- 浏览: 1504866 次
- 性别:
- 来自: 厦门
文章分类
- 全部博客 (516)
- Java (49)
- Java/Struts 2.0 (25)
- Java/Spring、Spring MVC (11)
- Java/Quartz (3)
- Java/Lucene (6)
- Java/Hibernate (19)
- Java/openJPA (7)
- Java/DWR (7)
- Java/Security、Spring Security/OAuth2 (6)
- Java/Threading (9)
- Java/XML (22)
- java/design pattern (4)
- Android (2)
- JavaScript (46)
- jquery (3)
- DB/MySQL (23)
- DB/Oracle (16)
- PHP (25)
- CSS (20)
- Linux (38)
- C/C++、DLL、Makefile、VC++ (31)
- 正则 (9)
- Eclipse (4)
- 安全、网络等概念 (25)
- 集群 (7)
- 网页 (5)
- 视频\音频 (1)
- HTML (6)
- 计算机数学/算法 (3)
- Virtualbox (1)
- LDAP (2)
- 数据挖掘 (6)
- 工具破解 (1)
- 其他 (13)
- Mail (1)
- 药材 (3)
- 游戏 (2)
- hadoop (13)
- 压力测试 (3)
- 设计模式 (3)
- java/Swing (2)
- 缓存/Memcache (0)
- 缓存/Redis (1)
- OSGI (2)
- OSGI/Gemini (0)
- 文档写作 (0)
- java/Servlet (3)
- MQ/RabbitMQ (2)
- MQ/RocketMQ (0)
- MQ/Kafka (1)
- maven (0)
- SYS/linux (1)
- cache/redis (1)
- DB/Mongodb (2)
- nginx (1)
- postman (1)
- 操作系统/ubuntu (1)
- golang (1)
- dubbo (1)
- 技术管理岗位 (0)
- mybatis-plus (0)
最新评论
-
pgx89112:
大神,请赐我一份这个示例的项目代码吧,万分感谢,1530259 ...
spring的rabbitmq配置 -
string2020:
不使用增强器 怎么弄?
OpenJPA的增强器 -
孟江波:
学习了,楼主,能否提供一份源代码啊,学习一下,十分感谢!!!4 ...
spring的rabbitmq配置 -
eachgray:
...
spring-data-redis配置事务 -
qljoeli:
学习了,楼主,能否提供一份源代码啊,学习一下,十分感谢!!!1 ...
spring的rabbitmq配置
译者按:
加密和解密使用同一个密钥的算法,称为对称加密算法;加密和解密使用的是不同的密钥,称为非对称加密算法,公钥系统即属于非对称加密算法。对于对称加密而言,需要着重保护的是对称密钥,对于公钥算法而言,需要着重保护的是私钥。
公钥加密算法,以及衍生出的数字签名、数字证书技术,不仅广泛应用于
Internet
通讯中,例如
HTTPS
协议中的
SSL/TLS
,在单机系统中也越来越受到重视,例如
Windows XP
的设备驱动程序、
.NET
的
GAC assembly
都要求数字签名。微软从
Windows98/NT4
起即提供了
Cryptograph API
,支持
DES
,
RC2
,
RC4
,
IDEA
等对称加密算法和
RSA
公钥系统等非对称密算法,以及
MD5
,
SHA
,
MAC
等摘要(
Digest
,也称为
Hash
,散列)算法。
本文译自:
http://developer.netscape.com/tech/security/ssl/howitworks.html
这是一篇生动浅显的文章,对了解公钥系统的工作原理很有帮助, CSDN 上已有一篇译文:
http://www.csdn.net/Develop/article/27/27524.shtm
但本人认为上文的关键地方不够准确,欠通顺。本译文在上篇译文的基础上,关键的术语采用了通用译法,少数地方采用了意译,而且附有英文原文,有翻译不当的地方大家可以对照原文。
希望能对公钥系统有兴趣的朋友们有所帮助。
BTW :上面提到的所有对称加密和非对称加密,它们的加解密算法都是公开的,只要不知道密钥,算法的设计者有信心使加密结果不会被轻易破解,这点与 WAPI 截然不同:) 。
以下是中英文对照的译文:
Public key
encryption is a technique that uses a pair of asymmetric keys for encryption
and decryption. Each pair of keys consists of a public key and a private key.
The public key is made public by distributing it widely. The private key is
never distributed; it is always kept secret.
公钥加密是使用一对非对称的密钥加密或解密的技术。每一对密钥由公钥和私钥组成。公钥被广泛发布。私钥是隐密的,不公开。
Data that is
encrypted with the public key can be decrypted only with the private key.
Conversely, data encrypted with the private key can be decrypted only with the
public key. This asymmetry is the property that makes public key cryptography
so useful.
用公钥加密的数据只能够被私钥解密。反过来,使用私钥加密的数据只能用公钥解密。这个非对称的特性使得公钥加密很有用。
USING PUBLIC KEY
CRYPTOGRAPHY FOR AUTHENTICATION
使用公钥加密法认证
Authentication is
the process of verifying identity so that one entity can be sure that another
entity is who it claims to be. In the following example involving Alice and
Bob, public key cryptography is easily used to verify identity. The notation
{something}key means that something has been encrypted or decrypted using key.
验证是一个核实身份的过程,以便一方能确认另一方的确是其所声称的那个身份。在下列例子中包括甲和乙,公钥加密会轻松地校验身份。符号
{
数据
} key
意味着
"
数据
"
已经使用
key
加密或解密。
Suppose Alice wants to authenticate Bob. Bob has a pair of keys, one public and one private. Bob discloses to Alice his public key (the way he does this is discussed later). Alice then generates a random message and sends it to Bob:
A->B random-message
Bob uses his private key to encrypt the message and returns the encrypted version to Alice:
B->A {random-message}bobs-private-key
Alice receives this
message and decrypts it by using Bob's previously published public key. She
compares the decrypted message with the one she originally sent to Bob; if they
match, she knows she's talking to Bob. An imposter presumably wouldn't know
Bob's private key and would therefore be unable to properly encrypt the random
message for Alice to check.
假如甲想校验乙的身份。乙有一对密钥,一个是公开的,另一个是私有的。乙透露给甲他的公钥。甲产生一个随机信息发送给乙。
甲 —— 〉乙: random message
乙使用他的私钥加密信息,把加密后的信息返回甲。
乙 —— 〉甲: {random-message} 乙的私钥
甲收到这个信息然后使用乙的前面公开的公钥解密。他比较解密后的信息与他原先发给乙的信息。如果它们完全一致,就会知道在与乙说话。任意一个中间人不会知道乙的私钥,也不能正确加密甲检查的随机信息。
BUT WAIT, THERE'S
MORE
等一下,事情还没有完
Unless you know
exactly what you are encrypting, it is never a good idea to encrypt something
with your private key and then send it to somebody else. This is because the
encrypted value can be used against you (remember, only you could have done the
encryption because only you have the private key).
用私钥加密某些信息,然后发送给其他人不是一个好主意,除非你清楚知道这个信息的含义。因为加密后的信息可能被用来对付你(记住,别人知道该信息是你加密的,因为只有你有加密用的私钥)。
So, instead of encrypting the original message sent by Alice, Bob constructs a message digest and encrypts that. A message digest is derived from the random message in a way that has the following useful properties:
The digest is
difficult to reverse. Someone trying to impersonate Bob couldn't get the
original message back from the digest.
An impersonator would have a hard time finding a different message that
computed to the same digest value.
所以,取代直接加密甲发来的原始信息,乙创建一个信息摘要并且加密该摘要。信息摘要由任意信息运算而来,并具有以下有用的特性:
1. 从这个摘要值难以还原出原始信息。任何人即使伪装成乙,也不能从摘要值得到原始信息;
2. 不同的信息很难计算出相同的摘要值;
By using a digest,
Bob can protect himself. He computes the digest of the random message sent by
Alice and then encrypts the result. He sends the encrypted digest back to
Alice. Alice can compute the same digest and authenticate Bob by decrypting
Bob's message and comparing values.
使用摘要,乙能够保护自己。他计算甲发出的任意信息的摘要,加密摘要值,然后发送加密的摘要值给甲。甲能够计算出相同的摘要值并且解密乙的信息,最终认证乙。
(译者注:摘要(
Digest
)算法又称为散列
(Hash)
算法)
GETTING CLOSER
进一步的讨论
The technique just described is known as a digital signature. Bob has signed a message generated by Alice, and in doing so he has taken a step that is just about as dangerous as encrypting a random value originated by Alice. Consequently, our authentication protocol needs one more twist: some (or all) of the data needs to be originated by Bob.
A->B hello,
are you bob?
B->A Alice, This Is bob { digest[Alice, This Is Bob] }
bobs-private-key
When he uses this protocol, Bob knows what message he is sending to Alice, and he doesn't mind signing it. He sends the unencrypted version of the message first, "Alice, This Is Bob." Then he sends the digested-encrypted version second. Alice can easily verify that Bob is Bob, and Bob hasn't signed anything he doesn't want to.
刚刚讨论的技术称为数字签名。乙直接在甲产生的信息上签名,这样做和加密甲产生的任意信息是同样危险的。因此我们的验证协议还需要加一些技巧:某些或全部信息需要由乙产生:
甲
——
〉乙:你好,你是乙么
?
乙
——
〉甲:甲,我是乙
{
摘要
[
甲,我是乙
] }
乙的私钥
使用这个协议,乙知道他发送给甲的信息的内容,他不介意在上面签名。他先发送不加密的信息, " 甲,我是乙 " ,然后发送该信息的加密后的摘要。甲可以非常方便地核实乙就是乙,同时,乙还没有在他不想签名的信息上签名。
HANDING OUT PUBLIC
KEYS
分发公钥
How does Bob hand out his public key in a trustworthy way? Let's say the authentication protocol looks like this:
A->B
hello
B->A Hi, I'm Bob, bobs-public-key
A->B prove it
B->A Alice, This Is bob { digest[Alice, This Is Bob] }
bobs-private-key
那么,乙怎样以可信的方式提交他的公钥呢?看看如下所示的验证协议:
甲
——
〉乙:你好
乙
——
〉甲:嗨,我是乙,乙的公钥
甲
——
〉乙:请证明
乙
——
〉甲:甲,我是乙
{
摘要
[
甲,我是乙
] }
乙的私钥
With this protocol,
anybody can be Bob. All you need is a public and private key. You lie to Alice
and say you are Bob, and then you provide your public key instead of Bob's.
Then you prove it by encrypting something with the private key you have, and
Alice can't tell you're not Bob.
使用这个协议,任何人都能够成为
"
乙
"
。只要你有一对公钥和私钥。你欺骗甲说你就是乙,只要提供你的公钥,而不是乙的公钥。然后,你发送用你的私钥加密的信息,证明你的身份。甲并不能发觉你并不是乙。
To solve this problem, the standards community has invented an object called a certificate. A certificate has the following content:
The certificate
issuer's name
The entity for whom the certificate is being issued (aka the subject)
The public key of the subject
Some time stamps
The certificate is signed using the certificate issuer's private key. Everybody knows the certificate issuer's public key (that is, the certificate issuer has a certificate, and so on...). Certificates are a standard way of binding a public key to a name.
为了解决这个问题,标准化组织发明了证书。一个证书有以下的内容:
证书发行者的名称
被发给证书的实体(也称为主题)
主题的公钥
一些时间戳
证书使用发行者的私钥加密。每一个人都知道证书发行者的公钥(就是说,每个证书的发行者也拥有一个证书,以此类推)。证书是一个把公钥与一个名称绑定的标准方式。
By using this certificate technology, everybody can examine Bob's certificate to see whether it's been forged. Assuming that Bob keeps tight control of his private key and that it really is Bob who gets the certificate, then all is well. Here is the amended protocol:
A->B
hello
B->A Hi, I'm Bob, bobs-certificate
A->B prove it
B->A Alice, This Is bob { digest[Alice, This Is Bob] } bobs-private-key
Now when Alice receives Bob's first message, she can examine the certificate, check the signature (as above, using a digest and public key decryption), and then check the subject (that is, Bob's name) and see that it is indeed Bob. She can then trust that the public key is Bob's public key and request Bob to prove his identity. Bob goes through the same process as before, making a message digest of his design and then responding to Alice with a signed version of it. Alice can verify Bob's message digest by using the public key taken from the certificate and checking the result.
通过使用证书技术,每个人都可以检查乙的证书,判断其是否被伪造。假设乙控制好他的私钥,并且他确实是得到证书的乙,就万事大吉了。下面是修订后的协议:
甲
——
〉乙:你好
乙
——
〉甲:嗨,我是乙,乙的证书
甲
——
〉乙:请证明
乙
——
〉甲:甲,我是乙
{
摘要
[
甲,
我是乙
] }
乙的私钥
现在当甲收到乙的第一个信息,他能检查证书,核查证书上的签名(如上所述,使用摘要和公钥解密),检查证书中的主题(这里是乙的姓名),确定是乙。他就能相信公钥就是乙的公钥,然后要求乙证明自己的身份。乙通过前面描述过的过程,制作一个信息摘要,用一个签名版本答复甲。甲可以通过使用从证书上得到的公钥检验乙的信息摘要,并对比结果。
A bad guy - let's call him Mallet - can do the following:
A->M hello
M->A Hi, I'm Bob, bobs-certificate
A->M prove it
M->A ????
But Mallet can't satisfy Alice in the final message. Mallet doesn't have Bob's private key, so he can't construct a message that Alice will believe came from Bob.
假设有一个坏小子,我们称他为 H ,他可以这么做:
甲
——
〉
H
:你好
H——
〉甲:你好,我是乙,乙的证书
甲
——
〉
H
:请证明
H——
〉甲:???
H 不能满足甲的最后一个信息,他没有乙的私钥,因此他不能建立一个令甲相信是来自乙的信息。
EXCHANGING A SECRET
交换密钥(
secret
)
Once Alice has authenticated Bob, she can do another thing - she can send Bob a message that only Bob can decode:
A->B {secret}bobs-public-key
The only way to find the secret is by decrypting the above message with Bob's
private key. Exchanging a secret is another powerful way of using public key
cryptography. Even if the communication between Alice and Bob is being
observed, nobody but Bob can get the secret.
一旦甲已经验证乙后,他就可以做另外的事情了 -- 发送给乙一个只有乙可以解密、阅读的(另一个)密钥:
甲 —— 〉乙: { secret } 乙的公钥
只有使用乙的私钥才能解密上述信息,得到 secret (另一个密钥)。交换(额外的)密钥是公钥密码术提供的另一个强有力的手段。即使在甲和乙之间的通讯被侦听,只有乙才能得到密钥。
This technique strengthens Internet security by using the secret as another key, but this time it's a key to a symmetric cryptographic algorithm (such as DES, RC4, or IDEA). Alice knows the secret because she generated it before sending it to Bob. Bob knows the secret because Bob has the private key and can decrypt Alice's message. Because they both know the secret, they can both initialize a symmetric cipher algorithm and then start sending messages encrypted with it. Here is a revised protocol:
A->B hello
B->A Hi, I'm Bob, bobs-certificate
A->B prove it
B->A Alice, This Is bob { digest[Alice, This Is Bob] }
bobs-private-key
A->B ok bob, here is a secret {secret} bobs-public-key
B->A some message}secret-key
How secret-key is computed is up to the protocol being defined, but it could
simply be a copy of secret.
使用 secret 作为另一个密钥增强了网络的安全性,但是现在这个密钥将用于对称加密算法的(例如 DES 、 RC4 、 IDEA )。(译者注:公钥算法在加密大信息量时开销比较大,所以在加密大信息量时一般采用对称加密算法,常规通讯使用公钥系统是不堪重负的。所以本文在身份验证后要利用公钥系统的可靠性交换一个对称加密的密钥,以后的通讯就采用对称加密算法进行保护。)因为是甲在发送给乙之前产生的密钥,所以甲知道这个密钥。乙也知道密钥,因为乙有私钥,能够解密甲的信息。由于他们都知道密钥,他们就都能够初始化一个对称加密算法,从开始发送(用对称加密算法)加密后的信息。下面是修定后的协议:
甲
——
〉乙:你好
乙
——
〉甲:嗨,我是乙,乙的证书
甲
——
〉乙:请证明
乙
——
〉甲:甲,我是乙
{
摘要
[
甲,我是乙
] }
乙的私钥
甲
——
〉乙:你好乙,这里是密钥
发表评论
-
客户端用https连接服务器的一点心得
2016-05-11 17:13 490转自:http://dannyyuan.blog.51ct ... -
解决PKIX:unable to find valid certification path to requested target 的问题
2016-05-11 17:11 883转自:http://blog.csdn.net/ ... -
cookie的secure、httponly属性设置
2014-03-04 16:19 17072转载自:http://www.cnblogs ... -
框架注入漏洞
2014-02-27 16:21 72432 详细描述 攻击者有可能注入含有恶 ... -
链接注入漏洞
2014-02-27 16:20 18644详细描述 “链接注入”是修改站点内容的行为,其方式为将外 ... -
XSS跨站脚本攻击在Java开发中防范的方法
2014-02-27 16:14 4149详细描述 跨站脚本攻击(也称为XSS)指利用网站漏洞从用 ... -
XSS跨站脚本攻击在Java开发中防范的方法
2014-02-27 09:48 7705转自:http://hi.baidu.com/hkr_tam ... -
HTTP 1.1状态代码及其含义
2011-10-20 10:16 1442下表显示了常见 ... -
使用X.509数字证书加密解密实务(三)-- 使用RSA证书结合对称加密技术加密长数据
2010-03-03 17:00 2221上一章节讨论了如何 ... -
使用X.509数字证书加密解密实务(二)-- 使用RSA证书加密敏感数据
2010-03-03 16:52 2802源自:http://www.cnblogs.com/chnk ... -
使用X.509数字证书加密解密实务(一)-- 证书的获得和管理
2010-03-03 16:40 3250源自:http://www.cnblogs.com/chnki ... -
X.509 数字证书结构和实例
2010-03-03 16:36 2929源自:http://www.cnblogs.com/chnki ... -
CA基本常识:X.509标准
2010-03-03 16:21 4641原文连接: http://www.cnblogs.com ... -
安全认证相关文档
2010-03-02 15:59 1054PKCS#11 中文手册 -
openssl使用手册
2009-08-04 10:28 7353OpenSSL有两种运行模式 ... -
JA-SIG(CAS)学习笔记1
2009-07-15 01:16 1323实验步骤: STEP 1,搭 ... -
详解公钥、私钥、数字证书的概念
2009-02-05 15:59 3402http://pepa.iteye.com/blog/2509 ... -
CA系统、证书常识
2009-02-05 15:58 14591.什么是CA CA是Certi ... -
密钥库文件格式(Keystore)和证书文件格式(Certificate)
2009-02-05 15:56 3156密钥库文件格式【Keystore】 格式 : ... -
java 项目的安全学习地址
2009-02-01 16:07 1452java 项目的安全学习地址: http://www.ja-s ...
相关推荐
1、很多刚接触加解密的同学会对单钥、双钥加密、公钥、私钥、数字证书、数字签名的概念感到头疼,这篇文章就是给你治病的。 2、童叟无欺,保证你看了过后会很满意。
公钥私钥数字签名数字证书详解
创建数字证书,更新数字证书,RSA私钥签名,公钥解密,验证数字签名,合并图章到另找一张图片
(2)发送方用自己的私钥加密生成的信息生成发送方的数字签名,发送方把这个数字签名作为发送信息的附件和明文信息,一同用接收方的公钥进行加密,将加密后的密文一同发送给接收方; (3)接收方首先把接收到的密文...
公钥加密,数字签名,公钥认证,认证授权,基于 PKI 授权.zip
详细介绍了区块链使用的不对称加密在数字证书数字签名的应用
由于证书将公钥与特定的个人匹配,并且该证书的真实性由颁发机构保证(就是说可以让大家相信你的证书是真的),因此,数字证书为如何找到用户的公钥并知道它是否有效这一问题提供了解决方案。
让你更好地了解公钥密码中数字签名的用处,原理
数字证书原理,公钥私钥加密原理基础概念和原理,数字证书的管理与使用
GB∕T 20518-2018 信息安全技术 公钥基础设施 数字证书格式.pdf
DSA签名程序和DSA验证程序。 签名程序流程: a. 读入字符串(从屏幕或文本文件中),字符串内容应包含自己的学号或姓名; b. 计算该字符串的SHA-1值; c. 生成DSA密钥对(利用dsa_make_key); d. 利用dsa_export...
使用Elgamal公钥密码系统实现数字签名的程序,程序很小巧。可以自动生成大素数,经测试无误。
国密算法sm实现 sm2数字签名 密钥交换,sm3,sm4,已实现、求sm2第四部分公钥加密c实现源码。。。江湖救急。。。
超经典、完整、规范的RSA公钥加密认证签名C语言算法
?理解公钥密码及数字签名相关的基本概念 ?理解并能够编写RSA或DSA数字签名算法 ?熟练应用C++编程实现数字签名体制
若要使用公钥系统对消息进行数字签名,发送方先向该消息应用哈希函数以创建消息摘要。然后,发送方用自己的私钥对消息摘要进行加密,以创建发送方的个人签名。在收到消息和签名后,接收方使用发送方的公钥解密该签名...
生成rsa秘钥对,生成私钥和公钥,用来加解密数据或数字签名
rsa&md5 公钥和私钥就是从两个文件PublicKey.xml、PrivateKey.xml中读取出来,相当于是现实中的指定公钥和私钥;再验证时我为了方便直接验证的A计算出的HASH码,现实中应该是由B重新计算出文件M的HASH码
RSA算法,实现加密、解密文字,随机生成公钥和私钥~
该文档是描述CPK组合公钥算法原理的文档,主要讲解其数学原理及流程。