In principle, it can be divided into two types: block cipher and sequence cipher. The former divides the plaintext into fixed length data blocks as the basic encryption unit. The most widely used block symmetric encryption representative algorithms include DES, 3DES, AES, idea and so on. The latter only encrypts one byte or character at a time and the password is constantly changing and only used in some specific fields such as encryption of digital media. Also known as stream cipher. In 1949, Claude Elwood Shannon, the founder of information theory, proved for the first time that perfect security can be achieved through symmetric encryption of "one-time password book".
That is, both communication parties use a random key string of the same length as the plaintext to encrypt the plaintext each time. The sequence cipher uses a similar idea to generate a pseudo-random key string through a pseudo-random number generator each time. Representative algorithms include RC4, etc. Multiple signature means that the signatures of at least m NM1 collected from n signers are considered legal. Where n is the number of public keys provided and M is the minimum number of signatures required to match the public keys. Multisignature can be effectively applied in the scenario where multiple people vote and make decisions together. For example, the third party that the two parties negotiate is the reviewer. If any two of the three parties reach an agreement, the negotiation can be completed.
In bitcoin transactions, multiple signatures are supported to realize bitcoin transactions in which multiple people jointly manage a certain account. For example, a user is online C; And pay through bitcoin, then the merchant actually establishes a line to the user; Bitcoin address line; relation. To avoid the disclosure of personal privacy information, users must carefully manage and isolate their bitcoin account addresses. From this point of view, bitcoin cannot meet the conditions of untraceable and unconnected transactions. The ring signatures technology based on group signatures provides a feasible anonymity solution.
Ring signature has many uses in protecting anonymity. For asymmetric encryption algorithm and digital signature, the distribution of public key is very important. In theory, anyone can publicly obtain the public key of the other party. However, is it possible that the public key is forged? Is it possible that it is tampered with during the transmission? Once the public key itself has problems, the security of the entire security system established on it will no longer exist. The digital certificate mechanism is just to solve this problem. It can prove the validity of the recorded information just like a certificate in daily life. Such as proving that a public key belongs to an entity, such as an organization or an individual, and ensuring that once the content is tampered with, it can be detected to realize the safe distribution of the user's public key.
According to the purpose of the protected public key, it can be divided into encryption digital certificate and signature verification digital certificate. The former is often used to protect the public key used for encrypting information, while the latter is used to protect the public key used for decryption signature and authentication. The two types of public keys can also be placed in the same certificate. In fact, if you want to know whether the CA's public key is legal, on the one hand, you can use the certificate issued by the higher-level CA to authenticate; on the other hand, some root carootca can realize the trust foundation by pre distributing the certificate.
For example, mainstream operating systems and browsers often preset some authoritative CA certificates in advance and recognize them as legal certificates through their own private key signature system. After that, all caintermediatecas and subsequent CAS that have been authenticated based on these CAS will be verified as legal. Thus, a complete certificate trust chain is formed from the pre trusted root certificate to the lowest entity certificate through the intermediate certificate. In asymmetric encryption, the public key can be protected by the certificate mechanism, but the generation, distribution, revocation and other processes of the certificate are not in the X 509 specification. In fact, the secure management and distribution of certificates can follow the PKI public key infrastructure system.
The core of PKI system is to solve the authentication and management problems related to the certificate life cycle, which is very basic and important in the field of modern cryptography applications. It should be noted that PKI is a general framework for secure and reliable message transmission and identity verification based on public and private keys, and does not represent a specific cryptography technology and process. The platform that implements PKI specification can safely and reliably manage the keys and certificates of users in the network. At present, there are many well-known implementations and specifications, such as pkcspublickeycryptography standards of RSA company and X.509 related specifications.
The user applies for a certificate through RA registration, provides identity and authentication information, and completes the manufacturing of the certificate and issues it to the user after Ca review. If the user needs to revoke the certificate, he needs to apply to the CA again. A CA issuing a certificate to a user is actually signing a user's public key with the CA's private key. In this way, anyone can use the CA's public key to verify the validity of the certificate. If the verification is successful, the user public key provided in the certificate is recognized to realize the safe distribution of the user public key. User certificates can be issued in two ways. Generally, the CA can directly generate the public key and the corresponding private key contained in the certificate and send them to the user, or the user can generate the public key and the private key and then the CA can sign the public key content.
In the latter case, the user will generally generate a private key and certificate application file (certificatesigningrequest, i.e. CSR file) by himself, which includes the public key corresponding to the user and some basic information such as common name (i.e. CN), organization information, geographical location, etc. CA only needs to sign the certificate request file to generate the certificate file and issue it to the user. During the whole process, the user can keep the privacy of the private key information from being known by other parties, including the CA party. The process of generating the certificate application file is not complicated. Users can easily use the open source software OpenSSL to generate the CSR file and the corresponding private key file.
For example, after installing OpenSSL, you can execute the following command to generate the private key and the corresponding certificate request file: $opensslreq-new-keyoutprivate.key-outfor_ request. Csrgeneratinga1024bitrsaprivatekey needs to note that if the private key file is lost when the user generates the private key by himself, the CA party cannot recover the private key information because it does not hold the private key, which means that the content encrypted by the public key in the certificate cannot be decrypted. Currently, the popular hash functions mainly include 128 bit MD4 and MD5 and 160 bit SHA-1. The SHA-2 family introduced today has more output hash values, which is more difficult to crack and can improve higher security.
Sha-224, SHA-256, sha-384 and sha-512 are collectively referred to as SHA-2. The new hash function has not been tested in detail by the public password community like SHA-1, so their password security has not been widely trusted. Although there is no effective attack on SHA-2, its algorithm is basically similar to SHA-1, so some people begin to develop other alternative hash algorithms. Hash function is also called hash function, hash function and hash function. It is a one-way cryptosystem, that is, an irreversible mapping from plaintext to ciphertext, with only the encryption process and no decryption process.
It is a unidirectional and irreversible encryption algorithm It generates a fixed length output for an input message of any length. This fixed length output is called the hash value of the original message or the message digest It is mainly used to verify the integrity of data during network transmission. Conflict avoidance is sometimes called "anti-collision", which is divided into "weak anti-collision" and "strong anti-collision". If other plaintext that collides with the given plaintext cannot be found, the algorithm has "weak anti-collision property"; if any two plaintext that collide with hash cannot be found, the algorithm is said to have "strong anti-collision property".
Any change in the original input information and the newly generated hash value should be very different. Digital digest refers to the hash operation of digital content to obtain a unique digest value to refer to the original and complete digital content. Digital digest is one of the most important uses of hash algorithm. Using the anti-collision feature of hash function, digital digest can solve the problem of ensuring that the content has not been tampered with. Symmetric encryption algorithm has high speed and low security. At present, it is recommended to use symmetric encryption algorithm to improve the encryption and decryption speed for a large number of data encryption. Asymmetric encryption algorithm has slow speed and high security. Asymmetric encryption algorithm can be used for a small amount of confidential data.
Hash hash algorithm is mainly used to verify and prevent information from being modified Specific uses include: file verification, digital signature, authentication protocol. The common way in practical work is to use asymmetric encryption algorithm to manage the key of symmetric algorithm and then use symmetric encryption algorithm to encrypt data. Thus, we integrate the advantages of two types of encryption algorithms, which not only realize the advantages of fast encryption speed but also realize the advantages of safe and convenient key management. SM1 is symmetric encryption. Its encryption strength is equivalent to AES. The algorithm does not disclose that the algorithm needs to be called through the interface of the encryption chip. SM2 is based on ECC for asymmetric encryption. The algorithm has been disclosed. Because the algorithm is based on ECC, its signature speed and secret key generation speed are faster than RSA.
Ecc256 bit SM2 adopts a kind of security strength of ecc256 bit, which is higher than rsa2048 bit but faster than RSA. SM3 message summary. MD5 can be used as a comparative understanding. The algorithm has been disclosed. The verification result is 256 bits. SM4 wireless LAN standard packet data algorithm. The symmetric encryption key length and the packet length are both 128 bits. The SM1 algorithm is a block cipher algorithm with a packet length of 128 bits and a key length of 128 bits. The security strength and related software and hardware implementation performance of the algorithm are equivalent to those of AES. The algorithm is not disclosed and only exists in the chip in the form of an IP core.
Using this algorithm, a series of chips, smart IC cards, smart password keys, encryption cards, encryption machines and other security products have been developed, which are widely used in various application fields of e-government, e-commerce and national economy, including important fields such as national government affairs pass and police pass. Asm2 elliptic curve algorithm is ECC elliptic curve C; However, it is different from ECDSA, ecdh and other international standards in terms of signature and key exchange and adopts a more secure mechanism. In addition, SM2 recommends a 256 bit curve standard, which includes four parts: general digital signature algorithm, key exchange protocol, public key encryption algorithm. The appendix of each part details the implementation details and examples.
SM2 algorithm mainly considers elliptic curve C on prime field FP and F2m; The representation and operation of these two kinds of fields and the elliptic curve C on the fields are introduced respectively; Operation and multiple point calculation algorithm. Then it introduces the data conversion rules in programming language, including integer and byte string, byte string and bit string field element, bit string field element, integer point and byte string. SM3 cryptographic hash and hash algorithm gives the calculation method and calculation steps of hash function algorithm and gives an operation example. This algorithm is suitable for the generation and verification of digital signature and verification message authentication code and the generation of random number in commercial cryptographic applications, and can meet the security requirements of many cryptographic applications.
Used in sm2sm9 standard. This algorithm generates a hash value with a length of 256 bits by padding and iterative compression for a bit message with an input length of less than 2 to the power of 64. The XOR modulo plus shift and nor operation is composed of the message expansion and compression function of the padding iteration process. See SM3 standard for specific algorithms and operation examples. This algorithm is a grouping algorithm for wireless LAN products. The packet length of the algorithm is 128 bits and the key length is 128 bits. Both the encryption algorithm and the key extension algorithm adopt 32 rounds of nonlinear iterative structure. The decryption algorithm has the same structure as the encryption algorithm except that the round key is used in the reverse order of the encryption round key.
This algorithm uses non-linear C; Each iteration is given by a wheel function, wherein the wheel function is composed of a nonlinear transformation and a linear transformation, and the nonlinear transformation is given by the S-box. Where RKI is the round function composed of the round key synthesis permutation t. The generation of the round key is similar to the flow in the above figure, and the line C in the round function is generated by using the encryption key as an input; There are also some differences in parameters. See SM4 standard for specific description and examples of SM4 algorithm. The SM7 algorithm is a block cipher algorithm with a packet length of 128 bits and a key length of 128 bits. SM7 is applicable to non-contact IC card applications, including identity identification applications (access control cards, work cards, entry cards), ticketing applications (large-scale event tickets, exhibition tickets), payment and pass card applications, credit consumption cards, campus one card, enterprise one card, etc.
In order to reduce the complexity of key and certificate management in public key system, adishamir, an Israeli scientist and one of the inventors of RSA algorithm, proposed the concept of identity based cryptography in 1984. The identification password takes the user's identification such as email address, mobile phone number, QQ number, etc. as the public key, omitting the process of exchanging digital certificates and public keys, making the security system easy to deploy and manage. It is very suitable for end-to-end offline secure communication, cloud data encryption, attribute based encryption, and policy based encryption. In 2008, the identification cipher algorithm was officially awarded the commercial cipher algorithm model SM9 (commercial cipher No. 9 algorithm) issued by the State Password Administration, which laid a solid foundation for the application of identification cipher technology in China.
The SM9 algorithm does not need to apply for a digital certificate and is applicable to the security of various emerging applications of Internet applications. Such as password service based on cloud technology, e-mail security, intelligent terminal protection, Internet of things security, cloud storage security, etc. These security applications can use mobile phone numbers or e-mail addresses as public keys to realize data encryption, identity authentication, call encryption, channel encryption and other security applications. They are easy to use and easy to deploy, thus opening the door to popularize cryptographic algorithms. Zuchongzhi sequence cipher algorithm is a stream cipher algorithm independently researched by China and an international standard cipher algorithm used in mobile communication 4G network. The algorithm includes Zuchongzhi algorithm (zuc), encryption algorithm (128-eea3) and integrity algorithm (128-eia3).
At present, there are hardware implementations and optimizations of zuc algorithm specifically for 128-eea3 and 128-eia3. As a national strategic resource, cryptographic algorithms are more critical than ever in history. In the era of big data and cloud computing, key information is often obtained from massive data through data mining technology, so everyone's information protection is very important. 1. Homomorphic encryption is defined as a special encryption method that allows processing of ciphertext to get the result that is still encrypted. That is, the result obtained by directly processing the ciphertext is the same as that obtained by encrypting the processing result after processing the plaintext.
From the point of view of abstract algebra, homomorphism is maintained. On the other hand, homomorphic encryption of blockchain technology is also a good complement. use