




已阅读5页,还剩8页未读, 继续免费阅读
版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
大学毕业设计论文外文资料翻译学院系计算机学院专业信息安全学生姓名班级学号外文出处WILLIAMSTALLINGSCRYPTOGRAPHYANDNETWORKSECURITY,FOURTHEDITIONPRENTICEHALLNOVEMBER16,2005附件1外文资料翻译译文;2外文原文A1A0A2A3A4A5A7A1A0A2A3A6A8A7A11A12A13外文资料翻译原文101KEYMANAGEMENTINCHAPTER7,WEEXAMINEDTHEPROBLEMOFTHEDISTRIBUTIONOFSECRETKEYSONEOFTHEMAJORROLESOFPUBLICKEYENCRYPTIONHASBEENTOADDRESSTHEPROBLEMOFKEYDISTRIBUTIONTHEREAREACTUALLYTWODISTINCTASPECTSTOTHEUSEOFPUBLICKEYCRYPTOGRAPHYINTHISREGARDTHEDISTRIBUTIONOFPUBLICKEYSTHEUSEOFPUBLICKEYENCRYPTIONTODISTRIBUTESECRETKEYSWEEXAMINEEACHOFTHESEAREASINTURNDISTRIBUTIONOFPUBLICKEYSSEVERALTECHNIQUESHAVEBEENPROPOSEDFORTHEDISTRIBUTIONOFPUBLICKEYSVIRTUALLYALLTHESEPROPOSALSCANBEGROUPEDINTOTHEFOLLOWINGGENERALSCHEMESPUBLICANNOUNCEMENTPUBLICLYAVAILABLEDIRECTORYPUBLICKEYAUTHORITYPUBLICKEYCERTIFICATESPUBLICANNOUNCEMENTOFPUBLICKEYSONTHEFACEOFIT,THEPOINTOFPUBLICKEYENCRYPTIONISTHATTHEPUBLICKEYISPUBLICTHUS,IFTHEREISSOMEBROADLYACCEPTEDPUBLICKEYALGORITHM,SUCHASRSA,ANYPARTICIPANTCANSENDHISORHERPUBLICKEYTOANYOTHERPARTICIPANTORBROADCASTTHEKEYTOTHECOMMUNITYATLARGEFIGURE101FOREXAMPLE,BECAUSEOFTHEGROWINGPOPULARITYOFPGPPRETTYGOODPRIVACY,DISCUSSEDINCHAPTER15,WHICHMAKESUSEOFRSA,MANYPGPUSERSHAVEADOPTEDTHEPRACTICEOFAPPENDINGTHEIRPUBLICKEYTOMESSAGESTHATTHEYSENDTOPUBLICFORUMS,SUCHASUSENETNEWSGROUPSANDINTERNETMAILINGLISTSALTHOUGHTHISAPPROACHISCONVENIENT,ITHASAMAJORWEAKNESSANYONECANFORGESUCHAPUBLICANNOUNCEMENTTHATIS,SOMEUSERCOULDPRETENDTOBEUSERAANDSENDAPUBLICKEYTOANOTHERPARTICIPANTORBROADCASTSUCHAPUBLICKEYUNTILSUCHTIMEASUSERADISCOVERSTHEFORGERYANDALERTSOTHERPARTICIPANTS,THEFORGERISABLETOREADALLENCRYPTEDMESSAGESINTENDEDFORAANDCANUSETHEFORGEDKEYSFORAUTHENTICATIONSEEFIGURE93PUBLICLYAVAILABLEDIRECTORYAGREATERDEGREEOFSECURITYCANBEACHIEVEDBYMAINTAININGAPUBLICLYAVAILABLEDYNAMICDIRECTORYOFPUBLICKEYSMAINTENANCEANDDISTRIBUTIONOFTHEPUBLICDIRECTORYWOULDHAVETOBETHERESPONSIBILITYOFSOMETRUSTEDENTITYORORGANIZATIONFIGURE102SUCHASCHEMEWOULDINCLUDETHEFOLLOWINGELEMENTS1THEAUTHORITYMAINTAINSADIRECTORYWITHANAME,PUBLICKEYENTRYFOREACHPARTICIPANT2EACHPARTICIPANTREGISTERSAPUBLICKEYWITHTHEDIRECTORYAUTHORITYREGISTRATIONWOULDHAVETOBEINPERSONORBYSOMEFORMOFSECUREAUTHENTICATEDCOMMUNICATION3APARTICIPANTMAYREPLACETHEEXISTINGKEYWITHANEWONEATANYTIME,EITHERBECAUSEOFTHEDESIRETOREPLACEAPUBLICKEYTHATHASALREADYBEENUSEDFORALARGEAMOUNTOFDATA,ORBECAUSETHECORRESPONDINGPRIVATEKEYHASBEENCOMPROMISEDINSOMEWAY4PARTICIPANTSCOULDALSOACCESSTHEDIRECTORYELECTRONICALLYFORTHISPURPOSE,SECURE,AUTHENTICATEDCOMMUNICATIONFROMTHEAUTHORITYTOTHEPARTICIPANTISMANDATORYTHISSCHEMEISCLEARLYMORESECURETHANINDIVIDUALPUBLICANNOUNCEMENTSBUTSTILLHASVULNERABILITIESIFANADVERSARYSUCCEEDSINOBTAININGORCOMPUTINGTHEPRIVATEKEYOFTHEDIRECTORYAUTHORITY,THEADVERSARYCOULDAUTHORITATIVELYPASSOUTCOUNTERFEITPUBLICKEYSANDSUBSEQUENTLYIMPERSONATEANYPARTICIPANTANDEAVESDROPONMESSAGESSENTTOANYPARTICIPANTANOTHERWAYTOACHIEVETHESAMEENDISFORTHEADVERSARYTOTAMPERWITHTHERECORDSKEPTBYTHEAUTHORITYPUBLICKEYAUTHORITYSTRONGERSECURITYFORPUBLICKEYDISTRIBUTIONCANBEACHIEVEDBYPROVIDINGTIGHTERCONTROLOVERTHEDISTRIBUTIONOFPUBLICKEYSFROMTHEDIRECTORYATYPICALSCENARIOISILLUSTRATEDINFIGURE103,WHICHISBASEDONAFIGUREINPOPE79ASBEFORE,THESCENARIOASSUMESTHATACENTRALAUTHORITYMAINTAINSADYNAMICDIRECTORYOFPUBLICKEYSOFALLPARTICIPANTSINADDITION,EACHPARTICIPANTRELIABLYKNOWSAPUBLICKEYFORTHEAUTHORITY,WITHONLYTHEAUTHORITYKNOWINGTHECORRESPONDINGPRIVATEKEYTHEFOLLOWINGSTEPSMATCHEDBYNUMBERTOFIGURE103OCCUR1ASENDSATIMESTAMPEDMESSAGETOTHEPUBLICKEYAUTHORITYCONTAININGAREQUESTFORTHECURRENTPUBLICKEYOFB2THEAUTHORITYRESPONDSWITHAMESSAGETHATISENCRYPTEDUSINGTHEAUTHORITYSPRIVATEKEY,PRAUTHTHUS,AISABLETODECRYPTTHEMESSAGEUSINGTHEAUTHORITYSPUBLICKEYTHEREFORE,AISASSUREDTHATTHEMESSAGEORIGINATEDWITHTHEAUTHORITYTHEMESSAGEINCLUDESTHEFOLLOWINGBSPUBLICKEY,PUBWHICHACANUSETOENCRYPTMESSAGESDESTINEDFORBTHEORIGINALREQUEST,TOENABLEATOMATCHTHISRESPONSEWITHTHECORRESPONDINGEARLIERREQUESTANDTOVERIFYTHATTHEORIGINALREQUESTWASNOTALTEREDBEFORERECEPTIONBYTHEAUTHORITYTHEORIGINALTIMESTAMP,SOACANDETERMINETHATTHISISNOTANOLDMESSAGEFROMTHEAUTHORITYCONTAININGAKEYOTHERTHANBSCURRENTPUBLICKEY3ASTORESBSPUBLICKEYANDALSOUSESITTOENCRYPTAMESSAGETOBCONTAININGANIDENTIFIEROFAIDAANDANONCEN1,WHICHISUSEDTOIDENTIFYTHISTRANSACTIONUNIQUELY4BRETRIEVESASPUBLICKEYFROMTHEAUTHORITYINTHESAMEMANNERASARETRIEVEDBSPUBLICKEYATTHISPOINT,PUBLICKEYSHAVEBEENSECURELYDELIVEREDTOAANDB,ANDTHEYMAYBEGINTHEIRPROTECTEDEXCHANGEHOWEVER,TWOADDITIONALSTEPSAREDESIRABLE5BSENDSAMESSAGETOAENCRYPTEDWITHPUAANDCONTAININGASNONCEN1ASWELLASANEWNONCEGENERATEDBYBN2BECAUSEONLYBCOULDHAVEDECRYPTEDMESSAGE3,THEPRESENCEOFN1INMESSAGE6ASSURESATHATTHECORRESPONDENTISB6ARETURNSN2,ENCRYPTEDUSINGBSPUBLICKEY,TOASSUREBTHATITSCORRESPONDENTISATHUS,ATOTALOFSEVENMESSAGESAREREQUIREDHOWEVER,THEINITIALFOURMESSAGESNEEDBEUSEDONLYINFREQUENTLYBECAUSEBOTHAANDBCANSAVETHEOTHERSPUBLICKEYFORFUTUREUSE,ATECHNIQUEKNOWNASCACHINGPERIODICALLY,AUSERSHOULDREQUESTFRESHCOPIESOFTHEPUBLICKEYSOFITSCORRESPONDENTSTOENSURECURRENCYPUBLICKEYCERTIFICATESTHESCENARIOOFFIGURE103ISATTRACTIVE,YETITHASSOMEDRAWBACKSTHEPUBLICKEYAUTHORITYCOULDBESOMEWHATOFABOTTLENECKINTHESYSTEM,FORAUSERMUSTAPPEALTOTHEAUTHORITYFORAPUBLICKEYFOREVERYOTHERUSERTHATITWISHESTOCONTACTASBEFORE,THEDIRECTORYOFNAMESANDPUBLICKEYSMAINTAINEDBYTHEAUTHORITYISVULNERABLETOTAMPERINGANALTERNATIVEAPPROACH,FIRSTSUGGESTEDBYKOHNFELDERKOHN78,ISTOUSECERTIFICATESTHATCANBEUSEDBYPARTICIPANTSTOEXCHANGEKEYSWITHOUTCONTACTINGAPUBLICKEYAUTHORITY,INAWAYTHATISASRELIABLEASIFTHEKEYSWEREOBTAINEDDIRECTLYFROMAPUBLICKEYAUTHORITYINESSENCE,ACERTIFICATECONSISTSOFAPUBLICKEYPLUSANIDENTIFIEROFTHEKEYOWNER,WITHTHEWHOLEBLOCKSIGNEDBYATRUSTEDTHIRDPARTYTYPICALLY,THETHIRDPARTYISACERTIFICATEAUTHORITY,SUCHASAGOVERNMENTAGENCYORAFINANCIALINSTITUTION,THATISTRUSTEDBYTHEUSERCOMMUNITYAUSERCANPRESENTHISORHERPUBLICKEYTOTHEAUTHORITYINASECUREMANNER,ANDOBTAINACERTIFICATETHEUSERCANTHENPUBLISHTHECERTIFICATEANYONENEEDEDTHISUSERSPUBLICKEYCANOBTAINTHECERTIFICATEANDVERIFYTHATITISVALIDBYWAYOFTHEATTACHEDTRUSTEDSIGNATUREAPARTICIPANTCANALSOCONVEYITSKEYINFORMATIONTOANOTHERBYTRANSMITTINGITSCERTIFICATEOTHERPARTICIPANTSCANVERIFYTHATTHECERTIFICATEWASCREATEDBYTHEAUTHORITYWECANPLACETHEFOLLOWINGREQUIREMENTSONTHISSCHEME1ANYPARTICIPANTCANREADACERTIFICATETODETERMINETHENAMEANDPUBLICKEYOFTHECERTIFICATESOWNER2ANYPARTICIPANTCANVERIFYTHATTHECERTIFICATEORIGINATEDFROMTHECERTIFICATEAUTHORITYANDISNOTCOUNTERFEIT3ONLYTHECERTIFICATEAUTHORITYCANCREATEANDUPDATECERTIFICATESTHESEREQUIREMENTSARESATISFIEDBYTHEORIGINALPROPOSALINKOHN78DENNINGDENN83ADDEDTHEFOLLOWINGADDITIONALREQUIREMENT4ANYPARTICIPANTCANVERIFYTHECURRENCYOFTHECERTIFICATEACERTIFICATESCHEMEISILLUSTRATEDINFIGURE104EACHPARTICIPANTAPPLIESTOTHECERTIFICATEAUTHORITY,SUPPLYINGAPUBLICKEYANDREQUESTINGACERTIFICATEFIGURE104EXCHANGEOFPUBLICKEYCERTIFICATESAPPLICATIONMUSTBEINPERSONORBYSOMEFORMOFSECUREAUTHENTICATEDCOMMUNICATIONFORPARTICIPANTA,THEAUTHORITYPROVIDESACERTIFICATEOFTHEFORMCAEPRAUTH,T|IDA|PUAWHEREPRAUTHISTHEPRIVATEKEYUSEDBYTHEAUTHORITYANDTISATIMESTAMPAMAYTHENPASSTHISCERTIFICATEONTOANYOTHERPARTICIPANT,WHOREADSANDVERIFIESTHECERTIFICATEASFOLLOWSDPUAUTH,CADPUAUTH,EPRAUTH,T|IDA|PUAT|IDA|PUATHERECIPIENTUSESTHEAUTHORITYSPUBLICKEY,PUAUTHTODECRYPTTHECERTIFICATEBECAUSETHECERTIFICATEISREADABLEONLYUSINGTHEAUTHORITYSPUBLICKEY,THISVERIFIESTHATTHECERTIFICATECAMEFROMTHECERTIFICATEAUTHORITYTHEELEMENTSIDAANDPUAPROVIDETHERECIPIENTWITHTHENAMEANDPUBLICKEYOFTHECERTIFICATESHOLDERTHETIMESTAMPTVALIDATESTHECURRENCYOFTHECERTIFICATETHETIMESTAMPCOUNTERSTHEFOLLOWINGSCENARIOASPRIVATEKEYISLEARNEDBYANADVERSARYAGENERATESANEWPRIVATE/PUBLICKEYPAIRANDAPPLIESTOTHECERTIFICATEAUTHORITYFORANEWCERTIFICATEMEANWHILE,THEADVERSARYREPLAYSTHEOLDCERTIFICATETOBIFBTHENENCRYPTSMESSAGESUSINGTHECOMPROMISEDOLDPUBLICKEY,THEADVERSARYCANREADTHOSEMESSAGESINTHISCONTEXT,THECOMPROMISEOFAPRIVATEKEYISCOMPARABLETOTHELOSSOFACREDITCARDTHEOWNERCANCELSTHECREDITCARDNUMBERBUTISATRISKUNTILALLPOSSIBLECOMMUNICANTSAREAWARETHATTHEOLDCREDITCARDISOBSOLETETHUS,THETIMESTAMPSERVESASSOMETHINGLIKEANEXPIRATIONDATEIFACERTIFICATEISSUFFICIENTLYOLD,ITISASSUMEDTOBEEXPIREDONESCHEMEHASBECOMEUNIVERSALLYACCEPTEDFORFORMATTINGPUBLICKEYCERTIFICATESTHEX509STANDARDX509CERTIFICATESAREUSEDINMOSTNETWORKSECURITYAPPLICATIONS,INCLUDINGIPSECURITY,SECURESOCKETSLAYERSSL,SECUREELECTRONICTRANSACTIONSSET,ANDS/MIME,ALLOFWHICHAREDISCUSSEDINPARTTWOX509ISEXAMINEDINDETAILINCHAPTER14DISTRIBUTIONOFSECRETKEYSUSINGPUBLICKEYCRYPTOGRAPHYONCEPUBLICKEYSHAVEBEENDISTRIBUTEDORHAVEBECOMEACCESSIBLE,SECURECOMMUNICATIONTHATTHWARTSEAVESDROPPINGFIGURE92,TAMPERINGFIGURE93,ORBOTHFIGURE94ISPOSSIBLEHOWEVER,FEWUSERSWILLWISHTOMAKEEXCLUSIVEUSEOFPUBLICKEYENCRYPTIONFORCOMMUNICATIONBECAUSEOFTHERELATIVELYSLOWDATARATESTHATCANBEACHIEVEDACCORDINGLY,PUBLICKEYENCRYPTIONPROVIDESFORTHEDISTRIBUTIONOFSECRETKEYSTOBEUSEDFORCONVENTIONALENCRYPTIONSIMPLESECRETKEYDISTRIBUTIONANEXTREMELYSIMPLESCHEMEWASPUTFORWARDBYMERKLEMERK79,ASILLUSTRATEDINFIGURE105IFAWISHESTOCOMMUNICATEWITHB,THEFOLLOWINGPROCEDUREISEMPLOYED1AGENERATESAPUBLIC/PRIVATEKEYPAIRPUA,PRAANDTRANSMITSAMESSAGETOBCONSISTINGOFPUAANDANIDENTIFIEROFA,IDA2BGENERATESASECRETKEY,KS,ANDTRANSMITSITTOA,ENCRYPTEDWITHASPUBLICKEY3ACOMPUTESDPRA,EPUA,KSTORECOVERTHESECRETKEYBECAUSEONLYACANDECRYPTTHEMESSAGE,ONLYAANDBWILLKNOWTHEIDENTITYOFKS4ADISCARDSPUAANDPRAANDBDISCARDSPUAFIGURE105SIMPLEUSEOFPUBLICKEYENCRYPTIONTOESTABLISHASESSIONKEYAANDBCANNOWSECURELYCOMMUNICATEUSINGCONVENTIONALENCRYPTIONANDTHESESSIONKEYKSATTHECOMPLETIONOFTHEEXCHANGE,BOTHAANDBDISCARDKSDESPITEITSSIMPLICITY,THISISANATTRACTIVEPROTOCOLNOKEYSEXISTBEFORETHESTARTOFTHECOMMUNICATIONANDNONEEXISTAFTERTHECOMPLETIONOFCOMMUNICATIONTHUS,THERISKOFCOMPROMISEOFTHEKEYSISMINIMALATTHESAMETIME,THECOMMUNICATIONISSECUREFROMEAVESDROPPINGTHEPROTOCOLDEPICTEDINFIGURE105ISINSECUREAGAINSTANADVERSARYWHOCANINTERCEPTMESSAGESANDTHENEITHERRELAYTHEINTERCEPTEDMESSAGEORSUBSTITUTEANOTHERMESSAGESEEFIGURE14CSUCHANATTACKISKNOWNASAMANINTHEMIDDLEATTACKRIVE84INTHISCASE,IFANADVERSARY,E,HASCONTROLOFTHEINTERVENINGCOMMUNICATIONCHANNEL,THENECANCOMPROMISETHECOMMUNICATIONINTHEFOLLOWINGFASHIONWITHOUTBEINGDETECTED1AGENERATESAPUBLIC/PRIVATEKEYPAIRPUA,PRAANDTRANSMITSAMESSAGEINTENDEDFORBCONSISTINGOFPUAANDANIDENTIFIEROFA,IDA2EINTERCEPTSTHEMESSAGE,CREATESITSOWNPUBLIC/PRIVATEKEYPAIRPUE,PREANDTRANSMITSPUE|IDATOB3BGENERATESASECRETKEY,KS,ANDTRANSMITSEPUE,KS4EINTERCEPTSTHEMESSAGE,ANDLEARNSKSBYCOMPUTINGDPRE,EPUE,KS5ETRANSMITSEPUA,KSTOATHERESULTISTHATBOTHAANDBKNOWKSANDAREUNAWARETHATKSHASALSOBEENREVEALEDTOEAANDBCANNOWEXCHANGEMESSAGESUSINGKSENOLONGERACTIVELYINTERFERESWITHTHECOMMUNICATIONSCHANNELBUTSIMPLYEAVESDROPSKNOWINGKSECANDECRYPTALLMESSAGES,ANDBOTHAANDBAREUNAWAREOFTHEPROBLEMTHUS,THISSIMPLEPROTOCOLISONLYUSEFULINANENVIRONMENTWHERETHEONLYTHREATISEAVESDROPPINGSECRETKEYDISTRIBUTIONWITHCONFIDENTIALITYANDAUTHENTICATIONFIGURE106,BASEDONANAPPROACHSUGGESTEDINNEED78,PROVIDESPROTECTIONAGAINSTBOTHACTIVEANDPASSIVEATTACKSWEBEGINATAPOINTWHENITISASSUMEDTHATAANDBHAVEEXCHANGEDPUBLICKEYSBYONEOFTHESCHEMESDESCRIBEDEARLIERINTHISSECTIONTHENTHEFOLLOWINGSTEPSOCCUR1AUSESBSPUBLICKEYTOENCRYPTAMESSAGETOBCONTAININGANIDENTIFIEROFAIDAANDANONCEN1,WHICHISUSEDTOIDENTIFYTHISTRANSACTIONUNIQUELY2BSENDSAMESSAGETOAENCRYPTEDWITHPUAANDCONTAININGASNONCEN1ASWELLASANEWNONCEGENERATEDBYBN2BECAUSEONLYBCOULDHAVEDECRYPTEDMESSAGE1,THEPRESENCEOFN1INMESSAGE2ASSURESATHATTHECORRESPONDENTISB3ARETURNSN2ENCRYPTEDUSINGBSPUBLICKEY,TOASSUREBTHATITSCORRESPONDENTISA4ASELECTSASECRETKEYKSANDSENDSMEPUB,EPRA,KSTOBENCRYPTIONOFTHISMESSAGEWITHBSPUBLICKEYENSURESTHATONLYBCANREADITENCRYPTIONWITHASPRIVATEKEYENSURESTHATONLYACOULDHAVESENTIT5BCOMPUTESDPUA,DPRB,MTORECOVERTHESECRETKEYFIGURE106PUBLICKEYDISTRIBUTIONOFSECRETKEYSNOTICETHATTHEFIRSTTHREESTEPSOFTHISSCHEMEARETHESAMEASTHELASTTHREESTEPSOFFIGURE103THERESULTISTHATTHISSCHEMEENSURESBOTHCONFIDENTIALITYANDAUTHENTICATIONINTHEEXCHANGEOFASECRETKEYAHYBRIDSCHEMEYETANOTHERWAYTOUSEPUBLICKEYENCRYPTIONTODISTRIBUTESECRETKEYSISAHYBRIDAPPROACHINUSEONIBMMAINFRAMESLE93THISSCHEMERETAINSTHEUSEOFAKEYDISTRIBUTIONCENTERKDCTHATSHARESASECRETMASTERKEYWITHEACHUSERANDDISTRIBUTESSECRETSESSIONKEYSENCRYPTEDWITHTHEMASTERKEYAPUBLICKEYSCHEMEISUSEDTODISTRIBUTETHEMASTERKEYSTHEFOLLOWINGRATIONALEISPROVIDEDFORUSINGTHISTHREELEVELAPPROACHPERFORMANCETHEREAREMANYAPPLICATIONS,ESPECIALLYTRANSACTIONORIENTEDAPPLICATIONS,INWHICHTHESESSIONKEYSCHANGEFREQUENTLYDISTRIBUTIONOFSESSIONKEYSBYPUBLICKEYENCRYPTIONCOULDDEGRADEOVERALLSYSTEMPERFORMANCEBECAUSEOFTHERELATIVELYHIGHCOMPUTATIONALLOADOFPUBLICKEYENCRYPTIONANDDECRYPTIONWITHATHREELEVELHIERARCHY,PUBLICKEYENCRYPTIONISUSEDONLYOCCASIONALLYTOUPDATETHEMASTERKEYBETWEENAUSERANDTHEKDCBACKWARDCOMPATIBILITYTHEHYBRIDSCHEMEISEASILYOVERLAIDONANEXISTINGKDCSCHEME,WITHMINIMALDISRUPTIONORSOFTWARECHANGESTHEADDITIONOFAPUBLICKEYLAYERPROVIDESASECURE,EFFICIENTMEANSOFDISTRIBUTINGMASTERKEYSTHISISANADVANTAGEINACONFIGURATIONINWHICHASINGLEKDCSERVESAWIDELYDISTRIBUTEDSETOFUSERS102DIFFIEHELLMANKEYEXCHANGETHEFIRSTPUBLISHEDPUBLICKEYALGORITHMAPPEAREDINTHESEMINALPAPERBYDIFFIEANDHELLMANTHATDEFINEDPUBLICKEYCRYPTOGRAPHYDIFF76BANDISGENERALLYREFERREDTOASDIFFIEHELLMANKEYEXCHANGE1ANUMBEROFCOMMERCIALPRODUCTSEMPLOYTHISKEYEXCHANGETECHNIQUE1WILLIAMSONOFBRITAINSCESGPUBLISHEDTHEIDENTICALSCHEMEAFEWMONTHSEARLIERINACLASSIFIEDDOCUMENTWILL76ANDCLAIMSTOHAVEDISCOVEREDITSEVERALYEARSPRIORTOTHATSEEELLI99FORADISCUSSIONTHEPURPOSEOFTHEALGORITHMISTOENABLETWOUSERSTOSECURELYEXCHANGEAKEYTHATCANTHENBEUSEDFORSUBSEQUENTENCRYPTIONOFMESSAGESTHEALGORITHMITSELFISLIMITEDTOTHEEXCHANGEOFSECRETVALUESTHEDIFFIEHELLMANALGORITHMDEPENDSFORITSEFFECTIVENESSONTHEDIFFICULTYOFCOMPUTINGDISCRETELOGARITHMSBRIEFLY,WECANDEFINETHEDISCRETELOGARITHMINTHEFOLLOWINGWAYFIRST,WEDEFINEAPRIMITIVEROOTOFAPRIMENUMBERPASONEWHOSEPOWERSMODULOPGENERATEALLTHEINTEGERSFROM1TOP1THATIS,IFAISAPRIMITIVEROOTOFTHEPRIMENUMBERP,THENTHENUMBERSAMODP,A2MODP,AP1MODPAREDISTINCTANDCONSISTOFTHEINTEGERSFROM1THROUGHP1INSOMEPERMUTATIONFORANYINTEGERBANDAPRIMITIVEROOTAOFPRIMENUMBERP,WECANFINDAUNIQUEEXPONENTISUCHTHATBAIMODPWHERE0IP1THEEXPONENTIISREFERREDTOASTHEDISCRETELOGARITHMOFBFORTHEBASEA,MODPWEEXPRESSTHISVALUEASDLOGA,PBSEECHAPTER8FORANEXTENDEDDISCUSSIONOFDISCRETELOGARITHMSTHEALGORITHMFIGURE107SUMMARIZESTHEDIFFIEHELLMANKEYEXCHANGEALGORITHMFORTHISSCHEME,THEREARETWOPUBLICLYKNOWNNUMBERSAPRIMENUMBERQANDANINTEGERTHATISAPRIMITIVEROOTOFQSUPPOSETHEUSERSAANDBWISHTOEXCHANGEAKEYUSERASELECTSARANDOMINTEGERXAQANDCOMPUTESYAAXAMODQSIMILARLY,USERBINDEPENDENTLYSELECTSARANDOMINTEGERXAQANDCOMPUTESYBAXBMODQEACHSIDEKEEPSTHEXVALUEPRIVATEANDMAKESTHEYVALUEAVAILABLEPUBLICLYTOTHEOTHERSIDEUSERACOMPUTESTHEKEYASKYBXAMODQANDUSERBCOMPUTESTHEKEYASKYAXBMODQTHESETWOCALCULATIONSPRODUCEIDENTICALRESULTSKYBXAMODQAXBMODQXAMODQAXBXAMODQBYTHERULESOFMODULARARITHMETICAXBXAMODQAXAXBMODQAXAMODQAXAMODQXBMODQYAXBMODQFIGURE107THEDIFFIEHELLMANKEYEXCHANGEALGORITHMTHERESULTISTHATTHETWOSIDESHAVEEXCHANGEDASECRETVALUEFURTHERMORE,BECAUSEXAANDXBAREPRIVATE,ANADVERSARYONLYHASTHEFOLLOWINGINGREDIENTSTOWORKWITHQ,A,YA,ANDYBTHUS,THEADVERSARYISFORCEDTOTAKEADISCRETELOGARITHMTODETERMINETHEKEYFOREXAMPLE,TODETERMINETHEPRIVATEKEYOFUSERB,ANADVERSARYMUSTCOMPUTEXBDLOGA,QYBTHEADVERSARYCANTHENCALCULATETHEKEYKINTHESAMEMANNERASUSERBCALCULATESITTHESECURITYOFTHEDIFFIEHELLMANKEYEXCHANGELIESINTHEFACTTHAT,WHILEITISRELATIVELYEASYTOCALCULATEEXPONENTIALSMODULOAPRIME,ITISVERYDIFFICULTTOCALCULATEDISCRETELOGARITHMSFORLARGEPRIMES,THELATTERTASKISCONSIDEREDINFEASIBLEHEREISANEXAMPLEKEYEXCHANGEISBASEDONTHEUSEOFTHEPRIMENUMBERQ353ANDAPRIMITIVEROOTOF353,INTHISCASEA3AANDBSELECTSECRETKEYSXA97ANDXB233,RESPECTIVELYEACHCOMPUTESITSPUBLICKEYACOMPUTESYA397MOD35340BCOMPUTESYB3233MOD353248AFTERTHEYEXCHANGEPUBLICKEYS,EACHCANCOMPUTETHECOMMONSECRETKEYACOMPUTESKYBXAMOD35324897MOD353160BCOMPUTESKYAXEMOD35340233MOD353160WEASSUMEANATTACKERWOULDHAVEAVAILABLETHEFOLLOWINGINFORMATIONQ353A3YA40YB248INTHISSIMPLEEXAMPLE,ITWOULDBEPOSSIBLEBYBRUTEFORCETODETERMINETHESECRETKEY160INPARTICULAR,ANATTACKERECANDETERMINETHECOMMONKEYBYDISCOVERINGASOLUTIONTOTHEEQUATION3AMOD35340ORTHEEQUATION3BMOD353248THEBRUTEFORCEAPPROACHISTOCALCULATEPOWERSOF3MODULO353,STOPPINGWHENTHERESULTEQUALSEITHER40OR248THEDESIREDANSWERISREACHEDWITHTHEEXPONENTVALUEOF97,WHICHPROVIDES397MOD35340WITHLARGERNUMBERS,THEPROBLEMBECOMESIMPRACTICALKEYEXCHANGEPROTOCOLSFIGURE108SHOWSASIMPLEPROTOCOLTHATMAKESUSEOFTHEDIFFIEHELLMANCALCULATIONSUPPOSETHATUSERAWISHESTOSETUPACONNECTIONWITHUSERBANDUSEASECRETKEYTOENCRYPTMESSAGESONTHATCONNECTIONUSERACANGENERATEAONETIMEPRIVATEKEYXA,CALCULATEYA,ANDSENDTHATTOUSERBUSERBRESPONDSBYGENERATINGAPRIVATEVALUEXBCALCULATINGYB,ANDSENDINGYBTOUSERABOTHUSERSCANNOWCALCULATETHEKEYTHENECESSARYPUBLICVALUESQANDAWOULDNEEDTOBEKNOWNAHEADOFTIMEALTERNATIVELY,USERACOULDPICKVALUESFORQANDAANDINCLUDETHOSEINTHEFIRSTMESSAGEFIGURE108DIFFIEHELLMANKEYEXCHANGEASANEXAMPLEOFANOTHERUSEOFTHEDIFFIEHELLMANALGORITHM,SUPPOSETHATAGROUPOFUSERSEG,ALLUSERSONALANEACHGENERATEALONGLASTINGPRIVATEVALUEXIFORUSERIANDCALCULATEAPUBLICVALUEYITHESEPUBLICVALUES,TOGETHERWITHGLOBALPUBLICVALUESFORQANDA,ARESTOREDINSOMECENTRALDIRECTORYATANYTIME,USERJCANACCESSUSERISPUBLICVALUE,CALCULATEASECRETKEY,ANDUSETHATTOSENDANENCRYPTEDMESSAGETOUSERAIFTHECENTRALDIRECTORYISTRUSTED,THENTHISFORMOFCOMMUNICATIONPROVIDESBOTHCONFIDENTIALITYANDADEGREEOFAUTHENTICATIONBECAUSEONLYIANDJCANDETERMINETHEKEY,NOOTHERUSERCANREADTHEMESSAGECONFIDENTIALITYRECIPIENTIKNOWSTHATONLYUSERJCOULDHAVECREATEDAMESSAGEUSINGTHISKEYAUTHENTICATIONHOWEVER,THETECHNIQUEDOESNOTPROTECTAGAINSTREPLAYATTACKS103ELLIPTICCURVEARITHMETICMOSTOFTHEPRODUCTSANDSTANDARDSTHATUSEPUBLICKEYCRYPTOGRAPHYFORENCRYPTIONANDDIGITALSIGNATURESUSERSAASWEHAVESEEN,THEKEYLENGTHFORSECURERSAUSEHASINCREASEDOVERRECENTYEARS,ANDTHISHASPUTAHEAVIERPROCESSINGLOADONAPPLICATIONSUSINGRSATHISBURDENHASRAMIFICATIONS,ESPECIALLYFORELECTRONICCOMMERCESITESTHATCONDUCTLARGENUMBERSOFSECURETRANSACTIONSRECENTLY,ACOMPETINGSYSTEMHASBEGUNTOCHALLENGERSAELLIPTICCURVECRYPTOGRAPHYECCALREADY,ECCISSHOWINGUPINSTANDARDIZATIONEFFORTS,INCLUDINGTHEIEEEP1363STANDARDFORPUBLICKEYCRYPTOGRAPHYTHEPRINCIPALATTRACTIONOFECC,COMPAREDTORSA,ISTHATITAPPEARSTOOFFEREQUALSECURITYFORAFARSMALLERKEYSIZE,THEREB
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 专项附加扣除培训
- 2026届江苏省无锡市前洲中学九上化学期中监测模拟试题含解析
- 志愿服务工作总结
- 平凉市重点中学2026届九年级英语第一学期期末学业水平测试模拟试题含解析
- 2026届山东省德州市陵城区化学九年级第一学期期末达标测试试题含解析
- 江苏省镇江市2025-2026学年高三上学期期初监测数学试题含答案
- 福建省泉州市2026届高三上学期质量监测(一)数学试题(含答案)
- 生药学单选试题和答案
- 吉林省长春市名校2026届九上化学期中教学质量检测试题含解析
- 2025年CPA考试 会计科目冲刺阶段重点试题解析
- 农业企业技术创新与国际市场竞争研究-洞察阐释
- 设备操作安全培训与实践考核试卷
- 2025年环保行业从业者综合素质测试试卷及答案
- 电线、电缆专用生产机械企业ESG实践与创新战略研究报告
- 2025-2030中国边境经济合作区行业市场发展分析及经验案例与投资趋势研究报告
- TCECS24-2020钢结构防火涂料应用技术规程
- 血液透析病人饮食管理
- 养老机构膳食服务基本规范
- 机械设计基础 第2章 机构的组成及自由度计算
- 脚手架临时开口加固方案
- 华为公司考勤管理制度
评论
0/150
提交评论