• 软件测试技术
  • 软件测试博客
  • 软件测试视频
  • 开源软件测试技术
  • 软件测试论坛
  • 软件测试沙龙
  • 软件测试资料下载
  • 软件测试杂志
  • 软件测试人才招聘
    暂时没有公告

字号: | 推荐给好友 上一篇 | 下一篇

现代密码学数据加密

发布: 2008-6-03 23:53 | 作者: IT英语  | 来源: 学赛网 | 查看: 44次 | 进入软件测试论坛讨论

领测软件测试网 If the receiver of the encrypted data wants to read the original data, the receiver must convert it back to the original through a process called decryption. Decryption is the inverse of the encryption process. In order to perform the decryption, the receiver must be in possession of a special piece of data called the key.

  如果接收到加密数据的人要看原来的数据,就必须把数据转换为原来的形式,这个过程称为解密。解密是加密过程的逆过程。为了进行解密,接收者必须有称为密钥的特殊数据。

  The two main competing cryptography schemes are known as the secret-key (symmetric) system and the public-key (asymmetric) system. The secret-key system uses a single, wholly secret sequence both to encrypt and to decrypt messages. The public-key system uses a pair of mathematically related sequences, one each for encryption and decryption [1].

  现在有两种主要的、相互竞争的密码术:秘钥(对称)和公钥(不对称)系统。秘钥系统采用单一的绝密序列,对报文进行加密和解密。公钥系统采用一对数学上相关的序列,一个用于加密,另一个用于解密。

  Secret-key encryption

  One of the most popular secret-key encryption schemes is IBM’s Data Encryption System (DES), which became the U.S. federal standard in 1997. the standard form uses a 56-bit key to encrypt 64-bit data blocks.

  The following is a notation for relating plaintext, ciphertext, and keys. We will use C=E k (P) to mean that the encryption of the plaintext P using key k gives the ciphertext C. similarly, P=D k (C) represents of decryption of C to get the plaintext again. It then follows that D k ( E k (P))=P

  密钥加密

  IBM的数据加密系统(DES)是最流行的密钥加密方案之一。1977年,该方案成为美国联邦标准。该标准形式采用56位的密钥对64位的数据块进行加密。

  下面是有关明文、密文和密钥关系的表示法。我们用C=E k (P)表示用密钥K对明文P加密,得到密文C。类似的,P=D k (C)代表对C解密得到明文。因而遵循:D k (E k (P))=P

  DES has been studied by many of the world’s leading cryptographers, but no weaknesses have been uncovered. To crack a DES-encrypted message a hacker or commercial spy would need to try 255 possible keys. This type of search would need days of computer time on the world’s fastest supercomputers. Even then, the message may not be cracked if the plaintext is not easily understood [2].

  为了打开一个DES加密的报文,黑客或商业间谍需要试验255种可能的密钥,这种搜索在世界上最快的巨型机上也需好几天的计算机时间。如果未加密的“明文”是不易理解的,即使算出报文也可能解不开。

  Developers using DES can improve security by changing the keys frequently, using temporary session keys, or using triple-encryption DES. With triple DES, each 64-bit block is encrypted under three different DES keys. Recent research has confirmed that triple-DES is indeed more secure than single-DES. The User Data Masking Encryption Facility is an export-grade algorithm substituted for DES in several IBM products, such as the Distributed Computing Environment (DCE) [3].

  使用DES的开发人员可以通过频繁更改密钥,使用临时的会话密钥或使用三重加密DES来提高安全性。使用三重DES时,每个64位数据块用三种不同的DES密钥加密。最新研究已确认三重DES确实比单重DES更安全。

  Public-key encryption

  The key distribution problem has always been the weak link in the secret-key systems. Since the encryption key and decryption key are the same( or easily derived from one another) and the key has to be distributed to all users of the system, it seemd as if there was an inherent built-in problem: keys had to be protected from theft, but they also had to be distributed, so they could not just be locked up in a bank vault.

  公钥加密

  密钥的分布问题在秘钥系统中一直是一个薄弱环节。因为加密密钥和解密密钥是相同的(或彼此容易推出来)并且这个密钥必须分配给该秘钥系统的所有用户,这好像是存在一个固有的内部问题,必须保护密钥不被偷窃,但又必须分布出去,所以它们不可能只是锁在银行的地下室里。

  Encryption can be used to protect data in transit as well as data in storage. Some vendors provide hardware encryption devices that can be used to encrypt and decrypt data. There are also software encryption packages which are available either commercially or as free software.

  加密可以用来保护传输中的数据和存储器中的数据。一些厂家提供硬件加密设备,用来加密和解密数据。也可买到软件加密程序包或作为自由软件免费获得。

  Encryption can be defined as the process of tasking information that exists in some readable form (plaintext) and converting it into a form (ciphertext) so that it cannot be understood by others.

  加密可以定义为把现有的、以某种可读形式(明文)的信息转换成其他人不能理解的形式(密文)的过程。

  In public key cryptosystem, the encryption and decryption keys were different, and plaintext encrypted with the public key can only be deciphered with the private key from the same pair. Conversely, plaintext encrypted with the private key can be decrypted only with the public key[4] ( it is used in electronic signatures). The notations for these are as follows.

  C=E k (P) , P=D k1(C)=D k1 (E k (P)) or

  C=D k1 (P), P=E k (C)=E k (D k1 (P))

  在公钥秘钥系统中,加密和解密密钥是不同的。并且用公开密钥加密的明文只能用同一对密钥中的秘密密钥解密。相反,用私有密钥加密的明文只能用公开密钥解密(它用于电子签名)。这些关系的表示法如下:(见上式)

  Here k is a public key and k1 is private key( or secret key). Users can make their public keys freely available or place them at a key distribution center for others to access. However, the private key must be kept safe. In public-key systems there is no need to find a safe channel for communicating a shared secret key.

  这里K是公开密钥,K1是私有密钥(或秘密密钥)。用户可以让他们的公开密钥自由地使用,或把它们放在密钥分配中心供其他人存取。然而,私有密钥必须安全的保存。在公开密钥系统,无需找一条传送共享的私有密钥的安全通道。

延伸阅读

文章来源于领测软件测试网 https://www.ltesting.net/

TAG: 数据 现代 密码学


关于领测软件测试网 | 领测软件测试网合作伙伴 | 广告服务 | 投稿指南 | 联系我们 | 网站地图 | 友情链接
版权所有(C) 2003-2010 TestAge(领测软件测试网)|领测国际科技(北京)有限公司|软件测试工程师培训网 All Rights Reserved
北京市海淀区中关村南大街9号北京理工科技大厦1402室 京ICP备2023014753号-2
技术支持和业务联系:info@testage.com.cn 电话:010-51297073

软件测试 | 领测国际ISTQBISTQB官网TMMiTMMi认证国际软件测试工程师认证领测软件测试网