已阅读5页,还剩8页未读, 继续免费阅读
版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
大学毕业设计论文外文资料翻译学院系计算机学院专业信息安全学生姓名班级学号外文出处WILLIAMSTALLINGSCRYPTOGRAPHYANDNETWORKSECURITY,FOURTHEDITIONPRENTICEHALLNOVEMBER16,2005附件1外文资料翻译译文;2外文原文A1A0A2A3A4A5A7A1A0A2A3A6A8A7A11A12A13外文资料翻译原文101KEYMANAGEMENTINCHAPTER7,WEEXAMINEDTHEPROBLEMOFTHEDISTRIBUTIONOFSECRETKEYSONEOFTHEMAJORROLESOFPUBLICKEYENCRYPTIONHASBEENTOADDRESSTHEPROBLEMOFKEYDISTRIBUTIONTHEREAREACTUALLYTWODISTINCTASPECTSTOTHEUSEOFPUBLICKEYCRYPTOGRAPHYINTHISREGARDTHEDISTRIBUTIONOFPUBLICKEYSTHEUSEOFPUBLICKEYENCRYPTIONTODISTRIBUTESECRETKEYSWEEXAMINEEACHOFTHESEAREASINTURNDISTRIBUTIONOFPUBLICKEYSSEVERALTECHNIQUESHAVEBEENPROPOSEDFORTHEDISTRIBUTIONOFPUBLICKEYSVIRTUALLYALLTHESEPROPOSALSCANBEGROUPEDINTOTHEFOLLOWINGGENERALSCHEMESPUBLICANNOUNCEMENTPUBLICLYAVAILABLEDIRECTORYPUBLICKEYAUTHORITYPUBLICKEYCERTIFICATESPUBLICANNOUNCEMENTOFPUBLICKEYSONTHEFACEOFIT,THEPOINTOFPUBLICKEYENCRYPTIONISTHATTHEPUBLICKEYISPUBLICTHUS,IFTHEREISSOMEBROADLYACCEPTEDPUBLICKEYALGORITHM,SUCHASRSA,ANYPARTICIPANTCANSENDHISORHERPUBLICKEYTOANYOTHERPARTICIPANTORBROADCASTTHEKEYTOTHECOMMUNITYATLARGEFIGURE101FOREXAMPLE,BECAUSEOFTHEGROWINGPOPULARITYOFPGPPRETTYGOODPRIVACY,DISCUSSEDINCHAPTER15,WHICHMAKESUSEOFRSA,MANYPGPUSERSHAVEADOPTEDTHEPRACTICEOFAPPENDINGTHEIRPUBLICKEYTOMESSAGESTHATTHEYSENDTOPUBLICFORUMS,SUCHASUSENETNEWSGROUPSANDINTERNETMAILINGLISTSALTHOUGHTHISAPPROACHISCONVENIENT,ITHASAMAJORWEAKNESSANYONECANFORGESUCHAPUBLICANNOUNCEMENTTHATIS,SOMEUSERCOULDPRETENDTOBEUSERAANDSENDAPUBLICKEYTOANOTHERPARTICIPANTORBROADCASTSUCHAPUBLICKEYUNTILSUCHTIMEASUSERADISCOVERSTHEFORGERYANDALERTSOTHERPARTICIPANTS,THEFORGERISABLETOREADALLENCRYPTEDMESSAGESINTENDEDFORAANDCANUSETHEFORGEDKEYSFORAUTHENTICATIONSEEFIGURE93PUBLICLYAVAILABLEDIRECTORYAGREATERDEGREEOFSECURITYCANBEACHIEVEDBYMAINTAININGAPUBLICLYAVAILABLEDYNAMICDIRECTORYOFPUBLICKEYSMAINTENANCEANDDISTRIBUTIONOFTHEPUBLICDIRECTORYWOULDHAVETOBETHERESPONSIBILITYOFSOMETRUSTEDENTITYORORGANIZATIONFIGURE102SUCHASCHEMEWOULDINCLUDETHEFOLLOWINGELEMENTS1THEAUTHORITYMAINTAINSADIRECTORYWITHANAME,PUBLICKEYENTRYFOREACHPARTICIPANT2EACHPARTICIPANTREGISTERSAPUBLICKEYWITHTHEDIRECTORYAUTHORITYREGISTRATIONWOULDHAVETOBEINPERSONORBYSOMEFORMOFSECUREAUTHENTICATEDCOMMUNICATION3APARTICIPANTMAYREPLACETHEEXISTINGKEYWITHANEWONEATANYTIME,EITHERBECAUSEOFTHEDESIRETOREPLACEAPUBLICKEYTHATHASALREADYBEENUSEDFORALARGEAMOUNTOFDATA,ORBECAUSETHECORRESPONDINGPRIVATEKEYHASBEENCOMPROMISEDINSOMEWAY4PARTICIPANTSCOULDALSOACCESSTHEDIRECTORYELECTRONICALLYFORTHISPURPOSE,SECURE,AUTHENTICATEDCOMMUNICATIONFROMTHEAUTHORITYTOTHEPARTICIPANTISMANDATORYTHISSCHEMEISCLEARLYMORESECURETHANINDIVIDUALPUBLICANNOUNCEMENTSBUTSTILLHASVULNERABILITIESIFANADVERSARYSUCCEEDSINOBTAININGORCOMPUTINGTHEPRIVATEKEYOFTHEDIRECTORYAUTHORITY,THEADVERSARYCOULDAUTHORITATIVELYPASSOUTCOUNTERFEITPUBLICKEYSANDSUBSEQUENTLYIMPERSONATEANYPARTICIPANTANDEAVESDROPONMESSAGESSENTTOANYPARTICIPANTANOTHERWAYTOACHIEVETHESAMEENDISFORTHEADVERSARYTOTAMPERWITHTHERECORDSKEPTBYTHEAUTHORITYPUBLICKEYAUTHORITYSTRONGERSECURITYFORPUBLICKEYDISTRIBUTIONCANBEACHIEVEDBYPROVIDINGTIGHTERCONTROLOVERTHEDISTRIBUTIONOFPUBLICKEYSFROMTHEDIRECTORYATYPICALSCENARIOISILLUSTRATEDINFIGURE103,WHICHISBASEDONAFIGUREINPOPE79ASBEFORE,THESCENARIOASSUMESTHATACENTRALAUTHORITYMAINTAINSADYNAMICDIRECTORYOFPUBLICKEYSOFALLPARTICIPANTSINADDITION,EACHPARTICIPANTRELIABLYKNOWSAPUBLICKEYFORTHEAUTHORITY,WITHONLYTHEAUTHORITYKNOWINGTHECORRESPONDINGPRIVATEKEYTHEFOLLOWINGSTEPSMATCHEDBYNUMBERTOFIGURE103OCCUR1ASENDSATIMESTAMPEDMESSAGETOTHEPUBLICKEYAUTHORITYCONTAININGAREQUESTFORTHECURRENTPUBLICKEYOFB2THEAUTHORITYRESPONDSWITHAMESSAGETHATISENCRYPTEDUSINGTHEAUTHORITYSPRIVATEKEY,PRAUTHTHUS,AISABLETODECRYPTTHEMESSAGEUSINGTHEAUTHORITYSPUBLICKEYTHEREFORE,AISASSUREDTHATTHEMESSAGEORIGINATEDWITHTHEAUTHORITYTHEMESSAGEINCLUDESTHEFOLLOWINGBSPUBLICKEY,PUBWHICHACANUSETOENCRYPTMESSAGESDESTINEDFORBTHEORIGINALREQUEST,TOENABLEATOMATCHTHISRESPONSEWITHTHECORRESPONDINGEARLIERREQUESTANDTOVERIFYTHATTHEORIGINALREQUESTWASNOTALTEREDBEFORERECEPTIONBYTHEAUTHORITYTHEORIGINALTIMESTAMP,SOACANDETERMINETHATTHISISNOTANOLDMESSAGEFROMTHEAUTHORITYCONTAININGAKEYOTHERTHANBSCURRENTPUBLICKEY3ASTORESBSPUBLICKEYANDALSOUSESITTOENCRYPTAMESSAGETOBCONTAININGANIDENTIFIEROFAIDAANDANONCEN1,WHICHISUSEDTOIDENTIFYTHISTRANSACTIONUNIQUELY4BRETRIEVESASPUBLICKEYFROMTHEAUTHORITYINTHESAMEMANNERASARETRIEVEDBSPUBLICKEYATTHISPOINT,PUBLICKEYSHAVEBEENSECURELYDELIVEREDTOAANDB,ANDTHEYMAYBEGINTHEIRPROTECTEDEXCHANGEHOWEVER,TWOADDITIONALSTEPSAREDESIRABLE5BSENDSAMESSAGETOAENCRYPTEDWITHPUAANDCONTAININGASNONCEN1ASWELLASANEWNONCEGENERATEDBYBN2BECAUSEONLYBCOULDHAVEDECRYPTEDMESSAGE3,THEPRESENCEOFN1INMESSAGE6ASSURESATHATTHECORRESPONDENTISB6ARETURNSN2,ENCRYPTEDUSINGBSPUBLICKEY,TOASSUREBTHATITSCORRESPONDENTISATHUS,ATOTALOFSEVENMESSAGESAREREQUIREDHOWEVER,THEINITIALFOURMESSAGESNEEDBEUSEDONLYINFREQUENTLYBECAUSEBOTHAANDBCANSAVETHEOTHERSPUBLICKEYFORFUTUREUSE,ATECHNIQUEKNOWNASCACHINGPERIODICALLY,AUSERSHOULDREQUESTFRESHCOPIESOFTHEPUBLICKEYSOFITSCORRESPONDENTSTOENSURECURRENCYPUBLICKEYCERTIFICATESTHESCENARIOOFFIGURE103ISATTRACTIVE,YETITHASSOMEDRAWBACKSTHEPUBLICKEYAUTHORITYCOULDBESOMEWHATOFABOTTLENECKINTHESYSTEM,FORAUSERMUSTAPPEALTOTHEAUTHORITYFORAPUBLICKEYFOREVERYOTHERUSERTHATITWISHESTOCONTACTASBEFORE,THEDIRECTORYOFNAMESANDPUBLICKEYSMAINTAINEDBYTHEAUTHORITYISVULNERABLETOTAMPERINGANALTERNATIVEAPPROACH,FIRSTSUGGESTEDBYKOHNFELDERKOHN78,ISTOUSECERTIFICATESTHATCANBEUSEDBYPARTICIPANTSTOEXCHANGEKEYSWITHOUTCONTACTINGAPUBLICKEYAUTHORITY,INAWAYTHATISASRELIABLEASIFTHEKEYSWEREOBTAINEDDIRECTLYFROMAPUBLICKEYAUTHORITYINESSENCE,ACERTIFICATECONSISTSOFAPUBLICKEYPLUSANIDENTIFIEROFTHEKEYOWNER,WITHTHEWHOLEBLOCKSIGNEDBYATRUSTEDTHIRDPARTYTYPICALLY,THETHIRDPARTYISACERTIFICATEAUTHORITY,SUCHASAGOVERNMENTAGENCYORAFINANCIALINSTITUTION,THATISTRUSTEDBYTHEUSERCOMMUNITYAUSERCANPRESENTHISORHERPUBLICKEYTOTHEAUTHORITYINASECUREMANNER,ANDOBTAINACERTIFICATETHEUSERCANTHENPUBLISHTHECERTIFICATEANYONENEEDEDTHISUSERSPUBLICKEYCANOBTAINTHECERTIFICATEANDVERIFYTHATITISVALIDBYWAYOFTHEATTACHEDTRUSTEDSIGNATUREAPARTICIPANTCANALSOCONVEYITSKEYINFORMATIONTOANOTHERBYTRANSMITTINGITSCERTIFICATEOTHERPARTICIPANTSCANVERIFYTHATTHECERTIFICATEWASCREATEDBYTHEAUTHORITYWECANPLACETHEFOLLOWINGREQUIREMENTSONTHISSCHEME1ANYPARTICIPANTCANREADACERTIFICATETODETERMINETHENAMEANDPUBLICKEYOFTHECERTIFICATESOWNER2ANYPARTICIPANTCANVERIFYTHATTHECERTIFICATEORIGINATEDFROMTHECERTIFICATEAUTHORITYANDISNOTCOUNTERFEIT3ONLYTHECERTIFICATEAUTHORITYCANCREATEANDUPDATECERTIFICATESTHESEREQUIREMENTSARESATISFIEDBYTHEORIGINALPROPOSALINKOHN78DENNINGDENN83ADDEDTHEFOLLOWINGADDITIONALREQUIREMENT4ANYPARTICIPANTCANVERIFYTHECURRENCYOFTHECERTIFICATEACERTIFICATESCHEMEISILLUSTRATEDINFIGURE104EACHPARTICIPANTAPPLIESTOTHECERTIFICATEAUTHORITY,SUPPLYINGAPUBLICKEYANDREQUESTINGACERTIFICATEFIGURE104EXCHANGEOFPUBLICKEYCERTIFICATESAPPLICATIONMUSTBEINPERSONORBYSOMEFORMOFSECUREAUTHENTICATEDCOMMUNICATIONFORPARTICIPANTA,THEAUTHORITYPROVIDESACERTIFICATEOFTHEFORMCAEPRAUTH,T|IDA|PUAWHEREPRAUTHISTHEPRIVATEKEYUSEDBYTHEAUTHORITYANDTISATIMESTAMPAMAYTHENPASSTHISCERTIFICATEONTOANYOTHERPARTICIPANT,WHOREADSANDVERIFIESTHECERTIFICATEASFOLLOWSDPUAUTH,CADPUAUTH,EPRAUTH,T|IDA|PUAT|IDA|PUATHERECIPIENTUSESTHEAUTHORITYSPUBLICKEY,PUAUTHTODECRYPTTHECERTIFICATEBECAUSETHECERTIFICATEISREADABLEONLYUSINGTHEAUTHORITYSPUBLICKEY,THISVERIFIESTHATTHECERTIFICATECAMEFROMTHECERTIFICATEAUTHORITYTHEELEMENTSIDAANDPUAPROVIDETHERECIPIENTWITHTHENAMEANDPUBLICKEYOFTHECERTIFICATESHOLDERTHETIMESTAMPTVALIDATESTHECURRENCYOFTHECERTIFICATETHETIMESTAMPCOUNTERSTHEFOLLOWINGSCENARIOASPRIVATEKEYISLEARNEDBYANADVERSARYAGENERATESANEWPRIVATE/PUBLICKEYPAIRANDAPPLIESTOTHECERTIFICATEAUTHORITYFORANEWCERTIFICATEMEANWHILE,THEADVERSARYREPLAYSTHEOLDCERTIFICATETOBIFBTHENENCRYPTSMESSAGESUSINGTHECOMPROMISEDOLDPUBLICKEY,THEADVERSARYCANREADTHOSEMESSAGESINTHISCONTEXT,THECOMPROMISEOFAPRIVATEKEYISCOMPARABLETOTHELOSSOFACREDITCARDTHEOWNERCANCELSTHECREDITCARDNUMBERBUTISATRISKUNTILALLPOSSIBLECOMMUNICANTSAREAWARETHATTHEOLDCREDITCARDISOBSOLETETHUS,THETIMESTAMPSERVESASSOMETHINGLIKEANEXPIRATIONDATEIFACERTIFICATEISSUFFICIENTLYOLD,ITISASSUMEDTOBEEXPIREDONESCHEMEHASBECOMEUNIVERSALLYACCEPTEDFORFORMATTINGPUBLICKEYCERTIFICATESTHEX509STANDARDX509CERTIFICATESAREUSEDINMOSTNETWORKSECURITYAPPLICATIONS,INCLUDINGIPSECURITY,SECURESOCKETSLAYERSSL,SECUREELECTRONICTRANSACTIONSSET,ANDS/MIME,ALLOFWHICHAREDISCUSSEDINPARTTWOX509ISEXAMINEDINDETAILINCHAPTER14DISTRIBUTIONOFSECRETKEYSUSINGPUBLICKEYCRYPTOGRAPHYONCEPUBLICKEYSHAVEBEENDISTRIBUTEDORHAVEBECOMEACCESSIBLE,SECURECOMMUNICATIONTHATTHWARTSEAVESDROPPINGFIGURE92,TAMPERINGFIGURE93,ORBOTHFIGURE94ISPOSSIBLEHOWEVER,FEWUSERSWILLWISHTOMAKEEXCLUSIVEUSEOFPUBLICKEYENCRYPTIONFORCOMMUNICATIONBECAUSEOFTHERELATIVELYSLOWDATARATESTHATCANBEACHIEVEDACCORDINGLY,PUBLICKEYENCRYPTIONPROVIDESFORTHEDISTRIBUTIONOFSECRETKEYSTOBEUSEDFORCONVENTIONALENCRYPTIONSIMPLESECRETKEYDISTRIBUTIONANEXTREMELYSIMPLESCHEMEWASPUTFORWARDBYMERKLEMERK79,ASILLUSTRATEDINFIGURE105IFAWISHESTOCOMMUNICATEWITHB,THEFOLLOWINGPROCEDUREISEMPLOYED1AGENERATESAPUBLIC/PRIVATEKEYPAIRPUA,PRAANDTRANSMITSAMESSAGETOBCONSISTINGOFPUAANDANIDENTIFIEROFA,IDA2BGENERATESASECRETKEY,KS,ANDTRANSMITSITTOA,ENCRYPTEDWITHASPUBLICKEY3ACOMPUTESDPRA,EPUA,KSTORECOVERTHESECRETKEYBECAUSEONLYACANDECRYPTTHEMESSAGE,ONLYAANDBWILLKNOWTHEIDENTITYOFKS4ADISCARDSPUAANDPRAANDBDISCARDSPUAFIGURE105SIMPLEUSEOFPUBLICKEYENCRYPTIONTOESTABLISHASESSIONKEYAANDBCANNOWSECURELYCOMMUNICATEUSINGCONVENTIONALENCRYPTIONANDTHESESSIONKEYKSATTHECOMPLETIONOFTHEEXCHANGE,BOTHAANDBDISCARDKSDESPITEITSSIMPLICITY,THISISANATTRACTIVEPROTOCOLNOKEYSEXISTBEFORETHESTARTOFTHECOMMUNICATIONANDNONEEXISTAFTERTHECOMPLETIONOFCOMMUNICATIONTHUS,THERISKOFCOMPROMISEOFTHEKEYSISMINIMALATTHESAMETIME,THECOMMUNICATIONISSECUREFROMEAVESDROPPINGTHEPROTOCOLDEPICTEDINFIGURE105ISINSECUREAGAINSTANADVERSARYWHOCANINTERCEPTMESSAGESANDTHENEITHERRELAYTHEINTERCEPTEDMESSAGEORSUBSTITUTEANOTHERMESSAGESEEFIGURE14CSUCHANATTACKISKNOWNASAMANINTHEMIDDLEATTACKRIVE84INTHISCASE,IFANADVERSARY,E,HASCONTROLOFTHEINTERVENINGCOMMUNICATIONCHANNEL,THENECANCOMPROMISETHECOMMUNICATIONINTHEFOLLOWINGFASHIONWITHOUTBEINGDETECTED1AGENERATESAPUBLIC/PRIVATEKEYPAIRPUA,PRAANDTRANSMITSAMESSAGEINTENDEDFORBCONSISTINGOFPUAANDANIDENTIFIEROFA,IDA2EINTERCEPTSTHEMESSAGE,CREATESITSOWNPUBLIC/PRIVATEKEYPAIRPUE,PREANDTRANSMITSPUE|IDATOB3BGENERATESASECRETKEY,KS,ANDTRANSMITSEPUE,KS4EINTERCEPTSTHEMESSAGE,ANDLEARNSKSBYCOMPUTINGDPRE,EPUE,KS5ETRANSMITSEPUA,KSTOATHERESULTISTHATBOTHAANDBKNOWKSANDAREUNAWARETHATKSHASALSOBEENREVEALEDTOEAANDBCANNOWEXCHANGEMESSAGESUSINGKSENOLONGERACTIVELYINTERFERESWITHTHECOMMUNICATIONSCHANNELBUTSIMPLYEAVESDROPSKNOWINGKSECANDECRYPTALLMESSAGES,ANDBOTHAANDBAREUNAWAREOFTHEPROBLEMTHUS,THISSIMPLEPROTOCOLISONLYUSEFULINANENVIRONMENTWHERETHEONLYTHREATISEAVESDROPPINGSECRETKEYDISTRIBUTIONWITHCONFIDENTIALITYANDAUTHENTICATIONFIGURE106,BASEDONANAPPROACHSUGGESTEDINNEED78,PROVIDESPROTECTIONAGAINSTBOTHACTIVEANDPASSIVEATTACKSWEBEGINATAPOINTWHENITISASSUMEDTHATAANDBHAVEEXCHANGEDPUBLICKEYSBYONEOFTHESCHEMESDESCRIBEDEARLIERINTHISSECTIONTHENTHEFOLLOWINGSTEPSOCCUR1AUSESBSPUBLICKEYTOENCRYPTAMESSAGETOBCONTAININGANIDENTIFIEROFAIDAANDANONCEN1,WHICHISUSEDTOIDENTIFYTHISTRANSACTIONUNIQUELY2BSENDSAMESSAGETOAENCRYPTEDWITHPUAANDCONTAININGASNONCEN1ASWELLASANEWNONCEGENERATEDBYBN2BECAUSEONLYBCOULDHAVEDECRYPTEDMESSAGE1,THEPRESENCEOFN1INMESSAGE2ASSURESATHATTHECORRESPONDENTISB3ARETURNSN2ENCRYPTEDUSINGBSPUBLICKEY,TOASSUREBTHATITSCORRESPONDENTISA4ASELECTSASECRETKEYKSANDSENDSMEPUB,EPRA,KSTOBENCRYPTIONOFTHISMESSAGEWITHBSPUBLICKEYENSURESTHATONLYBCANREADITENCRYPTIONWITHASPRIVATEKEYENSURESTHATONLYACOULDHAVESENTIT5BCOMPUTESDPUA,DPRB,MTORECOVERTHESECRETKEYFIGURE106PUBLICKEYDISTRIBUTIONOFSECRETKEYSNOTICETHATTHEFIRSTTHREESTEPSOFTHISSCHEMEARETHESAMEASTHELASTTHREESTEPSOFFIGURE103THERESULTISTHATTHISSCHEMEENSURESBOTHCONFIDENTIALITYANDAUTHENTICATIONINTHEEXCHANGEOFASECRETKEYAHYBRIDSCHEMEYETANOTHERWAYTOUSEPUBLICKEYENCRYPTIONTODISTRIBUTESECRETKEYSISAHYBRIDAPPROACHINUSEONIBMMAINFRAMESLE93THISSCHEMERETAINSTHEUSEOFAKEYDISTRIBUTIONCENTERKDCTHATSHARESASECRETMASTERKEYWITHEACHUSERANDDISTRIBUTESSECRETSESSIONKEYSENCRYPTEDWITHTHEMASTERKEYAPUBLICKEYSCHEMEISUSEDTODISTRIBUTETHEMASTERKEYSTHEFOLLOWINGRATIONALEISPROVIDEDFORUSINGTHISTHREELEVELAPPROACHPERFORMANCETHEREAREMANYAPPLICATIONS,ESPECIALLYTRANSACTIONORIENTEDAPPLICATIONS,INWHICHTHESESSIONKEYSCHANGEFREQUENTLYDISTRIBUTIONOFSESSIONKEYSBYPUBLICKEYENCRYPTIONCOULDDEGRADEOVERALLSYSTEMPERFORMANCEBECAUSEOFTHERELATIVELYHIGHCOMPUTATIONALLOADOFPUBLICKEYENCRYPTIONANDDECRYPTIONWITHATHREELEVELHIERARCHY,PUBLICKEYENCRYPTIONISUSEDONLYOCCASIONALLYTOUPDATETHEMASTERKEYBETWEENAUSERANDTHEKDCBACKWARDCOMPATIBILITYTHEHYBRIDSCHEMEISEASILYOVERLAIDONANEXISTINGKDCSCHEME,WITHMINIMALDISRUPTIONORSOFTWARECHANGESTHEADDITIONOFAPUBLICKEYLAYERPROVIDESASECURE,EFFICIENTMEANSOFDISTRIBUTINGMASTERKEYSTHISISANADVANTAGEINACONFIGURATIONINWHICHASINGLEKDCSERVESAWIDELYDISTRIBUTEDSETOFUSERS102DIFFIEHELLMANKEYEXCHANGETHEFIRSTPUBLISHEDPUBLICKEYALGORITHMAPPEAREDINTHESEMINALPAPERBYDIFFIEANDHELLMANTHATDEFINEDPUBLICKEYCRYPTOGRAPHYDIFF76BANDISGENERALLYREFERREDTOASDIFFIEHELLMANKEYEXCHANGE1ANUMBEROFCOMMERCIALPRODUCTSEMPLOYTHISKEYEXCHANGETECHNIQUE1WILLIAMSONOFBRITAINSCESGPUBLISHEDTHEIDENTICALSCHEMEAFEWMONTHSEARLIERINACLASSIFIEDDOCUMENTWILL76ANDCLAIMSTOHAVEDISCOVEREDITSEVERALYEARSPRIORTOTHATSEEELLI99FORADISCUSSIONTHEPURPOSEOFTHEALGORITHMISTOENABLETWOUSERSTOSECURELYEXCHANGEAKEYTHATCANTHENBEUSEDFORSUBSEQUENTENCRYPTIONOFMESSAGESTHEALGORITHMITSELFISLIMITEDTOTHEEXCHANGEOFSECRETVALUESTHEDIFFIEHELLMANALGORITHMDEPENDSFORITSEFFECTIVENESSONTHEDIFFICULTYOFCOMPUTINGDISCRETELOGARITHMSBRIEFLY,WECANDEFINETHEDISCRETELOGARITHMINTHEFOLLOWINGWAYFIRST,WEDEFINEAPRIMITIVEROOTOFAPRIMENUMBERPASONEWHOSEPOWERSMODULOPGENERATEALLTHEINTEGERSFROM1TOP1THATIS,IFAISAPRIMITIVEROOTOFTHEPRIMENUMBERP,THENTHENUMBERSAMODP,A2MODP,AP1MODPAREDISTINCTANDCONSISTOFTHEINTEGERSFROM1THROUGHP1INSOMEPERMUTATIONFORANYINTEGERBANDAPRIMITIVEROOTAOFPRIMENUMBERP,WECANFINDAUNIQUEEXPONENTISUCHTHATBAIMODPWHERE0IP1THEEXPONENTIISREFERREDTOASTHEDISCRETELOGARITHMOFBFORTHEBASEA,MODPWEEXPRESSTHISVALUEASDLOGA,PBSEECHAPTER8FORANEXTENDEDDISCUSSIONOFDISCRETELOGARITHMSTHEALGORITHMFIGURE107SUMMARIZESTHEDIFFIEHELLMANKEYEXCHANGEALGORITHMFORTHISSCHEME,THEREARETWOPUBLICLYKNOWNNUMBERSAPRIMENUMBERQANDANINTEGERTHATISAPRIMITIVEROOTOFQSUPPOSETHEUSERSAANDBWISHTOEXCHANGEAKEYUSERASELECTSARANDOMINTEGERXAQANDCOMPUTESYAAXAMODQSIMILARLY,USERBINDEPENDENTLYSELECTSARANDOMINTEGERXAQANDCOMPUTESYBAXBMODQEACHSIDEKEEPSTHEXVALUEPRIVATEANDMAKESTHEYVALUEAVAILABLEPUBLICLYTOTHEOTHERSIDEUSERACOMPUTESTHEKEYASKYBXAMODQANDUSERBCOMPUTESTHEKEYASKYAXBMODQTHESETWOCALCULATIONSPRODUCEIDENTICALRESULTSKYBXAMODQAXBMODQXAMODQAXBXAMODQBYTHERULESOFMODULARARITHMETICAXBXAMODQAXAXBMODQAXAMODQAXAMODQXBMODQYAXBMODQFIGURE107THEDIFFIEHELLMANKEYEXCHANGEALGORITHMTHERESULTISTHATTHETWOSIDESHAVEEXCHANGEDASECRETVALUEFURTHERMORE,BECAUSEXAANDXBAREPRIVATE,ANADVERSARYONLYHASTHEFOLLOWINGINGREDIENTSTOWORKWITHQ,A,YA,ANDYBTHUS,THEADVERSARYISFORCEDTOTAKEADISCRETELOGARITHMTODETERMINETHEKEYFOREXAMPLE,TODETERMINETHEPRIVATEKEYOFUSERB,ANADVERSARYMUSTCOMPUTEXBDLOGA,QYBTHEADVERSARYCANTHENCALCULATETHEKEYKINTHESAMEMANNERASUSERBCALCULATESITTHESECURITYOFTHEDIFFIEHELLMANKEYEXCHANGELIESINTHEFACTTHAT,WHILEITISRELATIVELYEASYTOCALCULATEEXPONENTIALSMODULOAPRIME,ITISVERYDIFFICULTTOCALCULATEDISCRETELOGARITHMSFORLARGEPRIMES,THELATTERTASKISCONSIDEREDINFEASIBLEHEREISANEXAMPLEKEYEXCHANGEISBASEDONTHEUSEOFTHEPRIMENUMBERQ353ANDAPRIMITIVEROOTOF353,INTHISCASEA3AANDBSELECTSECRETKEYSXA97ANDXB233,RESPECTIVELYEACHCOMPUTESITSPUBLICKEYACOMPUTESYA397MOD35340BCOMPUTESYB3233MOD353248AFTERTHEYEXCHANGEPUBLICKEYS,EACHCANCOMPUTETHECOMMONSECRETKEYACOMPUTESKYBXAMOD35324897MOD353160BCOMPUTESKYAXEMOD35340233MOD353160WEASSUMEANATTACKERWOULDHAVEAVAILABLETHEFOLLOWINGINFORMATIONQ353A3YA40YB248INTHISSIMPLEEXAMPLE,ITWOULDBEPOSSIBLEBYBRUTEFORCETODETERMINETHESECRETKEY160INPARTICULAR,ANATTACKERECANDETERMINETHECOMMONKEYBYDISCOVERINGASOLUTIONTOTHEEQUATION3AMOD35340ORTHEEQUATION3BMOD353248THEBRUTEFORCEAPPROACHISTOCALCULATEPOWERSOF3MODULO353,STOPPINGWHENTHERESULTEQUALSEITHER40OR248THEDESIREDANSWERISREACHEDWITHTHEEXPONENTVALUEOF97,WHICHPROVIDES397MOD35340WITHLARGERNUMBERS,THEPROBLEMBECOMESIMPRACTICALKEYEXCHANGEPROTOCOLSFIGURE108SHOWSASIMPLEPROTOCOLTHATMAKESUSEOFTHEDIFFIEHELLMANCALCULATIONSUPPOSETHATUSERAWISHESTOSETUPACONNECTIONWITHUSERBANDUSEASECRETKEYTOENCRYPTMESSAGESONTHATCONNECTIONUSERACANGENERATEAONETIMEPRIVATEKEYXA,CALCULATEYA,ANDSENDTHATTOUSERBUSERBRESPONDSBYGENERATINGAPRIVATEVALUEXBCALCULATINGYB,ANDSENDINGYBTOUSERABOTHUSERSCANNOWCALCULATETHEKEYTHENECESSARYPUBLICVALUESQANDAWOULDNEEDTOBEKNOWNAHEADOFTIMEALTERNATIVELY,USERACOULDPICKVALUESFORQANDAANDINCLUDETHOSEINTHEFIRSTMESSAGEFIGURE108DIFFIEHELLMANKEYEXCHANGEASANEXAMPLEOFANOTHERUSEOFTHEDIFFIEHELLMANALGORITHM,SUPPOSETHATAGROUPOFUSERSEG,ALLUSERSONALANEACHGENERATEALONGLASTINGPRIVATEVALUEXIFORUSERIANDCALCULATEAPUBLICVALUEYITHESEPUBLICVALUES,TOGETHERWITHGLOBALPUBLICVALUESFORQANDA,ARESTOREDINSOMECENTRALDIRECTORYATANYTIME,USERJCANACCESSUSERISPUBLICVALUE,CALCULATEASECRETKEY,ANDUSETHATTOSENDANENCRYPTEDMESSAGETOUSERAIFTHECENTRALDIRECTORYISTRUSTED,THENTHISFORMOFCOMMUNICATIONPROVIDESBOTHCONFIDENTIALITYANDADEGREEOFAUTHENTICATIONBECAUSEONLYIANDJCANDETERMINETHEKEY,NOOTHERUSERCANREADTHEMESSAGECONFIDENTIALITYRECIPIENTIKNOWSTHATONLYUSERJCOULDHAVECREATEDAMESSAGEUSINGTHISKEYAUTHENTICATIONHOWEVER,THETECHNIQUEDOESNOTPROTECTAGAINSTREPLAYATTACKS103ELLIPTICCURVEARITHMETICMOSTOFTHEPRODUCTSANDSTANDARDSTHATUSEPUBLICKEYCRYPTOGRAPHYFORENCRYPTIONANDDIGITALSIGNATURESUSERSAASWEHAVESEEN,THEKEYLENGTHFORSECURERSAUSEHASINCREASEDOVERRECENTYEARS,ANDTHISHASPUTAHEAVIERPROCESSINGLOADONAPPLICATIONSUSINGRSATHISBURDENHASRAMIFICATIONS,ESPECIALLYFORELECTRONICCOMMERCESITESTHATCONDUCTLARGENUMBERSOFSECURETRANSACTIONSRECENTLY,ACOMPETINGSYSTEMHASBEGUNTOCHALLENGERSAELLIPTICCURVECRYPTOGRAPHYECCALREADY,ECCISSHOWINGUPINSTANDARDIZATIONEFFORTS,INCLUDINGTHEIEEEP1363STANDARDFORPUBLICKEYCRYPTOGRAPHYTHEPRINCIPALATTRACTIONOFECC,COMPAREDTORSA,ISTHATITAPPEARSTOOFFEREQUALSECURITYFORAFARSMALLERKEYSIZE,THEREB
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 玫瑰花课件教学课件
- 猴痘预防知识培训课件
- 猫课件简介教学课件
- 安全教育进企业培训内容课件
- 农业智能化:2025年无土栽培蔬菜产业化项目自动化水平研究报告
- 新课标视域下农村初中语文大单元教学设计与实践研究
- 《红楼梦》中对联的教学作用
- 分区公园改造工程方案(3篇)
- 工程安全管理相关方案(3篇)
- 电网工程履约管理方案(3篇)
- 公司关工委活动方案
- 守纪律小学生课件教学
- T/ZGSCJXH 1-2019陈年白酒收藏评价指标体系
- 链家签约文件合同模板
- 第四版(2025)国际压力性损伤溃疡预防和治疗临床指南解读
- 大学计算机(WPS Office)课件全套 刘卫国 第1-9章 计算机与信息社会-问题求解与算法基础
- 辞职工资发放合同协议
- TSG D7004-2010 压力管道定期检验规则 -公用管道
- 2025年环保行业从业者综合素质测试试卷及答案
- 面点原料知识
- 饿了创业成功案例分析
评论
0/150
提交评论