主机参考
| 主机参考:VPS测评参考推荐/专注分享VPS服务器优惠信息!若您是商家可以在本站进行投稿,查看详情!此外我们还提供软文收录、PayPal代付、广告赞助等服务,查看详情! |
| 我们发布的部分优惠活动文章可能存在时效性,购买时建议在本站搜索商家名称可查看相关文章充分了解该商家!若非中文页面可使用Edge浏览器同步翻译!PayPal代付/收录合作 |
Generally, there are three encryption algorithms on the Internet:
Symmetric encryption, one-way encryption, asymmetric encryption
Here is how to realize the confidentiality, integrity and authentication of data through the above three encryption algorithms.
After the symmetric encryption algorithm provides the encryption algorithm itself and requires the user to provide the key, it can combine the algorithm and the key to convert the plaintext into ciphertext. On the contrary, it is called symmetric encryption because the encryption and decryption use the same key. Symmetric encryption algorithm: encryption algorithm and decryption algorithm only use the same key.
Although symmetric encryption solves the problem of data integrity in the process of data transmission, if Tom sends data to many users, he must generate a symmetric key locally and transmit it to the other party through a key exchange method (hiffie Hellman). In this way, Tom users must remember all the keys, right! Otherwise, if one of the users intercepts the data, they can also view the data content. In order to ensure the confidentiality of the data, Tom must generate a set of keys for each user to ensure the confidentiality of the data.
So symmetric key solves the confidentiality of data, but it is not easy to manage the key.
Common symmetric encryption algorithms include:
Des: Data Encryption Standard (default is 56bit)
3DES: three word DES encryption
AES: Advanced Encryption Standard
AES192(192bit) AES256(256bit) AES512(512bit)
Blowfish
One way encryption algorithm: (ensures the integrity of data, but not the confidentiality of data)
Features of one-way secret algorithm:
Input is the same: output must be the same avalanche effect: small changes in input will cause huge results in this table
Fixed length output: no matter how large the original data is, the result size is the same and irreversible: it is impossible to restore the original data according to the fingerprint and signature of the data. Let's see the effect of avalanche effect through a command below: (/ etc / passwd for exle)
OK, I'll see how the one-way encryption algorithm works through the following pictures?
Note: if Jerry intercepts the data sent by Tom in the middle and reuses the encryption algorithm to extract the fingerprint and signature of the data and send it to Jack, Jack can't guarantee the data sent by Tom, that is to say, one-way encryption can guarantee the integrity of the data, but can't guarantee the identity of the sender.
At this time, Jerry intercepts the data sent by Tom to the local area, generates a key through Diffie Hellman, encrypts the data and sends it to Jack. Jack can't really determine the identity of the sender when he receives the data.
One way encryption type:
MD4
MD5 128bit
SHA1 160bit
SHA192 SHA256 SHA384
Asymmetric encryption algorithm: (public key encryption algorithm)
Asymmetric encryption algorithm + Ca: ensures the identity of users, and solves the key management mechanism of symmetric encryption algorithm
Asymmetric key algorithm usually generates a pair of keys locally, one is the private key, and the other is the public key. The general public key is from
Extracted from the private key. So public key encryption, private key decryption, private key encryption, public key decryption.
We can generate the private key through a command, and extract the public key from the private key (as shown in the figure)
RSA: data encryption and signing
DSA: can only be used for signing
ElGAMAL
Concept supplement: what is CA:
CA: it is an authoritative license issuing agency and is recognized. Therefore, a pair of keys are generated locally, one is the private key and the other is the public key. The public key is sent to CA for digital signature, which enables CA to verify its identity. In this way, data confidentiality, integrity and authentication information can be realized through one-way secret combination.
对称加密、单向加密、非对称加密
下面就来介绍下如何通过上面的三种加密算法实现数据的机密性、完整性及身份验证。
对称机密算法:
对称加密算法提供加密算法本身并要求用户提供密钥以后,能够结合算法和密钥将明文转换为密文,反之,之所以称它为对称加密,是因为加密和解密使用的密钥是相同的。对称加密算法:加密算法和解密算法,只不过使用的是相同密钥。
个人理解:
对称加密虽然解决了数据在传输过程得到了数据的完整性,那么如果Tom给许多用户发送数据Data时,都要在本地生成对称密钥并通过一种密钥交换方式(Hiffie-Hellman)传送给对方,这样的话Tom用户必须记住所有密钥对吧!不然的话,如果其中一个用户截取到数据,也可以查看数据内容,为了保证数据的机密性,Tom必须为每个用户生成一组密钥来保证数据的机密性。
所以说对称密钥解决了数据的机密性,但不便于管理密钥。
常见的对称加密算法有:
DES:Data Encrption Standard (默认为56bit)
3DES:经过3词DES加密方式
AES:Advanced Encrption Standard (高级加密标准)
AES192(192bit) AES256(256bit) AES512(512bit)
Blowfish
单向加密算法:(保证了数据的完整性,但不能保证数据的机密性)
单向机密算法的特征:
输入一样:输出必然一样雪崩效应:输入微小改变,将引起结果巨大该表
定长输出:无论原始数据多大,其结果大小一样不可逆:无法根据数据的指纹及特征码,还原原始数据下面通过一个命令来看看雪崩效应的效果:(/etc/passwd为例)
好了,我就通过下面的图片来了解下,单向加密算法是如何进行的?
注:如果中间Jerry将Tom发来的数据截获,并将数据重新利用加密算法进行将数据提取指纹及特征码,发送给Jack,Jack并不能保证数据时Tom发送的,也就是说单向加密可以保证数据的完整性,但不能保发送者的身份。
此时,Jerry将Tom发来的数据截获到本地,并通过Diffie-Hellman进行生成密钥,并将Data数据进行加密,发送给Jack,Jack收到数据 却不能真正判断发送方的身份。
单向加密类型:
MD4
MD5 128bit
SHA1 160bit
SHA192 SHA256 SHA384
非对称加密算法:(公钥加密算法)
非对称加密算法+CA:保证了用户的身份,并解决了对称加密算法的密钥管理机制
非对称密钥算法通常在本地生成一对密钥,一个是私钥,而另一个是公钥.一般公钥是从
私钥中提取的。所以公钥加密,私钥解密,私钥加密,公钥解密。
我们可以通过一个命令来实现生成私钥,并在私钥中提取公钥(如图)
RSA:可以进行数据的加密和签名
ElGAMAL
概念补充:什么是CA:
CA:就是一个权威的发证机构,而且是公认,所以在本地生成一对密钥,一个是私钥,另一个是公钥,将公钥发送给CA,让CA机构进行数字签名,这让就可以验证其身份,这样在通过单向机密的结合实现数据的机密性、完整性及身份验证的信息。
--------------------------------------------------------------
主机参考,收集国内外VPS,VPS测评,主机测评,云服务器,虚拟主机,独立服务器,国内外服务器,高性价比建站主机相关优惠信息@zhujicankao.com
详细介绍和测评国外VPS主机,云服务器,国外服务器,国外主机的相关优惠信息,商家背景,网络带宽等等,也是目前国内最好的主机云服务器VPS参考测评资讯优惠信息分享平台
这几篇文章你可能也喜欢:
- 搬瓦工VPS,限量款套餐补货,美国CN2 GIA/日本软银/荷兰AS9929,1Gbps超大高端网络线路,KVM虚拟架构,1核1G内存1Gbps带宽,80美元/年,机房可随意切换
- CloudCone,美国Win系统VPS云服务器少量补货,美国洛杉矶MC机房,KVM虚拟架构,3核4G内存1Gbps带宽,17.49美元/月
- LOCVPS,双12特惠,香港免备案VPS云服务器终身65折,香港葵湾机房,CN2+BGP/CN2网络,KVM虚拟架构,1核2G内存2Mbps带宽不限流量,29.25元/月
- 恒创科技,全场3折优惠起,免备案香港VPS云服务器低至28元/月,香港/美国,新增多款特价服务器,1核1G内存5Mbps带宽不限流量,292元/年
- 萤光云,香港VPS云服务器测评报告,回国优化线路,香港VPS测评,萤光云VPS好不好?萤光云香港VPS云服务器值得购买吗?
本文由主机参考刊发,转载请注明:介绍如何通过加密算法实现数据的完整性、机密性及身份验证 https://zhujicankao.com/14006.html
评论前必须登录!
注册