Confidentiality 、 integrity 、 Authentication （ Non repudiation ）
Confidentiality ： The transmission content is not clear text , Even if the data is intercepted by the outside world , Nor can it be explained or cracked by others
integrity ： The content cannot be tampered with during transmission , If the information is tampered with or incomplete , The receiving party can know
Authentication （ Non repudiation ）： The receiver can verify the actual sender of the data , Make sure that the data is not being “ take another's place by counterfeiting ” And fake
give an example
nail 、 The armies of Party B attacked Party C , Party C is relatively strong , Therefore, Party A and Party B must use reasonable cooperation tactics , And attack together , To win , And Party A and Party B are no longer in the same place , They must communicate secretly
When Party A's military division studies the cooperation tactics and determines the attack time , So he wrote a letter to Party B's military division . Now comes the question , How can this letter be safe
The contents of the letter must be transmitted in encrypted form , Only the military division of Party B can understand . Otherwise, in case this letter is intercepted by Party C , Then Party C will know the tactical arrangements of Party A and Party B , This is confidentiality
If this letter is intercepted by Party C , If Party C wants to make every effort to secretly modify the contents of the letter , Then send it to Party B , Then Party B must know that the letter has been tampered with halfway , This is integrity
When Party B's military division receives this letter , It must be confirmed that it was written by Party A's military division , Instead of Party C's forged letter , This is authentication
Confidentiality
Confidentiality It can be done by encryption algorithm Guarantee , The encryption algorithm defines the plaintext 、 How to convert between ciphertext , That is, the process of encryption and decryption . Encryption algorithms are divided into ： Symmetric encryption and Asymmetric encryption
Symmetric encryption algorithm
Symmetric encryption refers to the use of encryption and decryption Same key Encryption algorithm . Sometimes it's called the traditional cryptographic algorithm , That is, the encryption key can be calculated from the decryption key , At the same time, the decryption key can also be calculated from the encryption key . And in most symmetry algorithms , The encryption key and decryption key are same , So it is also called secret key algorithm or single key algorithm . It requires the sender and the receiver to communicate securely before , Agree on a key . The security of symmetric algorithm depends on the key , Leaking the key means that anyone can send them Or decrypt the received message , So the confidentiality of the key is very important to the communication . Common symmetric encryption algorithms mainly include DES,AES,3DES、RC2、RC4 and RC5 etc.
Asymmetric encryption algorithm
Asymmetric encryption algorithms require Two keys : public key (public key) And private key (private key). Public key and private key are a pair , If public key is used to encrypt data , Can only be decrypted with the corresponding private key ; If you add a private key to the data The secret , Then only the corresponding public key can be used to decrypt . Because encryption and decryption use two different keys , So this algorithm is called asymmetric encryption algorithm
The basic process of secret information exchange by asymmetric encryption algorithm is : Party A generates a pair of keys and publishes one of them as a public key to other parties ; Party B who obtains the public key uses the key to encrypt the confidential information and then sends it to Party A ; Party A uses another private key saved by itself to decrypt the encrypted information . Common asymmetric encryption algorithms ：RSA、DSA、ECC etc.
integrity
Information integrity By extracting and comparing A summary of the news The way to achieve . A summary of the news It is to extract some form of information from the original data according to certain operation rules , The length of the message digest after passing the message digest is always fixed , It's also called data fingerprinting , Because it can uniquely identify a piece of data . Common summary algorithms are ：sha1、sha256、md5、crc32 etc.
Authentication
Even if we guarantee the confidentiality and integrity of the data , There are still some problems ：
The receiving party To verify message integrity , Must get The sender Summary of the message , If a third party knows Abstract algorithm , That abstract can also be forged , Therefore, the digest itself needs to be encrypted
How to determine the source of the message , How to make sure it's not forged by a third party ？
The sender uses the digest algorithm to generate the digest of the original message , Then encrypt the digest with the private key , Generate digital signature , The content is then transmitted with a digital signature
When the receiver receives the message , Decrypt the digital signature with the sender's public key ( If it can be decrypted successfully, the authentication of the sender is completed ), Get a summary A, Then use the summary algorithm to generate the summary of the original text B, Comparison summary A and B Are they the same? , The same indicates that the content has not been tampered with
summary
adopt encryption algorithm Encryption of the original data 、 Decrypt , We can ensure that... In the process of data transmission Confidentiality
adopt digital signature Mechanism , We can guarantee that the data integrity , Data sources can also be Authentication
For non Symmetric encryption technology Application , We usually use two ways ：
Data encryption during transmission , We use the receiver's public key encryption , Receiver private key decryption , Ensure that the data is ciphertext during transmission
The recipient's confirmation of the source of the information , The sender will use the private key to sign the data , The receiver uses the sender's public key for signature verification
版权声明：本文为[It Maple fighter]所创，转载请带上原文链接，感谢。
https://javamana.com/2021/12/202112122326534702.html