Password Technology at the core of information security

Public key encryption system

Since the advent of public key encryption, scholars have proposed many public key encryption methods. Their security is based on complex mathematical difficulties. Based on the mathematical difficulties, the following three types of systems are currently considered safe and effective: Big integer factorization systems (typically RSA) elliptic curve discrete logarithm System (ECC) and discrete logarithm System (Representative DSA ).

Currently, the most famous and widely used public key system RSA is proposed by Rivet, Shamir, and Adelman (hereinafter referred to as RSA). Its security is based on the difficulty of big integer prime factor decomposition, the big integer factorization problem is a famous mathematical problem. So far, there is no effective solution, so it can ensure the security of the RSA algorithm. RSA is the most typical method of public key system. Most products and standards that use public key encryption for encryption and digital signature use the RSA algorithm.

The main benefit of the RSA method is its simple principle and ease of use. However, with the progress and improvement of the big integer decomposition method, the improvement of computer speed, and the development of computer networks, thousands of machines can be used for large integer decomposition at the same time.DecryptionThe big integer demand for security assurance is growing. To ensure the security of RSA, the number of digits of the key has been increasing. For example, it is generally believed that RSA requires more than 1024 characters to ensure security. However, the increase in the length of the key causes the speed of encryption and decryption to be greatly reduced, and the hardware implementation is becoming more and more unbearable, which puts a heavy burden on applications using RSA, this is especially true for e-commerce that is engaged in a large number of secure transactions, making its application scope increasingly restricted.

DSAData Signature Algorithm) is a digital Signature standard based on the discrete logarithm problem. It only provides digital signatures and does not provide data encryption functions. ECCElliptic Curve Cryptography, an elliptic Curve encryption algorithm for public key systems with higher security and better performance, is difficult to calculate based on discrete logarithm.

Advantages of Elliptic Curve Encryption Algorithm (ECC)

Compared with RSA, the elliptic curve encryption method has the following benefits:

Higher security performance

The security performance of an encryption algorithm is generally reflected by the anti-Attack Strength of the algorithm. Compared with other public key systems, ECC has an absolute advantage in anti-attack. For example, 160-bit ECC and 1024-bit RSA and DSA have the same security strength. The 210-bit ECC has the same security strength as 2048bit RSA and DSA.

Low computing workload and fast processing speed

Although small public keys can be selected in RSA, the public key processing speed can be improved by 3), that is, the encryption and signature verification speed can be improved, make it comparable with ECC in encryption and signature verification speed, but decrypt and sign the private key processing speed), ECC is much faster than RSA and DSA. Therefore, the total speed of ECC is much faster than that of RSA and DSA.

Small storage space usage

ECC's key size and system parameters are much smaller than RSA and DSA, meaning that it occupies much smaller storage space. This is particularly important for the application of encryption algorithms on IC cards.

Low bandwidth requirements

When encrypting and decrypting long messages, the three types of password systems have the same bandwidth requirements, but the ECC bandwidth requirements are much lower when applied to short messages. Public key encryption systems are mostly used for short messages, such as digital signatures and session keys for symmetric systems. Low bandwidth requirements make ECC widely used in wireless networks.

These features make ECC replace RSA and become a common public key encryption algorithm. For example, the SET protocol maker has used it as the default public key cryptographic algorithm in the Next Generation SET protocol.

This is the end of the introduction of password technology. I hope you have mastered it. In the future, we will try to sort out as many materials as possible. For more information, see password technology, the core of information security.