symmetric cipher, asymmetric cipher, hashing algorithm and PKI
Cryptography issues to solve: confidentiality, integrity, authentication (anti-repudiation):
First, symmetric password:
Symmetric cryptography: The sender and recipient use a single key that they collectively own, both for encryption and for decryption, called a secret key (also known as a symmetric key or session key).
Services that provide information confidentiality (no key information cannot be decrypted), integrity (the changed information cannot be decrypted).
Symmetric cryptography, also known as: Single-key cryptography, secret key cryptography, session key cryptography, private key cryptography, shared secret key cryptography
Common symmetric encryption Techniques:
DES (Data Encryption Standard): Packet encryption, the algorithm originates from Lucifer, as the NIST symmetric encryption standard; 64 bits (valid bit 56 bit, check 8 bit), packet algorithm
3des:128 bit, packet algorithm
IDEA (International Data encryption algorithm): 128-bit, faster than DES, packet algorithm
blowfish:32-448 bit, algorithm disclosure, packet algorithm
RC4: Stream password, variable key length
RC5: block cipher, key length variable, maximum 2048 bits
rijndael:128 bit/196-bit/256-bit
AES (Advanced Encryption Standard): Des upgrade, algorithm derived from Rinjindael
Advantages of symmetric passwords:
Users only need to remember a key, it can be used for encryption, decryption;
Compared with asymmetric encryption method, the computation of encryption and decryption is small, fast and easy to use, which is suitable for encrypting massive data.
Disadvantages of symmetric passwords:
If the key exchange is not secure, the security of the key will be lost. Especially in e-commerce environment, when the customer is unknown, untrusted entity, how to enable customers to secure the key is a big problem.
If the user has a large number of cases, key management issues. N (N-1)/2
Cannot provide anti-repudiation if multiple users of the key are shared
For example:
Let's say Alice and Bob are aware of the two people in order to ensure that the communication message is not intercepted by others, a pre-agreed password to encrypt the message sent between them, so that even if someone intercepts the message without a password and can not know the content of the message. Thus, confidentiality is achieved.
However, the above implementation process has the following problems:
1): If Alice and Bob do not know each other on the Internet, then how can Alice negotiate (or transmit) the shared secret (password) with Bob?
2): If Alice wants to communicate with 100 people, how many passwords does he need to remember? And 1000, 10,000 people ... What about communications?
3): If Alice communicates with other people using the same password as Bob, how do you know that the message must be from Bob?
An asymmetric cipher is introduced.
Two, asymmetric password:
Use a pair of keys: one for encrypting information and the other for decrypting information.
There is a interdependence between the two keys: the information that is encrypted with either key can only be decrypted with another key.
Where the encryption key is different from the decryption key, the public key encryption private key decrypt, conversely, the private key can also decrypt the public key encryption.
The key is classified by nature, one of which is exposed to the outside world, called the public key, and the other is reserved for itself, called the private key. Public key is often used for data encryption (encrypted with the other's public key) or signature verification (decrypted with the other public key), the private key is often used for data decryption (the sender is encrypted with the receiver's public key) or a digital signature (encrypted with its own private key).
Confidentiality, integrity, anti-repudiation
Common Asymmetric Encryption Techniques:
Diffie-hellman: The first generation, the calculation of discrete logarithm, is a key exchange protocol algorithm, does not encrypt, does not produce a digital signature.
The first asymmetric key negotiation algorithm, focusing on solving key distribution problems
A difficult problem based on "discrete logarithm calculation in finite field"
Both parties exchange their public keys on untrusted networks and generate the same symmetric key on their respective systems.
The initial Diffie-hellman algorithm is susceptible to a man-in-the-middle attack, and the method of dealing with this attack is to authenticate before accepting someone's public key.
Encryption, digital signature is not available.
RSA: Large prime number decomposition, can be encrypted, can be signed
EI Gamal: Discrete logarithm, can be encrypted, can be signed, the slowest
Elliptic curve: Calculates discrete logarithm, similar in function to RSA, faster
Variant of Dsa:ei, discrete logarithm, unencrypted, unsigned, slower than RSA
Backpack: Backpack algorithm, can be encrypted, can be signed, retired
DSS: Digital Signature Standard
As follows:
First, Alice encrypts the data with Bob's public key to ensure the confidentiality of the message, so that only Bob's private key can decrypt the message, so only Bob can see the message.
This is all about confidentiality, but how Bob verifies that the message came from Alice, because anyone can get Bob's public key. Here's how it works:
In order to prove to Bob that the message was actually her, Alice encrypted the message with her private key and sent it to Bob,bob to decrypt the message with Alice's public key, so she knew that the message was actually Alice, because only the message encrypted with Alice's private key could be decrypted with her public key.
This enables authentication, but anyone can use Alice's public key to decrypt the message, so that confidentiality is not guaranteed, and then the following way:
Alice first encrypts the data with her private key (implementing authentication), and then uses Bob's public key to encrypt the encrypted message cipher again (for confidentiality), then sends it to Bob,bob to decrypt it with her private key, and then decrypts it with Alice's public key, thus achieving confidentiality and authentication.
However, the asymmetric algorithm itself consumes resources, the operation is slow, here also encrypted two times, for bulk data is absolutely unacceptable, there is no better way? This also introduces the following hybrid cryptography:
Three, mixed encryption
Mixed encryption is simply the use of asymmetric algorithms to exchange symmetric keys, with symmetric keys to encrypt data.
As follows:
Alice randomly generates a session key, then encrypts the message with the session key, encrypts the session key with Bob's public key, and then sends the message cipher and the session key ciphertext (the digital envelope) to the Bob,bob to receive the message first to decrypt the digital envelope with its own private key, to get the session secret key, Then use the session key to decrypt the message cipher text.
Note that authentication cannot be implemented here, and Alice cannot prove to Bob that the message was made by herself.
Hashing algorithm (hash function, one-way encryption)
Message integrity:
There are many protocols that use check bit and cyclic redundancy check (Cyclic redundancy CHECK,CRC) functions to detect whether a bit stream is changed when it is transferred from one computer to another computer. However, check bit and cyclic redundancy check usually only detect unintentional changes.
If the message is intercepted by the intruder, the checksum is recalculated after the change so that the receiver will never know that the bitstream has been tampered with. To achieve this protection, a hashing algorithm is used to detect unintended or unintentional unauthorized changes to the data.
Hash (hash) function (also known as hash function): The input can be any length message, resulting in a fixed-length output through a one-way operation. This output is called a hash value (hash value, also known as a Hash Digest), which has the following characteristics:
The hash value should be unpredictable.
The hash function is a one-way function, not reversible.
The hash function is deterministic (unique) and should always produce the same output y for input x.
Looking for any (x, y) pair making H (×) =h (y), not feasible in calculations (strong collision-free, anti-"birthday Attack")
For any given grouping x, look for y not equal to X, making H (y) =h (x), not feasible in computation (weak collision free)
Type of hash:
md2:128 bit, slower than MD4, MD5
md4:128
md5:128, more complex than MD4
Haval algorithm: variable, MD5 variant
SHA Safe Hash: SHA-1 160-bit, SHA-256 256-bit, sha-384,sha-512;
tiger:192 bit, faster than MD5, SHA-1
ripemd-160:160 bit, MD4, MD5 substitution
As follows:
Alice uses the hashing algorithm to calculate message digest 1 for the message, and then appends the message digest 1 to the message clear text after a concurrent send to bob,bob received the message, using the same hashing algorithm to calculate the message digest 2, and then compare with Message digest 1, if the same indicates that the message has not been tampered with.
But simply do not achieve true integrity, if someone in the middle intercept message modification after the Recalculation message digest attached, Bob still think the message was not tampered with. It also does not enable authentication, so it has a digital signature:
Digital signature:
A digital signature is the data that a user encrypts by using his or her private key to encrypt the hash of the original data (hash digest).
The information receiver uses the public key of the sender of the message to decrypt the digital signature appended to the original information and obtains a hash digest. Confirm the following two points by comparing the hash summary generated with the original data you received:
The information is sent by the signer (authentication, non-repudiation)
The information has not been trusted for any modification (completeness) since it was issued.
Digital Signature Standard:
In 1991, NIST proposed a federal standard FIPS 186 (using SHA) for the digital signature Standard (Signature STANDARD,DSS), which was last updated in 2013, and was released as FIPS 186-4, including DSA, RSA, ECC
DSS has two methods of creating signatures DSA and RSA. Unlike RSA, DSA can only be used for digital signatures and is slower than RSA, where RSA can be used for digital signatures, encryption, and key distribution.
As follows:
Alice computes the message digest using the hash algorithm, encrypts the message digest (digital signature) with her private key, and then sends the message plaintext and the digital signature to Bob,bob to receive a message with Alice's public key to decrypt the digital signature to get the original message digest (which verifies Alice's identity). The message digest is computed with the same hashing algorithm, and then the two message digests are compared, and if the message digest is the same, the message is not tampered with.
Note: If there is a third party Tom in a man-in-the-middle attack, he can tamper with the message or recalculate the message digest, but Tom does not have Alice's private key to encrypt the message digest, and if Tom encrypts the message digest with his private key, When Bob receives the message, it cannot decrypt the digital signature by using Alice's public key to get the message digest text.
In conclusion, the different functions of the algorithm can not be:
As can be seen from the above, the public key is critical in these implementations, so how do we validate the user's public key, as in the example in this article, how Alice gets Bob's public key, and then how to verify that the public key is Bob's? This requires a third-party organization that both parties trust to introduce a PKI:
V. Public Key Infrastructure (PKI)
PKI is a system of software, communication protocol, data format, security policy and so on to use, manage and control public key cryptosystem. It has three main purposes: issuing public key/certificate, proving the entity that binds the public key, providing a validation of public key validity.
PKI provides basic services:
Confidentiality of
Integrity
Access control
Authenticity
Non-repudiation
Digital certificates:
PKI technology uses the certificate management public key, through the third party's trusted Authority Certification center CA (Certificate authority), the user's public key and the user's other identity information (such as name, email, social Security number, etc.) bundled together, Verify the identity of the user on the Internet network.
A public key certificate is a digitally signed declaration that binds the value of a public key to the identity of the principal (personal, device, and service) holding the corresponding private key. By signing the certificate, the CA can verify that the private key corresponding to the public key on the certificate is owned by the principal specified by the certificate.
The format of the digital certificate is provided by the international standard CCITT, which contains the following points:
Name of the owner of the certificate
The public key of the certificate owner
The validity period of the public key
The unit that issued the digital certificate
Serial number for the digital certificate (Serial number)
Name of the CA and sign the certificate with the CA's digital signature
The identifier that the CA follows to determine the certificate principal identity Policy
Usage of the key pair (public key and associated private key) identified in the certificate
The location of the certificate revocation list (CRL)
ITU-T is not the only format for certificates. For example, pretty good Privacy (PGP) secure e-mail is a certificate that relies on PGP.
Ca:
Authorities responsible for issuing and managing digital certificates
Specific features:
Receive an application to verify that the RA forwards the end-user digital certificate.
Determines whether to accept an end-user digital certificate request-Certificate approval.
Generating key pairs and certificates
Issue a certificate to the requester
Provide authoritative notarization of organization and responsibility for issued certificates
Receive the query and revocation of the end-user digital certificate.
Generate and publish certificate revocation lists (CRLs)
Key Management (key backup, key recovery, key update)
Archiving of digital certificates.
Key Archive
Archive of historical data.
To put it simply, the function of PKI implementation is to issue a digital certificate to the user with a CA that everyone trusts, including the user's public key (the public key can be the user's own generated submission to the CA or the CA generated to the user) and related identity information. In the case of Alice and Bob in this article, Alice, in order to prove to Bob that Alice and a public key are her own, she requests a certificate from a CA institution that Alice and Bob Trust, and Alice first generates a pair of key pairs (private and public). Save your private key on your computer, then apply the public key to the CA to request a certificate, the CA accepts the application and then gives Alice a digital certificate that contains Alice's public key and other identity information, of course, The CA calculates the message digest for this information and uses its own private key to encrypt the message digest (digital signature) attached to Alice's certificate to prove that the certificate was issued by the CA itself. Bob gets Alice's certificate and decrypts the message digest with the public key in the CA's certificate (self-signed), confirming that Alice's certificate was issued by the CA, the information in the certificate was not tampered with, and Alice's public key was obtained.
Symmetric cipher, asymmetric cipher, hashing algorithm and PKI