Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

This paper introduces how to realize the integrity, confidentiality and authentication of data through encryption algorithm.

2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Generally speaking, there are three encryption algorithms on the Internet:

Symmetric encryption, one-way encryption, asymmetric encryption

Here is how to achieve data confidentiality, integrity and authentication through the above three encryption algorithms.

Symmetric secret algorithm:

After the symmetric encryption algorithm provides the encryption algorithm itself and requires the user to provide a key, it can combine the algorithm and the key to convert plaintext into ciphertext. On the contrary, it is called symmetric encryption because encryption and decryption use the same key. Symmetric encryption algorithm: encryption algorithm and decryption algorithm, but using the same key.

Personal understanding:

Although symmetric encryption solves the problem of data integrity in the process of data transmission, if Tom sends data Data to many users, it has to generate symmetric keys locally and send them to each other through a key exchange (Hiffie-Hellman). In this case, Tom users must remember all the keys, right? Otherwise, if one of the users intercepts the data, they can also view the data contents. In order to ensure the confidentiality of the data, Tom must generate a set of keys for each user to ensure the confidentiality of the data.

Therefore, the symmetric key solves the confidentiality of the data, but it is not easy to manage the key.

Common symmetric encryption algorithms are:

DES:Data Encrption Standard (default is 56bit)

3DES: after 3 words DES encryption

AES:Advanced Encrption Standard (Advanced encryption Standard)

AES192 (192bit) AES256 (256bit) AES512 (512bit)

Blowfish

One-way encryption algorithm: (ensures the integrity of the data, but not the confidentiality of the data)

Characteristics of one-way secret algorithm:

The input is the same: the output must be the same

Avalanche effect: small changes in input will cause huge results on the table.

Fixed length output: no matter how large the original data is, the result is the same.

Irreversible: the original data cannot be restored according to the fingerprint and signature of the data

Let's use a command to see the avalanche effect: (/ etc/passwd as an example)

OK, I will use the following picture to understand how the one-way encryption algorithm works.

Note: if the intermediate Jerry intercepts the data sent by Tom and reuses the encryption algorithm to extract fingerprints and signature of the data, sending it to Jack,Jack does not guarantee the data sent by Tom, that is to say, one-way encryption can ensure the integrity of the data, but can not guarantee the identity of the sender.

At this time, Jerry intercepts the data sent by Tom locally, generates the key through Diffie-Hellman, encrypts the Data data, and sends it to Jack,Jack to receive the data, but can not really determine the identity of the sender.

One-way encryption type:

MD4

MD5 128bit

SHA1 160bit

SHA192 SHA256 SHA384

Asymmetric encryption algorithm: (public key encryption algorithm)

Asymmetric encryption algorithm + CA: ensures the identity of the user and solves the key management mechanism of symmetric encryption algorithm.

Asymmetric key algorithms usually generate a pair of keys locally, one is a private key and the other is a public key. The general public key is derived from

Extracted from the private key. So public key encryption, private key decryption, private key encryption, public key decryption.

We can use a command to generate the private key and extract the public key from the private key (see figure)

RSA: can encrypt and sign data DSA: can only be used to sign ElGAMAL

Concept supplement: what is CA:

CA: is an authoritative certification authority, and is recognized, so generate a pair of keys locally, one is a private key, the other is a public key, send the public key to CA, let the CA institution for digital signature, which allows its identity can be verified, so that through the combination of one-way secrets to achieve data confidentiality, integrity and authentication of information.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report