如果接收到加密数据的人要看原来的数据,就必须把数据转换为原来的形式,这个过程称为解密。解密是加密过程的逆过程。为了进行解密,接收者必须有称为密钥的特殊数据。
The two main competing cryptography schemes are known as the secret-key (symmetric) system and the public-key (asymmetric) system. The secret-key system uses a single, wholly secret sequence both to encrypt and to decrypt messages. The public-key system uses a pair of mathematically related sequences, one each for encryption and decryption [1].
现在有两种主要的、相互竞争的密码术:秘钥(对称)和公钥(不对称)系统。秘钥系统采用单一的绝密序列,对报文进行加密和解密。公钥系统采用一对数学上相关的序列,一个用于加密,另一个用于解密。
Secret-key encryption
One of the most popular secret-key encryption schemes is IBM’s Data Encryption System (DES), which became the U.S. federal standard in 1997. the standard form uses a 56-bit key to encrypt 64-bit data blocks.
The following is a notation for relating plaintext, ciphertext, and keys. We will use C=E k (P) to mean that the encryption of the plaintext P using key k gives the ciphertext C. similarly, P=D k (C) represents of decryption of C to get the plaintext again. It then follows that D k ( E k (P))=P
密钥加密
IBM的数据加密系统(DES)是最流行的密钥加密方案之一。1977年,该方案成为美国联邦标准。该标准形式采用56位的密钥对64位的数据块进行加密。
下面是有关明文、密文和密钥关系的表示法。我们用C=E k (P)表示用密钥K对明文P加密,得到密文C。类似的,P=D k (C)代表对C解密得到明文。因而遵循:D k (E k (P))=P
DES has been studied by many of the world’s leading cryptographers, but no weaknesses have been uncovered. To crack a DES-encrypted message a hacker or commercial spy would need to try 255 possible keys. This type of search would need days of computer time on the world’s fastest supercomputers. Even then, the message may not be cracked if the plaintext is not easily understood [2].
为了打开一个DES加密的报文,黑客或商业间谍需要试验255种可能的密钥,这种搜索在世界上最快的巨型机上也需好几天的计算机时间。如果未加密的“明文”是不易理解的,即使算出报文也可能解不开。
Developers using DES can improve security by changing the keys frequently, using temporary session keys, or using triple-encryption DES. With triple DES, each 64-bit block is encrypted under three different DES keys. Recent research has confirmed that triple-DES is indeed more secure than single-DES. The User Data Masking Encryption Facility is an export-grade algorithm substituted for DES in several IBM products, such as the Distributed Computing Environment (DCE) [3].
使用DES的开发人员可以通过频繁更改密钥,使用临时的会话密钥或使用三重加密DES来提高安全性。使用三重DES时,每个64位数据块用三种不同的DES密钥加密。最新研究已确认三重DES确实比单重DES更安全。
Public-key encryption
The key distribution problem has always been the weak link in the secret-key systems. Since the encryption key and decryption key are the same( or easily derived from one another) and the key has to be distributed to all users of the system, it seemd as if there was an inherent built-in problem: keys had to be protected from theft, but they also had to be distributed, so they could not just be locked up in a bank vault.
公钥加密
密钥的分布问题在秘钥系统中一直是一个薄弱环节。因为加密密钥和解密密钥是相同的(或彼此容易推出来)并且这个密钥必须分配给该秘钥系统的所有用户,这好像是存在一个固有的内部问题,必须保护密钥不被偷窃,但又必须分布出去,所以它们不可能只是锁在银行的地下室里。
文章来源于领测软件测试网 https://www.ltesting.net/