At the beginning of the development of the computer, the Internet development is very slow, the popularity of the surface is very small, can realize the communication between the two machines is very remarkable. So when the TCP/IP protocol is developed, it is not overly concerned with security, it is transmitted in plaintext. With the development of the Internet, it has also verified the "There are a lot of birds in the woods."Theory, there are various network attacks on the Internet, making communication between the two machine security issues increasingly prominent.
Suppose A and B need to communicate with each other. Before that A and B were not communicating, what risks would they face when they needed to establish communication?
Suppose A and B are in love, communication between them is through a postcard, so in the process of postcard delivery, each session of the handler can see any content on the postcard. The TCP/IP protocol itself does not provide a security mechanism (it is plainly running on the network, any capture software on the network caught on the transmission of the content between you, this is the plaintext transmission, the plaintext transmission of the Protocol and HTTP, FTP, Telnet, SMTP, etc. ). The confidentiality of communications between A and B cannot be guaranteed.
Also assume that A and B love content is public, then a sent postcard delivery to B, how to ensure that the contents of the postcard is not tampered with the third party C, C is to make a and b between a crack and break up. ( Some students will be curious how to intercept?) For example, the VMware virtual machine that we install is the one that changes the NIC to promiscuous mode and receives all the traffic that passes through it, regardless of whether the destination address is him or not. is relative to the usual pattern, this is used by network administrators to diagnose network problems, but also by the non-certified people who want to eavesdrop on the network communication, whether the data in the transmission of the network due to network problems or tampering, to be able to verify the integrity of the data, Discard this information as long as it is incomplete.
A and B before any communication, a initiated to communicate with B, this time out of C disguised as B, claiming I was B, you come to me. Suppose you visit a bank website to transfer money, but you login to a fake bank website, after entering the account and password, the server prompts because of internal network error, please try again later. At this time, your real account has been stolen by the illegal people inside the money. This time we need a mechanism to prove the site that we're visiting. He was the one who claimed it. This is authentication .
Confidentiality of |
Integrity |
Identity verification |
Throughout the Internet security, a number of mechanisms are around the above three characteristics to solve the problem. For an overview of the types of encryption and their associated algorithms, listen to tell ^_^
Types of cryptography and their related algorithms--introduction