Common terms for passwords
plaintext : information to encrypt
ciphertext : plaintext after being encrypted
Encryption : The process of converting plaintext into ciphertext
encryption Algorithm : conversion algorithm of plaintext to ciphertext
Encryption keys : Keys for cryptographic operations using cryptographic algorithms
decryption : The process of converting ciphertext to plaintext
decryption Algorithm : An algorithm for converting ciphertext to plaintext
decryption key: The key used to decrypt the operation by decrypting the algorithm
cryptanalysis : The interception of ciphertext attempts to infer the original plaintext or key process by analyzing the captured cipher text
Active attack : The attacker illegally invades the password system, using forgery, modification, deletion and other means to inject false messages to the system to deceive (the ciphertext has destructive effect)
Passive attacks : interception of ciphertext and analysis and attack on a security system (no destructive effect on ciphertext)
cipher System : consists of five parts, plaintext space, ciphertext space, key space, encryption algorithm and decryption algorithm.
Password Protocol : Also known as security protocol, refers to a cryptographic communication protocol based on the exchange of information, in order to provide a secure service in the network environment
Password system : Refers to the system used for encryption and decryption
kerckhoffs principle : The security of data is based on secret key rather than algorithm secrecy. That is, the security of the system depends on the key, the key is confidential, the algorithm is exposed . This is the basic principle of modern cryptography design.
Classification of passwords
by password system
symmetric encryption (single-key password, private key password) refers to the same encryption key as the decryption key
Asymmetric Encryption (dual-key password, public key password ) means that the encryption key is different from the decryption key, the key is divided into the public key, the private key
By clear Text Processing method
block password : refers to the encryption of the clear text into fixed-length groups, with the same secret key and algorithm for each block encryption, output is a fixed length of ciphertext. More for network encryption
Stream Password : Also called serial password. Encrypt one or one byte of plaintext at a time
hash function : is not used to complete the data encryption and decryption, is used to verify the integrity of the data.
Features: Unlimited length, hash value easy to calculate, hash operation process irreversible
Correlation algorithm: Message digest algorithm MD5, sha--Secure Hash algorithm, mac--message authentication code algorithm
Digital Signature : primarily for processing of messages stored as a digital form
OSI Security system OSI (open System Interconnection) Open communication System network communication
7. Application Layer
6. Presentation Layer
5. Session Layer
4. Transport Layer
3. Network layer
2. Data Link Layer
1. Physical Layer
Security mechanisms
Encryption mechanism
Digital signature mechanism
Access control mechanism
Data integrity mechanisms
Authentication mechanism
Business flow fill mechanism
Routing control mechanism
Justice mechanism
Security services
Certification (identification)
Access Control Services
Data Privacy Services
Data integrity Services
Denial-of-service
TCP/IP Security system
7. Application Layer
4. Application Layer 6. Presentation Layer Application layer security
5. Session Layer
3. Transport Layer 4. Transport Layer Transport Layer Security
2. Network layer 3. Network layer security
1. Network interface layer 2. Data Link layer network interface layer Security
1. Physical Layer
Security Services Security Mechanisms
Authentication (identification service) authentication mechanism
Digital signature mechanism
Access Control Service access control mechanism
Routing control mechanism
Encryption mechanism of data privacy service
Business flow fill mechanism
Data integrity Service data integrity mechanism
Denial-of- service justice mechanism
Java Security Components
The JCA (Java Cryptography Architecture ) Java Cryptographic Architecture provides a basic cryptographic framework, such as Message digest, digital signature
The JCE (Java Cryptography Extension ) Java encryption extension package is extended on a jca basis, such as DES, AES, and RSA algorithms via JCE
JSSE (Java Secure Socket Extension) Java Secure Sockets extension Package provides SSL-based encryption, primarily for network transport
JAAS (Java Authentication and authentication service)Java Authentication and security services based on the Java platform, such as permissions
Java Encryption Series (i) Encryption basics