13:41 Rsa sha and aes who is who and why | |
I have noticed that Habre and generally in this same web, Habr containing many confuse these abbreviations and carry all in a heap, therefore, sometimes there are pearls of the discharge type is better - MD5 or RSA »,« encryption using SHA »or program uses powerful encryption algorithms based on 3DES or RSA »(the latest just want to add that" a strong encryption algorithm based on N »can really only make sense if these algorithms are used correctly). In fact, these algorithms can be divided into the following groups: 1. Hash algorithms (digest - algorithms) - are used to calculate a unique message ID of a fixed length, such as: 128-bit (MD5), 160 bits (SHA1, RIPEMD-160, etc) and more. Have the property that the various reports correspond to the (very likely, because after all the space of possible messages is much more fixed 160bit) different hashes, and the generation of messages with a given advance hash (or message on the hash) is very complex in terms of time resources task . You can also hash algorithms used to compare the passwords without storing these in pure form, but also generate keys for symmetric encryption algorithms (see below). By the way, here and gone "encrypt password using MD5» - of course, if instead of the password is stored some misunderstood line, also encoded in base64 or hexadecimal digits, just think about encryption. 2. Symmetric encryption algorithms. Well, here is more or less just - one of the key (just a string of bytes of fixed length), they are encrypted block of data and it is he stands for. Representatives - DES, 3DES, AES, etc ... are used to encrypt large amounts of data. By the way, they are divided into block ciphers and flow. Block - it may only encrypt a block of fixed length (DES/3DES - 8 bytes, AES - 16), and flow - just work with the data byte, and encryption of each byte depends on the previous (eg, RC2, RC4). How to encrypt a file block cipher? Can be encrypted by one every 8 bytes, but it is inefficient, since for example two identical blocks of data, the results will also be the same, and hence the attacker can retrieve additional information. Therefore, use different encryption modes, in which each successive blocks of the file is somehow associated with the previous - for example, xor with the result of encryption. 3. Asymmetric algorithms. RSA, DSA, DH, ECDSA ... here in many books written that they use two keys - one for encryption and another for decryption. With me personally for a long time to introduce a deep stupor. In fact, a key or two, but one consisting of two linked parts, one of which is secret and only if it can be used to decrypt the data. Publication is the public part does not allow to open the secret. These properties are based on complex and unresolved at the moment, mathematical problems - the discrete logarithm problem (for a ^ p mod n, and n having a need to restore p), and the factorization of (a product of two large prime numbers - p and q, we need to him to recover p and q). Not resolved, it is in no sense an algorithm for solving polynomial time, exhaustive search has not been canceled. The main use - encryption (including key exchange), and digital signature. In practical implementations, both are three:), these operations use the algorithms described in paragraphs 1 and 2. To begin with encryption. Here the most used, known and generally used is the first of the RSA. The paragraph below, you can skip if not interested in "how it works," and proceed to the next if you're interested "as used". The algorithm is based on the problem of factoring large numbers. Actually, the key material is secret exponent D (which is calculated using the P and Q), public exponent E, the module N = P * Q, where P and Q are prime numbers (or rather, pseudosimple, since the generation of large prime numbers, too, that another problem ). P and Q are often also part of the secret key, since they allow to speed up calculations. For encryption takes a number (it is also a string of bytes), with smaller N (much less is not recommended because simplifies hacking), raised to the power E modulo N, well, actually everything. To optimize use the standard small value for E, equal to 65,537 (it was smaller), the algorithm of this resistance is not lowered. Further, the encryption result is raised to the level of D, and obtain the same value that we encrypt the inherent properties of D. Here it is worth noting that if we interchange E and D (first use D, and then - E), as well as obtain the original number. That such a scheme, and is used for digital signatures - only the owner of the secret key can be part of it generated, but anyone else can verify (with E). Because of this property generate RSA digital signature in the literature, also known as encryption. How is RSA? It should be noted that since the size of the encrypted block bounded key size (eg, 2048bit that is 256 bytes), and the procedure of the encryption takes much longer than the encryption unit of the same data symmetric algorithm (although it would seem, at times you can encrypt more ) directly for RSA encryption is used. Instead, it generates a random key for a symmetric algorithm, the data is encrypted and transmitted to them. Then, using the public RSA-key recipient data, the symmetric key is encrypted and transmitted to the recipient along with the encrypted data (in this case to the cryptographic operation that the symmetric key is supplemented to the size fit the size of the key). So the way it is possible to encrypt a file for multiple recipients. And thus decrypt the symmetric key and read the message can only owners of the secret keys. This is about encryption. What about digital signatures, so here is the opposite. The owner of the secret key wrote the message, finds the hash of it (because the message itself, generally speaking, much longer than the key) and encrypts (signs) is a hash of the message and letter together with this signature refers to the recipient. The recipient, having a public key, decrypts the "digital signature and compares the extracted hash with the real hash message. Regarding the DSA. DSA is used * only * for the digital signature and is based on the discrete logarithm problem, which allows transfer algorithm to any group, such group of points on elliptic curves (in which we ECDSA:>). It's all more complicated than in RSA, and yes I have already tired of typing, so details will not write, and hardly anyone to finish reading here). The features should be noted that the hash of message is used in the DSA directly, therefore, can be used * only * 160-bit hash (SHA1, as actually described in FIPS-186-2). Accordingly, since the stability of the algorithm depends on all the composite key, it makes no sense to use the DSA-keys larger than 1024 bits. Later, will complement the standard, which allows to use longer hashes (SHA2 - 224, 256, 384, 512 bits) and, accordingly, larger keys, but it is not yet available in all implementations. 4. The use of passwords. And finally on passwords, which can also be used not only for identification / authentication and for encrypting messages. Since the password itself is not suitable as a key to the encryption algorithm (not the same size, use only the symbols significantly reduces the space of possible keys), use the hash of the password. Hash can get what you need - a string of bytes of a given size (or hash can be cut to specified size, or apply a few times to get a longer string). Previously, we used a straight hash of the password, now tend to use a slightly different method - the password add some random bytes, which helps protect you from guessing the password for a hash is computed. In addition, the password is hashed successively several (up to a thousand) times that for a single application with the correct password has virtually no effect on performance, but in proportion to count again increases the brute force. Further, the obtained key can not encrypt the file / message and the key that encrypted the file / message. This technique is used such as PGP, and allows you to encrypt a message to multiple recipients, with different passwords, or even asymmetric keys. That's actually a summary of the main. If anyone interested in any clarification questions - write in comments, I will try to answer. | |
|
Total comments: 0 | |