important folder, converted to a file, this can also achieve the purpose of indirect encryption hidden. When you need to put a file, "disguised as're going" as a large file, you can right-click the file you want to hide, execute the "Change to oversized file" command in the right-click menu, so that the specified file's "stature" expands to 2GB size, so the capacity is not open for normal applications, This is a natural way to achieve the purpose of hiding files. In addition, if you execute the "directory to File" command, you Can "face" the directory as a file, so that visitors will not be able to access the contents of the specified directory. If you want to restore access to a file or directory, you can perform a "change to normal size" or "file to directory."

are set up, you can encrypt the image file directly to save or burn, such a compact disc even if completely done; Of course, in order to ensure the success of encryption, you had better before burning, with a professional virtual CD-ROM work, to test the CD password, set whether the success. This kind of optical disk encryption method is not very simple, practical ah!
Iv. the application of encryption technology in network Commerce

The application of encryption technology is multifaceted, but the most widespread or in the application of E-commerce and VPN, the following are respectively Jensu.

1, in the electronic Commerce aspect application

E-commerce (e-business) requires customers to conduct various business activities on the Internet without fear that their credit cards will be embezzled. In the past, users to prevent credit card number was stolen, usually by telephone orders, and then use the user's credit card for payment. Now people begin to use RSA (a public/private key) encryption technology, improve the security of credit card transactions, so that e-commerce to practical become possible.

Many people know that Netscape is the leading technology provider in Internet commerce, which offers an internet-based technology based on RSA and secret key, known as the Secure Socket Layer (secure Sockets layer,ssl).

Maybe a lot of people know the socket, it is a programming interface, does not provide any security, and SSL not only provides a programming interface, but also provides a secure service, SSL3.0 now applied to the server and browser, SSL2.0 can only be applied to the server side.

2, in the VPN aspect application

VPN, the English full name is virtual private network, the Chinese name is commonly called the fictitious private network or the virtual private network. It refers to a public open network (such as the Internet) as the basic transport media, by encrypting and verifying network traffic to protect the private information transmitted on the public network will not be stolen and tampered with, thus providing end users with a network service technology similar to private network (network) performance. VPN encryption machine is a kind of network security device based on VPN technology. It uses the VPN technology, realizes the data encryption and the decryption, guarantees the data on the public network transmission security.

Using a VPN encryption machine, although the data is transmitted through the public network, but because of the role of the VPN encryption machine, so that the headquarters and branches between the establishment of a private tunnel, composed of a virtual private network, all data through this virtual private network transmission, protect the data from outside attacks. In the practical application of VPN encryption machine, can solve the following problems:

(1) Data source identity authentication: The confirmation data message is issued by the alleged sender.

(2) Ensure data integrity: Verify that the content of the data message in the transmission process has not been modified, whether it is intentionally changed or a random transmission error occurred.

(3) Data confidentiality: hidden plaintext messages.

(4) Replay attack protection: to ensure that the attacker can not intercept the data message, and a later time to release the data message, and will not be detected.

V. Application of EFS Technology

In Windows2000, Microsoft has adopted the Encrypting File System (EFS) based on public key cryptography. In Windows XP, the Encrypting File system has been further improved to enable multiple users to access the encrypted document at the same time. However, the use of EFS to encrypt files also creates a lot of trouble, such as the inability to open EFS-encrypted folders after reloading the system, and so on.

1, Backup and import key to decrypt

Click "Start → run" and enter "Certmgr.msc" in the "Run" dialog box to open Certificate Manager. Open "certificate → current user" under the "personal → certificate", as long as you have done encryption operation, the right window will have the same name as the user name (if there are multiple certificates, select the "intended purpose" as " Encrypting File System ") certificate.

Select the right mouse button after the certificate, select all Tasks → export, in the Pop-up Certificate Export Wizard, choose Export Private key, and follow the wizard's request to enter a password to protect the exported private key, finally stored as a PFX suffix file.

When there is a problem with the encrypted file's account or after reinstalling the system, you need to access or decrypt the previously encrypted file. Simply right-click the backed up certificate, select "Install PFX", the system will pop up the Certificate Import Wizard, type the password to be used to protect the backup certificate when you exported the certificate, and then choose to have the wizard Automatically select the certificate store, depending on the type of certificate. Once you have finished, you can access the previous encrypted file.

2, Reliable EFS encryption

In the absence of backup, it is almost impossible to decrypt EFS, although there are many methods on the Internet, but the feasibility is negligible, we recommend not to waste time. Because in Windows 2000/XP, each user has a SID (Security Identifier, safety designator) to differentiate their identities, everyone's SID is different, and has uniqueness. The first time the data is encrypted, the operating system generates the user's key based on the encryption's SID, and the public key and key are saved separately for the user to encrypt and decrypt the data. If the current key is not backed up before the system is installed, it actually means that the previous user key cannot be generated anyway, and the decryption file requires not only the public key but also the password, so it is not possible to open previously EFS-encrypted folders.

EFS encryption is safe and reliable, so once the user account is deleted, just like the one mentioned at the beginning, can you open it by recreating the same user? The answer, of course, is no, the re-created user has the same name as the previous user, but the system does not allocate the same SID (remember, there is no way to have the same sid! Unless it is a clone system, the key is different, and the encrypted file cannot be opened.

Vi. How to ensure the security of messages

1, encryption and decryption

The security of the message itself is first to ensure that the message is not stolen or changed by someone who is not involved, and that the recipient must be able to determine that the message was sent by a legitimate sender. You can use a public key system for this purpose. In practice, the user holds a key, called the private key, that exposes the other key, which is called the public key. When a user sends out a message, he first uses a one-way decomposition function to obtain a fixed-length decomposition value from the message, which is related to the content of the message, is called the fingerprint of the message, and then encrypts the fingerprint with its own key. The recipient can decrypt it using his public key, and then recreate the fingerprint for comparison, which guarantees that the message was sent by himself rather than counterfeit, and that the message was not changed during the sending process, a process known as digital signature and verification. He can also use the recipient's public key for encryption, which guarantees that only the recipient with the corresponding key can decrypt it to get the clear text of the e-mail message.

2. Digital signature

  Explain what "Mail Digest" is before you explain the digital signature (message digest),  simply use an algorithm to figure out a number that reflects the "essence" of the message,  once the message changes, the numbers change. So this number plus the author's name (actually in the author's key) there are dates, etc., can be used as a signature. Digital signature is a use of their own private key to the above "essence" encryption, attached to the message, and then use B's public key to encrypt the entire message. After this cipher is received by B, B will use his private key to decrypt the mail, get a copy of the original and signature, the verification system of its own also from the original calculation of an "essence", and then use a public key to decrypt the signature of the number of comparisons, if the agreement that this message is indeed a sent. In fact, digital signature in the commercial field has a great future, can effectively prevent the sender to deny and the letter was tampered with in the way.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.