52ky 发表于 2022-4-28 08:45:30

固若金汤的根本(上):对称加密与非对称加密.pdf

上一讲我们了解了HTTPS,我们知道HTTPS的安全是由TLS来保证的。
您一定想知道它如何为 HTTP 添加机密性、完整性、身份验证和不可否认性?
让我们先谈谈保密性。它是信息安全的基础,没有保密性,TLS将成为“无水之源”、“无根之树”。
实现机密性的最常用方法是“加密”,即将消息转换成某种方式无法理解的乱码。只有拥有特殊“钥匙”的人才能转换原文。
这里的“密钥”称为“密钥”,加密前的消息称为“纯文本”(plain text/clear text),加密后的乱码称为“密文”,密钥用于恢复明文加密和解密的过程称为“解密”,是加密的逆运算。加解密的运算过程就是“加密算法”。
所有加密算法都是公开的,任何人都可以分析研究,算法使用的“密钥”必须保密。那么,这把钥匙“钥匙”是什么?
由于HTTPS和TLS都运行在电脑上,所以“key”是一长串数字,但常规的计量单位是“bit”(位),而不是“byte”(字节)。例如,密钥长度为 128 的密钥长度为 16 字节的二进制字符串,密钥长度为 1024 的密钥长度为 128 字节的二进制字符串。
根据密钥的使用方式,加密可以分为两大类:对称加密和非对称加密。

(Last time we learned about HTTPS, we know that the security of HTTPS is guaranteed by TLS.You must wonder how it adds confidentiality, integrity, authentication, and non repudiation to HTTP?Let's talk about confidentiality first. It is the foundation of information security. Without confidentiality, TLS will become "a source without water" and "a tree without roots".The most common way to achieve confidentiality is "encryption", that is, the message is transformed into garbled code that cannot be understood in some way. Only a special person can have the key.Here, the "key" is called "key", the message before encryption is called "plain text / clear text", the scrambled code after encryption is called "ciphertext", and the process used by the key to recover plaintext encryption and decryption is called "decryption", which is the inverse operation of encryption. The operation process of encryption and decryption is "encryption algorithm".All encryption algorithms are public, anyone can analyze and study, and the "key" used by the algorithm must be kept confidential. So, what is the key?Since both HTTPS and TLS run on computers, "key" is a long string of numbers, but the conventional unit of measurement is "bit" rather than "byte". For example, a key with a key length of 128 is a binary string with a key length of 16 bytes, and a key with a key length of 1024 is a binary string with a key length of 128 bytes.According to the use of key, encryption can be divided into two categories: symmetric encryption and asymmetric encryption.)




页: [1]
查看完整版本: 固若金汤的根本(上):对称加密与非对称加密.pdf