cryptography
cryptography
It’s the science and technology of encrypting information and cracking passwords.cryptography
It dates back more than 2,000 years to Julius Caesar, who sent messages in cipher to prevent the enemy from intercepting them. What Caesar did was simply to create a list of the two dozen or so Roman letters. In this way, if you do not know the password book, even intercepted a piece of information is not understood. From the time of Julius Caesar until the 1970s, cryptography developed very slowly because its designers were largely experiential. It doesn’t apply mathematical principles.
The history of cryptography
- Before 1976, all encryption methods were of the same pattern:
encryption
,decryption
It’s the same algorithm. When exchanging data, the communicating parties must tell each other the rules, otherwise decryption cannot be done. So the rules for encryption and decryption (short forThe key
), it is especially important to protect. Passing the key is the biggest hazard. This encryption method is called the Symmetric Encryption Algorithm. - In 1976, two American computer scientists (W.Diffie), Herman (M.Hellman) put forward a new idea, can not directly transfer the key situation, complete the key exchange. This is called”
Diffie Hellman key exchange
“Algorithm. It has created a new direction of cryptography research - In 1976, two American computer scientists W.Diffie and M.Hellman put forward a new idea, which can complete the key exchange without directly passing the key. This is called”
Diffie Hellman key exchange
“Algorithm. It has created a new direction of cryptography research
Principle of RSA
An encryption algorithm developed in the 1970s. The encryption method is special and requires two keys: public key abbreviationThe public key
(publickey) and private keyThe private key
(privatekey). Public key encryption, private key decryption; Private key encryption, public key decryption. This encryption algorithm isRSA
. Again, for the sake of necessity, we want an encryption algorithm that makes it easy to encrypt, it’s very hard to do the reverse. How do we design it? Let’s start with a math problemDiscrete logarithm problem
. For example,3^x mod 17 = 12
. When the modulo is prime (now 17) and x is an integer smaller than the modulo (now 3), the result will be an integer between 1 and the modulo minus 1 (now 16). So in this case let’s call 3 17The original root
. When 17 is a large enough prime number, it makes it harder to reverse.
The euler function
phi
If two positive integers have no common factor other than 1, they are said to be coprime. Any positive integer N is counted among positive integers less than or equal to n, and the number of integers with which n forms a mutual-prime relationship is called the Euler function φ (n). Euler functions have the following characteristics. When n is prime, φ(n)=n-1. 2, if n is an integer can be broken down into two co-prime product, if n = AB: phi (AB) = phi phi (A) * (B) summary: if n is the product of two prime Numbers P1 and P2 is phi (n) = phi phi (P1) * (P2) = (P1-1) * (P2)
Euler's theorem
If two positive integers m and n are mutually prime, then m to the φ(n) minus 1 is divisible by n.
A special case of Euler’s theorem: if two positive integers m and n are mutually prime, and n is prime! So phi of n is going to be n minus 1, and that’s fermat’s little theorem.
- The formulas
The above derivation leads to the following conclusion: If two positive integers e and x are mutually prime, then an integer d must be found such that Ed -1 is divisible by x. So d is e with respect to xDie inverse element
.From the figure above, we can see that as long as the client and server use the same algorithm encryption and decryption, the client and server pass 6 and 12, can be calculated to get 10. Even if the hacker gets the intermediate transmission data and the encryption algorithm, as long as the value of the module (17 at this time) is large enough, it is difficult to be backderived.The preceding encryption process is the RSA encryption principle. N and e are public keys, N and d are private keys, m is plaintext, and C is ciphertext. In the actual encryption process, n is very large, usually 1024 bits. (The largest integer ever decomposed by humans, 232 decimal bits and 768 binary bits). Since we need to find φ(n), according to the characteristics of Euclidian functions, the simplest way n is multiplied by two prime numbers: prime numbers P1, P2, φ(n) = (P1-1) * (P2-1). And then we end up with φ n, which gives us e and d. A total of six numbers are generated: P1, p2, n, φ(n), e, d.
- Principle of RSA
Except for the public key, which uses n and e, the other four numbers are not public. At present, the method of decrypting RSA to get D is as follows: 1. Because e times d is equal to φ n times k plus 1. I want to know e and φ n;
Using RSA on a Mac terminal
The Mac system has a built-in open source encryption library (OpenSSL), so you can operate RSA directly from a terminal. Common RSA commands in OpenSSL are as follows: genrsa: generates and outputs an RSA private key. Rsautl: uses the RSA private key to perform operations such as encryption, decryption, signing, and verification. RSA: Converts the format of the RSA secret key
- Example Generate an RSA private key of 1024 bits
openssl genrsa -out private.pem 1024
- Extract the public key from the private key
openssl rsa -in private.pem -pubout -out public.pem
- Convert the private key to plaintext
openssl rsa -in private.pem -text -out private.text
- Viewing a Text message
cat private.txt
- The public key is used to encrypt data, and the private key is used to decrypt data
1. Generate plaintext filesvi info.txt
(Info file name) 2. View the file contentcat info.txt
3. Encrypt using the public keyopenssl rsautl -encrypt -in info.txt -inkey public.pem -pubin -out enc.txt
4. Use the private key to decryptopenssl rsautl -decrypt -in encrypt.txt -inkey private.pem -out dec.txt
5. Encrypt using the private keyopenssl rsautl -sign -in info.txt -inkey private.pem -out enc.txt
6. Decrypt using the public keyopenssl rsautl -verify -in enc.txt -inkey publc.pem -pubin -out dec.txt