Shulou(Shulou.com)06/01 Report--

Digital envelope refers to the data obtained by the sender using the receiver's public key to encrypt the symmetric key, which is used to ensure the security of the symmetric key transmission. When using a digital envelope, the receiver needs to use his own private key to open the digital envelope to get a symmetric key.

The encryption / decryption process of the digital envelope is shown in figure 1-19. A should also obtain the public key of B in advance. The details are as follows (corresponding to the serial number in the figure):

Figure 1-19 schematic diagram of the encryption and decryption process of digital envelopes

(1) A uses a symmetric key to encrypt plaintext to generate ciphertext information.

(2) A uses the public key of B to encrypt the symmetric key to generate a digital envelope.

(3) A sends the digital envelope and ciphertext message to B.

(4) after receiving the encrypted information from A, B uses his own private key to open the digital envelope to get the symmetric key.

(5) B uses a symmetric key to decrypt the ciphertext information and get the initial plaintext.

From the above encryption / decryption process, it can be seen that digital envelope technology combines the advantages of symmetric key encryption and public key encryption, and solves the problem of security of symmetric key and slow speed of public key encryption. it improves security, expansibility and efficiency. However, there is still a big problem with digital envelope technology, that is, there is no guarantee that the information comes from the real one.

Imagine if the * intercepts the message sent by A to B, encrypts a forged information with his own symmetric key, and encrypts the person's own symmetric key with B's public key (* *). Generate a digital envelope; then send the forged encrypted information together with the forged digital envelope to B. After receiving the encrypted information, B can successfully decrypt the digital envelope with his own private key, and then use the restored symmetric key (this is the symmetric public key of the person who is * *) to restore the encrypted plaintext message. in this way, B always thinks that the information that was originally forged by the person who is * * is the message sent by A. Such an outcome may result in heavy losses, such as the change of the subject matter of the tender sent by A to B.

At this point, there is a need for a way to ensure that the information received by the receiver is sent by the designated sender, which uses the digital signature technique described in the next section, which is described in the next section.

The above content is extracted from Huawei's equipment book, Huawei × × Learning Guide, which has just been listed by the author. It is the key book of the national 13th five-year Plan and the ICT training material officially designated by Huawei. The practical video course of this book will be released soon, please follow my course center: http://edu.51cto.com/lecturer/user_id-55153.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.