中英文翻译
- 格式:doc
- 大小:83.00 KB
- 文档页数:15
外文翻译系别信息工程系专业网络工程班级B841111学号B84111117姓名任贺指导教师孟桂英负责教师沈阳航空航天大学北方科技学院2012年6月The Design and Realization of Digital Signature Based on RSARSA algorithms is introducedRSA public key cryptography. So-called public key cryptography system is to use different encryption and decryption key keys, is a "known encryption key is deduced by declassified in calculations is key to be done" password system.In a public-key cryptosystem, encryption key (i.e. public key) PK is the public information, and decryption key (namely, the private key) SK is needed to remain confidential. Encryption algorithm E and decryption algorithm D also are in the open. Although the secret key SK is by public key PK decision, but cannot PK calculated according to SK. It is based on this theory, appeared in 1978 the famous RSA algorithms, it is usually into a pair of Mr RSA keys, one of which is kept secret key, save by users; Another for public key, can be made public, and even can be registered in the network server. In order to improve the secrecy intensity, RSA keys at least 500 bits long, generally recommend using 1024 bits. This makes the calculation amount of encryption is very large. To reduce the computational complexity, sending the information, often USES traditional encryption methods and public key encryption method unifies means, that information with the improved DES or IDEA dialogue key encryption, and use the RSA encryption keys and information the dialogue. Each other after receiving information, with different keys decryption and can check the information.RSA algorithms is the first not only can be used for encryption but also can be used for digital signature algorithm, and it is also easy to understand and operation. RSA is most widely studied public key algorithm, and put forward to the now from more than 30 years, experienced the test of all kinds of attacks, for the people to accept gradually, generally, is now one of the most outstanding public key solutions.The safety of the RSARSA security depends on the larger decomposition, but whether or not equal to tarsus decomposition theory has been failed to get the certificate, and for no proof that break RSA will need to be larger decomposition. Assuming there are a large without decomposition algorithm, it must be larger decomposition algorithm can be modified. At present, some variant of RSA algorithms have been proved equivalent to tarsusdecomposition. Anyway, the decomposition n is the most obviously method of assault. Now, people already can break down more than 140 decimal big primes. Therefore, must choose a big modulus n some, for application is up.RSA speedBecause of the large is calculated, make the fastest RSA than DES 100 times on slow, whether software or hardware implementation. Speed has been the defects of RSA. Generally speaking only for a few data encryption.RSA's chosen-ciphertext attackRSA in chosen-ciphertext before the attack is weak. Generally the attacker is will certain information is the camouflage (Blind), let the private key with the entity to sign. Then, after calculation can get what it wanted information. In fact, attack the same weaknesses are using, that is such a fact that have been retained the multiplication of the input structure: (XM) ^ d = X ^ d * M ^ d mod n front have already mentioned, the inherent problems from the public key cryptography is the most useful features-everyone can use public key. But from the algorithm can't solve the problem, the main measures are two: one is the good public key agreement, guarantee the process not produce any other entity entity of the information the decryption, you know nothing wrong information signature; The other One is never sent to strangers random document signature, the first to use One sign of a document for-Way HashFunction HASH processing, or use at the same time different signature algorithm.RSA encryption algorithm faults⑴produce key is very troublesome, produced by a prime technical limitations, so hard to do it once a secret. ⑵security, the safety of RSA depends on the large factor decomposition, but did not prove theoretically decipher the difficulty of tarsus and RSA decomposition difficulty equivalent, and most people tend to academic password factor decomposition is not NPC problem. At present, people already can break down more than 140 decimal big primes, it is required to use more long key, speed, more slowly; Moreover, the people are actively looking for attack RSA methods, such as chosen-ciphertext attack, general attackers will certain information is the camouflage (Blind), let the private key with the entity to sign. Then, after calculation can get what it wanted information. In fact, attack the same weaknesses are using, that is such a fact that have been retained the multiplication of the input structure: (XM) d = Xd * Md mod n front have alreadymentioned, the inherent problems from the public key cryptography is the most useful features-everyone can use public key. But from the algorithm can't solve the problem, the main measures are two: one is the good public key agreement, guarantee the process not produce any other entity entity of the information the decryption, you know nothing wrong information signature; The other One is never sent to strangers random document signature, the first to use One sign-Way Hash Function of document for Hash processing, or use at the same time different signature algorithm. In addition to using public modulus, people also try s ome use decryption index or φ (n) and so on attack.⑶ speed too slow, because the grouping of RSA too large length, to ensure safety, n at least 600 bitx above, make the operation cost is high, especially at a slower speed, a symmetric cryptosystem several orders of magnitude slower; Along with the development of the larger decomposition technique, the length is increasing, go against the standardization of data format. At present, the SET (Secure Electronic Transaction) agreement with 2048 bits long requirements CA keys, other entity USES 1024 bit key. In order to speed, at present the widely use of single, the method of using a combination of public key password, complementary advantages and disadvantages: ChanYao password encryption speed, people use it to encrypt a long documents, and then using the RSA encryption to give document, extremely good solve the problem of ChanYao password key distribution.Modern cryptography has become the core of information security technology, cryptography, is the communication security confidential subject research, that is, to study the type of secret information transmission of transformation in order to prevent the third party to steal information. Cryptography include two branches: password code to learn and password analytics. Password code to learn the main information exchange, to protect information in the channel's relay in to steal, decryption and use method, and the password analysis learning is and password code learning instead, it mainly studies how to analyze and crack password. Both between both opposition to each other and promote each other. The classification of the password system has a lot of, one of them is based on encryption algorithm and decryption keys used algorithms are same, password system can be divided into symmetrical encryption system (ChanYao password system) and asymmetric encryption system (public key cryptosystems), the two password system each have their own advantages and disadvantages, so now USES two hybrid. Public key cryptosystems features are: the receiving party B produces a pair of keys (PK and SK);PK public, SK confidential; PK from launch SK is very difficult; A and B both sides communication, A in any way obtained B public key, use the B public key encryption information, encrypted information can be obtained by any unsafe channel sent. B received ciphertext information, with their own private key recovering the decryption plaintext. Public key cryptography system to ensure the security of information have become the key technology. RSA public key cryptosystems so far or a recognised as safe system. RSA public key encryption algorithm is the first can used for data encryption can also be used as a digital signature algorithm. It is easy to understand and operation, is also very popular. As more commercial application and standardization work, RSA has become the most representative of the public key encryption technology. VISA, MasterCard, IBM, Microsoft and other companies for the safety of Electronic trading work standard (Secure Electronic Transactions, SET) adopt the standard RSA algorithms, this makes the RSA in our life almost everywhere. Online transactions encrypted connection, the bank on the net identity authentication, all kinds of credit card the use of digital certificate, intelligent mobile phone memory card and validation of chips and so on the function, most use RSA technology.In 1995, has been put forward a very unexpected attack way: if E younger sister to huang hardware are fully know, and know it to some specific message when the time needed to encrypt words, so she can be quickly is deduced from the d. This attack will be established the way, mainly because of the encryption on the mode of the index when computing is a bit a bit, and bits of 1 spent than a yuan for 0 computation of a operation, so if you can get more information and its encryption of time, will have a chance to launch the private key content. The most popular attack on RSA is generally larger factor decomposition based on. In 1999, the RSA-155 (512 bits) be successful decomposition, spent five months time (about 8000 MIPS years) and 224 CPU hours in a 3.2 G the central memory Cray C916 finished on the computer. In 2002, the RSA-158 was also success factor decomposition. On December 12, 2009, Numbers for RSA-768 (768 bits, 232 digits) number also be successful decomposition. Beijing time February 15 morning news, according to the New York times reported Tuesday, European and American mathematicians and cryptographers accidental discovery, at present is widely spoken all over the world's public key encryption algorithm RSA existence of loopholes. They found that, in 7 million the experiment of 27000 sample public key and not according to thetheory of randomly generated. That is, maybe someone can find out the secret of produce public key prime Numbers. This research project was made by the independent cryptographers James P.H ughes and Dutch mathematician Arjen k. Lenstra lead. Their report said: "we found the vast majority of the public key all is according to the theory of generation, but every one thousand public key will have two unsafe." The report says, to prevent someone USES the vulnerability, a public key from the public access database has been removed. To ensure the security of the system, the website needs to be in the terminal to change.Over the years, RSA mainly focuses on information security market in several fields, is also have distinguishing feature each field. In the identity authentication field, RSA attention to many online trading enterprise including financial, search, and industry, the user to the extent of the identity authentication concern obviously different. Another fishing, Trojan than before more widespread. Online identity authentication, the growth is strong fraud. In addition, the enterprise internal control, at present, China is still in the process of maturity. In the data leak in some new "Trojan RSA services to society and to the strong identity authentication, also have some new business breakthrough.The financial industry in anywhere in the world, there are the highest safety risk industry, whether the reality of crime or cyber crime, financial is a sweet BoBo. Along with the development of the network bank, financial industry to information security solutions needs always very strong, the financial industry is the largest RSA development space, and in the future for a period of time will still is. How to keep the financial industry information security, prevent data leak, and deal with the financial services, and become the focus of future business development RSA.Digital signature is introducedDigital signature, is the only information to produce the sender of the others can't fake a digital string, the string is also a number of information of the sender sends information a valid proof of authenticity.Digital signature is symmetrical encryption technology and the application of digital technology.Digital signature of the file is easy to verify the integrity of the (don't need at the chapter, at the signature, also do not need the handwriting expert), and digital signature is not deny sex (don't need the handwriting expert to verify).Say simply, the so-called digital signature is additional data unit in on some of the data, or of data elements of the password change. This kind of data or transform allow data unit receiver to confirm our units of data source and the units of data integrity and protect data, to prevent being (such as the receiver) forged. It is to the electronic form of news to sign one method, a signature news can be in a communication network transmission. Based on the public key cryptography system and a private key password system can get digital signature, mainly is based on public key cryptosystems digital signature. Including ordinary digital signatures and special digital signature. Ordinary digital signature algorithm has RSA, ElGamal, Fiat-Shamir, Guillou-Quisquarter, Schnorr, Ong-Schnorr-Shamir digital signature algorithm, Des/DSA, elliptic curve digital signature algorithm and finite automata digital signature algorithm, etc. Special digital signatures have blind signature, proxy signature, group signature, undeniable signature, fair blind signature, threshold signature, with news of the signature restore function, it is closely related with the specific application environment. Obviously, the application of digital signature involving legal problems, the federal government based on limited domain of discrete logarithm problem develop their own digital signature standard (DSS).Digital Signature (Digital Signature) technology is asymmetric encryption algorithm of typical application. The process of application of digital signature, sending data sources to use his private key to data validation and or other relevant variables and data content to encrypt and the completion of legal "signature" data, data receiving party is use the other public key to interpret received "digital signatures", and will interpret results are used to test the integrity of the data, to confirm the legitimacy of the signature. Digital signature technology in network system is virtual environment identified important technology, and can completely replace the reality in the process of holograph signs ", in the technology and the law is guaranteed. In the application of digital signature, the sender's public key can be easily get, but his private key requires strictly confidential.Digital signature functionEnsure the integrity of the information transmission, the sender's identity authentication, to prevent trade in deny happen. Digital signature technology is will the information with sender's private key encryption, and the original transfer to the recipient together. The receiver only in sending public key can decrypt encrypted information, then use HASH function of received the original produce a the information, and thedeclassified information contrast. If the same, show the information received is complete, the transfer of the process not be amended, modified or information that was, so digital signatures can verify the integrity of the information. Digital signature is a encryption process, digital signature verification is a decryption process.Digital signature process"Send a message sender, with a hash function from the message of the generation text message digest, and in her own private key to encrypt the the, the encrypted the will of a message as a digital signature and a message sent to the receiving party together, the receiving party first used to send party the same hash function from the receiving of the original message to calculate the message in the abstract, then use the sending of a message of public key to additional digital signature decryption, if the two the same, so the receiving party can confirm the digital signature is the sender.Digital signature has two functions: one is the message is really can be determined by the sender signed the concurrent out, because people can't fake sender's signature. 2 it is digital signatures can determine the integrity of the news. Because the characteristics of digital signature is that it represents the characteristics of documents, file if change, the value of the digital signature will change. Different file will get different digital signature.A digital signature involves a hash function, the sender's public key, the sender's private key. "MD5 algorithm introducesMD5 news the algorithm is designed by Rivest one-way hash function, MD5 not based on any hypothesis and the password system, it is the direct structure way, quickly, very practical.MD5 algorithm is the typical application of information to a produce news the MD, to prevent being tampered with. For example, in the Unix has many software in the download of a file name is same, file extensions. MD5 files, in the file usually only one line of text, general structure such as:MD5 (tanajiya. Tar. Gz) = 0 ca175b9c0f726a831d895e269332461This is tanajiya. Tar. Gz file digital signature. The entire file MD5 as a large text information, through its irreversible text transform algorithm, produced this only the MD5 information. If in the future of this file transmission process, whatever happened to the content of the document any form of change, as long as you to this file recount MD5 willfind information in different, thus make sure you get is a doubtful file. If have a third party certification institution, with MD5 also can prevent file the author's "deny", this is the so-called digital signature applications. MD5 also widely for encryption and decryption technology. For example in the Unix system password of user to MD5 encryption is stored in the after file system. When users log on, the system the password of user input into MD5 value calculation, and then to and stored in file system of MD5 value is used in the comparison, we determine the input password is correct. Through such steps, the system does not know in user password plain code under the situation that can determine the user login system legitimacy. It could not only avoid the password of user with system administrator rights by the users know, but also to a certain extent increase the difficulty of the password has been cracked.基于RSA的数字签名系统的设计与实现RSA算法介绍RSA公开密钥密码体制。