Shulou(Shulou.com)06/01 Report--

1.Hashed

Commonly used to store passwords

Converts an input string of any length to an output string of fixed length

One-way:not feasible to get plaintext from hash

Collision-free:not feasibleto find two strings that hash to the same output

Algorithms:CRC-32,MD5,SHA-1,SHA-256,etc.

CRC-32 is not cryptographically secure

Utilities:sha1sum,md5sum,chsum,openssl dgst

Examples

To hash file see if it changed

Md5sum file

[root@localhost ~] # vim filethis is a test file [root@localhost ~] # md5sum file79cbbfadcab143d2cc839ce5fce1c576 file [root@localhost ~] # md5sum file79cbbfadcab143d2cc839ce5fce1c576 file [root@localhost ~] # md5sum file79cbbfadcab143d2cc839ce5fce1c576 file

As long as the same file is not modified, no matter how many times it is encrypted with md5, the resulting string is the same.

Sha1sum file

Openssl dgst-sha1

2.Message Authentication Codes (message authentication code)

MAC is used to maintain the integrity of a network communication,preventing message from tampering

Attacker needs secret key to forge MAC

MAC funtion uses a shared secret key to generate MAC

CBC-MAC:use block cipher to construct

Encrypt the message in CBC mode and use last block

HMAC:use keyed cryptographic hash

HMAC (secret key,message)

3.User Authentication

Cryptographic hash of account password is stored

By adding random "salt" to password, two users with the same password will have different password hashes

MD5-based hash by default,old modified DES version also availble

System hashes password given to login

If passwords match,user is authenticated

Utilities:password,openssl,openssl passwd-1

4.Asymmetric Encryption (asymmetric encryption)

Public key to encrypt,private key to decrypt

Public means public,private means private

Partial solution to key distribution problem

Can give the public key to everybody

Algorithms:RSA,ElGamal

RSA is limited in the size of the message (secret.key

Extract public key from secret key

Openssl rsa-puboutn-in secret.key > public.key

Echo'My secret message.'> tomylove.txt

Encrypt using public key

Openssl rsautl-encrypt-pubin-inkey public.key-in tomylove.txt-out tomylove.encrypt

Decrypt using secret key

Openssl rsautl-decrypt-inkey secret.key-in tomylove.enc-out tomylove.txt

An example of encryption using RSA

[root@localhost ~] # useradd bob [root@localhost ~] # useradd alice [root@localhost ~] # su-bob

Generate the private key of bob and store it in the secret.key file

[bob@localhost ~] $openssl genrsa 1024 > secret.keyGenerating RSA private key, 1024 bit long modulus..+.+e is 65537 (0x10001)

Extract the public key from the private key and store it in the public.key file

[bob@localhost ~] $openssl rsa-pubout-in secret.key > public.keywriting RSA key

Switch to the alice user and generate your own public and private keys

[root@localhost ~] # su-alice [alice@localhost ~] $openssl genrsa 1024 > secret.keyGenerating RSA private key 1024 bit long modulus..+..+e is 65537 (0x10001) [alice@localhost ~] $openssl rsa-pubout-in secret.key > public.keywriting RSA key

Now bob will send an encrypted message to alice:

Bob uses the public key of alice to send an encrypted message to alice. After receiving the message, alice can decrypt it with its own private key.

Now alice sends its public key to bob

[alice@localhost ~] $cp public.key / tmp/alice.pub

Bob now encrypts the files to be sent using alice's public key tomylove.txt

[root@localhost ~] # su-bob [bob@localhost ~] $openssl rsautl-encrypt-pubin-inkey / tmp/alice.pub-in tomylove.txt-out tomylove.enc [bob@localhost ~] $cp tomylove.enc / tmp [bob@localhost] $su-[root@localhost ~] # su-alice [alice@localhost ~] $openssl rsautl-decrypt-inkey secret.key-in / tmp/tomylove.enc-out tomylove.txt [alice@localhost ~] $ll tomylove.txt-rw-rw-r--. 1 alice alice 19 Jul 21 23:18 tomylove.txt [alice@localhost ~] $cat tomylove.txt My secret message.

An example of encryption using GPG

Generate GPG keys

Pgp-gen-key (RSA encrypt and sign)

Export public key

Gpg-- export-a > pulic.key

Echo'My secret message.' > tomylove.txt

Encrypt using public key

Gpg-r keyID-e tomylove.txt (you got tomylove.gpg)

Import public key

Gpg-import public.key

Decrypt using secret key

Gpg-r keyID-o tomylove.txt-d tomylove.gpg

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.