Learn Information security knowledge together (2) -- symmetric and asymmetric passwords

 

Currently, passwords are classified into symmetric passwords and asymmetric passwords. Among them, symmetric passwords include des, 3DES, and AES, While asymmetric passwords include RSA and ECC.

Let's give an example of a simple symmetric password. Suppose there is a string of numbers 123789, and we need to encrypt it. The encryption method is to add 1 to each number. The encryption is as follows:

Plaintext 123789

Ciphertext 234890

The decryption process is reduced by 1 for each number.

From the above example, we can see that the encryption algorithm can be described"Add 1 for each number", Thus the decryption process can be introduced"Minus one for each number", This is the symmetric password algorithm. The symmetry here does not mean that the encryption key (the encryption key can be regarded as the key) must be the same as the decryption key, but that the encryption and decryption keys can be pushed to each other.

Symmetric encryption is fragile because it can be considered as the encryption and decryption key as the same key. In secure communication, both parties have the same key. Once this key is disclosed, security also has problems. Therefore, asymmetric encryption is proposed.

The encryption and decryption keys of asymmetric passwords cannot be derived from each other. For example:

Symmetric password: there is a door between room A and room B. A person in Room A (plaintext) walks through this door (encryption process) to Room B (ciphertext ), he walked from Room B (ciphertext) to room A (plaintext) through the door (decryption process ). That is, the entry and exit are the same door, And the encryption and decryption passwords are the same.

Asymmetric password: There are two doors D1 and D2 between room A and room B. D1 can only be from Room A to Room B, while D2 can only be from Room B to Room. A person in Room A (plaintext) walks to Room B (ciphertext) through D1 (encrypted), and he walks to room A (plaintext) through D2 (decryption) from Room B (ciphertext ). D1 and D2 are two different doors, that is, different keys. The following describes the relationship between two asymmetric encryption keys.

The asymmetric password key contains a public key and a private key. During key initialization, two keys K1 and K2 are generated at the same time (like creating two doors D1 and D2 at the same time ), here, K1 and K2 cannot be pushed to each other. From the current technology, K2 cannot be obtained directly through K1, or K1 can be obtained through K2. Features of K1 and K2 are as follows:

After data is encrypted through K1, it can be decrypted through K2, or through K2 for decryption. That is, the K1 and K2 generated during the initialization process are in a peering relationship. Although the two keys are different and cannot be pushed down, no matter which key is used for encryption, it can be decrypted using another key. The next step is to separate K1 and K2.

The public key in the asymmetric password can be disclosed to everyone, and the private key is kept by yourself. For K1 and K2, you can select one of the keys as the public key, and the other is the private key. Assume that K1 is the public key and K2 is the private key. You have K2 and your friends have K1. When your friend sends you an email, you can encrypt it through K1. At this time, only you have K2 and only you can decrypt it. Your private key K2 is not used for encryption, but for signature.

You can first make a preliminary impression on the above description. asymmetric encryption signatures are not as simple as described above, but there is no problem with the basic process.

[Not reproduced without the permission of the author]