📄 01-01.html
字号:
</td> <!-- PUB PARTNERS END --><!-- END LEFT NAV --><td rowspan="8" align="right" valign="top"><img src="/images/iswbls.gif" width=1 height=400 alt="" border="0"></td><td><img src="/images/white.gif" width="5" height="1" alt="" border="0"></td><!-- end of ITK left NAV --><!-- begin main content --><td width="100%" valign="top" align="left"><!-- END SUB HEADER --><!--Begin Content Column --><FONT FACE="Arial,Helvetica" SIZE="-1">To access the contents, click the chapter and section titles.</FONT><P><B>Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)</B><FONT SIZE="-1"><BR><I>(Publisher: John Wiley & Sons, Inc.)</I><BR>Author(s): Bruce Schneier<BR>ISBN: 0471128457<BR>Publication Date: 01/01/96</FONT><P><form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi"><INPUT TYPE="hidden" NAME="Action" VALUE="Search"><INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm"><INPUT TYPE="hidden" NAME="Collection" VALUE="ITK"><INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts"><INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts"><font face="arial, helvetica" size=2><b>Search this book:</b></font><br><INPUT NAME="queryText" size=50 VALUE=""> <input type="submit" name="submitbutton" value="Go!"><INPUT type=hidden NAME="section_on" VALUE="on"><INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471128457/"></form><!-- Empty Reference Subhead --><!--ISBN=0471128457//--><!--TITLE=APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C//--><!--AUTHOR=Bruce Schneier//--><!--PUBLISHER=Wiley Computer Publishing//--><!--CHAPTER=01//--><!--PAGES=001-004//--><!--UNASSIGNED1//--><!--UNASSIGNED2//--><CENTER><TABLE BORDER><TR><TD><A HREF="../about_author.html">Previous</A></TD><TD><A HREF="../ewtoc.html">Table of Contents</A></TD><TD><A HREF="01-02.html">Next</A></TD></TR></TABLE></CENTER><P><BR></P><H2><A NAME="Heading1"></A><FONT COLOR="#000077">Chapter 1<BR>Foundations</FONT></H2><H3><A NAME="Heading2"></A><FONT COLOR="#000077">1.1 Terminology</FONT></H3><P><FONT SIZE="+1"><B><I>Sender and Receiver</I></B></FONT></P><P>Suppose a sender wants to send a message to a receiver. Moreover, this sender wants to send the message securely: She wants to make sure an eavesdropper cannot read the message.</P><P><FONT SIZE="+1"><B><I>Messages and Encryption</I></B></FONT></P><P>A message is <B>plaintext</B> (sometimes called cleartext). The process of disguising a message in such a way as to hide its substance is <B>encryption</B>. An encrypted message is <B>ciphertext</B>. The process of turning ciphertext back into plaintext is <B>decryption</B>. This is all shown in Figure 1.1.</P><P>(If you want to follow the ISO 7498-2 standard, use the terms “encipher” and “decipher.” It seems that some cultures find the terms “encrypt” and “decrypt” offensive, as they refer to dead bodies.)</P><P>The art and science of keeping messages secure is <B>cryptography</B>, and it is practiced by <B>cryptographers</B>. <B>Cryptanalysts</B> are practitioners of <B>cryptanalysis</B>, the art and science of breaking ciphertext; that is, seeing through the disguise. The branch of mathematics encompassing both cryptography and cryptanalysis is <B>cryptology</B> and its practitioners are <B>cryptologists</B>. Modern cryptologists are generally trained in theoretical mathematics—they have to be.</P><I><P><A NAME="Fig1"></A><A HREF="javascript:displayWindow('images/01-01.jpg',281,41 )"><IMG SRC="images/01-01t.jpg"></A><BR><A HREF="javascript:displayWindow('images/01-01.jpg',281,41)"><FONT COLOR="#000077"><B>Figure 1.1</B></FONT></A> Encryption and Decryption.</I></P><P>Plaintext is denoted by <I>M</I>, for message, or <I>P</I>, for plaintext. It can be a stream of bits, a text file, a bitmap, a stream of digitized voice, a digital video image...whatever. As far as a computer is concerned, <I>M</I> is simply binary data. (After this chapter, this book concerns itself with binary data and computer cryptography.) The plaintext can be intended for either transmission or storage. In any case, <I>M</I> is the message to be encrypted.</P><P>Ciphertext is denoted by <I>C</I>. It is also binary data: sometimes the same size as <I>M</I>, sometimes larger. (By combining encryption with compression, <I>C</I> may be smaller than <I>M</I>. However, encryption does not accomplish this.) The encryption function <I>E</I>, operates on <I>M</I> to produce <I>C</I>. Or, in mathematical notation:</P><DL><DD><I>E</I>(<I>M</I>) = <I>C</I></DL><P>In the reverse process, the decryption function <I>D</I> operates on <I>C</I> to produce <I>M</I>:</P><DL><DD><I>D</I>(<I>C</I>) = <I>M</I></DL><P>Since the whole point of encrypting and then decrypting a message is to recover the original plaintext, the following identity must hold true:</P><DL><DD><I>D</I>(<I>E</I>(<I>M</I>)) = <I>M</I></DL><P><FONT SIZE="+1"><B><I>Authentication, Integrity, and Nonrepudiation</I></B></FONT></P><P>In addition to providing confidentiality, cryptography is often asked to do other jobs:</P><DL><DD>— <B>Authentication</B>. It should be possible for the receiver of a message to ascertain its origin; an intruder should not be able to masquerade as someone else.<DD>— <B>Integrity</B>. It should be possible for the receiver of a message to verify that it has not been modified in transit; an intruder should not be able to substitute a false message for a legitimate one.<DD>— <B>Nonrepudiation</B>. A sender should not be able to falsely deny later that he sent a message.</DL><P>These are vital requirements for social interaction on computers, and are analogous to face-to-face interactions. That someone is who he says he is...that someone’s credentials—whether a driver’s license, a medical degree, or a passport—are valid...that a document purporting to come from a person actually came from that person.... These are the things that authentication, integrity, and nonrepudiation provide.</P><P><FONT SIZE="+1"><B><I>Algorithms and Keys</I></B></FONT></P><P>A <B>cryptographic algorithm</B>, also called a <B>cipher</B>, is the mathematical function used for encryption and decryption. (Generally, there are two related functions: one for encryption and the other for decryption.)</P><P>If the security of an algorithm is based on keeping the way that algorithm works a secret, it is a <B>restricted</B> algorithm. Restricted algorithms have historical interest, but are woefully inadequate by today’s standards. A large or changing group of users cannot use them, because every time a user leaves the group everyone else must switch to a different algorithm. If someone accidentally reveals the secret, everyone must change their algorithm.</P><P>Even more damning, restricted algorithms allow no quality control or standardization. Every group of users must have their own unique algorithm. Such a group can’t use off-the-shelf hardware or software products; an eavesdropper can buy the same product and learn the algorithm. They have to write their own algorithms and implementations. If no one in the group is a good cryptographer, then they won’t know if they have a secure algorithm.</P><P>Despite these major drawbacks, restricted algorithms are enormously popular for low-security applications. Users either don’t realize or don’t care about the security problems inherent in their system.</P><P>Modern cryptography solves this problem with a <B>key</B>, denoted by <I>K</I>. This key might be any one of a large number of values. The range of possible values of the key is called the <B>keyspace</B>. Both the encryption and decryption operations use this key (i.e., they are dependent on the key and this fact is denoted by the k subscript), so the functions now become:</P><DL><DD><I>E</I><SUB>K</SUB>(<I>M</I>) = <I>C</I><DD><I>D</I><SUB>K</SUB>(<I>C</I>) = <I>M</I></DL><P>Those functions have the property that (see Figure 1.2):</P><DL><DD><I>D</I><SUB>K</SUB>(<I>E</I><SUB>K</SUB>(<I>M</I>)) = <I>M</I></DL><P>Some algorithms use a different encryption key and decryption key (see Figure 1.3). That is, the encryption key, <I>K</I><SUB>1</SUB>, is different from the corresponding decryption key, <I>K</I><SUB>2</SUB>. In this case:</P><DL><DD><I>E</I><SUB><SMALL>K</SMALL><SUB>1</SUB></SUB>(<I>M</I>) = <I>C</I><DD><I>D</I><SUB><SMALL>K</SMALL><SUB>2</SUB></SUB>(<I>C</I>) = <I>M</I><DD><I>D</I><SUB><SMALL>K</SMALL><SUB>2</SUB></SUB>(<I>E</I><SUB>K<SUB>1</SUB></SUB> (<I>M</I>)) = <I>M</I></DL><P>All of the security in these algorithms is based in the key (or keys); none is based in the details of the algorithm. This means that the algorithm can be published and analyzed. Products using the algorithm can be mass-produced. It doesn’t matter if an eavesdropper knows your algorithm; if she doesn’t know your particular key, she can’t read your messages.</P><I><P><A NAME="Fig2"></A><A HREF="javascript:displayWindow('images/01-02.jpg',268,52 )"><IMG SRC="images/01-02t.jpg"></A><BR><A HREF="javascript:displayWindow('images/01-02.jpg',268,52)"><FONT COLOR="#000077"><B>Figure 1.2</B></FONT></A> Encryption and decryption with a key.</I><I></P><P><A NAME="Fig3"></A><A HREF="javascript:displayWindow('images/01-03.jpg',263,58 )"><IMG SRC="images/01-03t.jpg"></A><BR><A HREF="javascript:displayWindow('images/01-03.jpg',263,58)"><FONT COLOR="#000077"><B>Figure 1.3</B></FONT></A> Encryption and decryption with two different keys.</I></P><P>A <B>cryptosystem</B> is an algorithm, plus all possible plaintexts, ciphertexts, and keys.</P><P><FONT SIZE="+1"><B><I>Symmetric Algorithms</I></B></FONT></P><P>There are two general types of key-based algorithms: symmetric and public-key. <B>Symmetric algorithms</B>, sometimes called conventional algorithms, are algorithms where the encryption key can be calculated from the decryption key and vice versa. In most symmetric algorithms, the encryption key and the decryption key are the same. These algorithms, also called secret-key algorithms, single-key algorithms, or one-key algorithms, require that the sender and receiver agree on a key before they can communicate securely. The security of a symmetric algorithm rests in the key; divulging the key means that anyone could encrypt and decrypt messages. As long as the communication needs to remain secret, the key must remain secret.</P><P>Encryption and decryption with a symmetric algorithm are denoted by:</P><DL><DD><I>E</I><SUB>K</SUB>(<I>M</I>) = <I>C</I><DD><I>D</I><SUB>K</SUB>(<I>C</I>) = <I>M</I></DL><P><BR></P><CENTER><TABLE BORDER><TR><TD><A HREF="../about_author.html">Previous</A></TD><TD><A HREF="../ewtoc.html">Table of Contents</A></TD><TD><A HREF="01-02.html">Next</A></TD></TR></TABLE></CENTER>[an error occurred while processing this directive]<!-- all of the reference materials (books) have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- BEGIN SUB FOOTER --> <br><br> </TD> </TR> </TABLE> <table width="640" border=0 cellpadding=0 cellspacing=0> <tr> <td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td> <!-- END SUB FOOTER --><!-- all of the books have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- FOOTER --> <td width="515" align="left" bgcolor="#FFFFFF"><font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a> | <a href="/contactus.html"><font color="#006666">Contact Us</font></a> | <a href="/aboutus.html"><font color="#006666">About Us</font></a> | <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> | <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> | <a href="/"><font color="#006666">Home</font></a></b> <br><br> Use of this site is subject to certain <a href="/agreement.html">Terms & Conditions</a>, <a href="/copyright.html">Copyright © 1996-1999 EarthWeb Inc.</a><br> All rights reserved. Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p></td> </tr></table></BODY></HTML><!-- END FOOTER -->⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -