📄 securelecture.tex
字号:
\documentclass[a4paper]{article}
\usepackage[screen,gray,paneltoc,sectionbreak]{pdfscreen}
\usepackage{xspace,colortbl}
\usepackage{fancyvrb}
\usepackage{graphicx}
\usepackage{CJK}
\usepackage{color}
\usepackage{times}
\usepackage{type1cm}
\usepackage{tabls}
\usepackage{background}
\usepackage{geometry}
\usepackage{hyperref}
\usepackage[display]{texpower}
\usepackage{manfnt}
\usepackage{hypbmsec}
\usepackage{pause}
\usepackage{amsmath,amssymb,amsfonts}
\usepackage{texnames}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 定义PDF文档属性 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\hypersetup{pdftitle={An introduction to email security},
pdfsubject={An introduction to email security},
pdfauthor={Zhou Mo,CC,PKU,<zhoumo02@pku.edu.cn>},
pdfkeywords={},
pdfpagemode={FullScreen},
colorlinks={true},
linkcolor={red}
}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 定制幻灯片---幅面、标志、底板、主页、按钮行距等 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\margins{15mm}{15mm}{15mm}{15mm} %定义页边的空白尺寸,\margins{left}{right}{top}{bottom}。
\overlay{Overlays/overlay\theslideoverlay}
\screensize{180mm}{240mm} %定义屏幕尺寸,\screensize{height}{width},通常为180mm*240mm。
\bottombuttons %定义底部开关
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 定制幻灯片---重定义字体、字号命令 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newcommand{\song}{\CJKfamily{song}} % 宋体 (Windows自带simsun.ttf)
\newcommand{\fs}{\CJKfamily{fs}} % 仿宋体 (Windows自带simfs.ttf)
\newcommand{\kai}{\CJKfamily{kai}} % 楷体 (Windows自带simkai.ttf)
\newcommand{\hei}{\CJKfamily{hei}} % 黑体 (Windows自带simhei.ttf)
\newcommand{\li}{\CJKfamily{li}} % 隶书 (Windows自带simli.ttf)
\newcommand{\you}{\CJKfamily{you}} % 幼圆 (Windows自带simyou.ttf)
\newcommand{\chuhao}{\fontsize{42pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\xiaochuhao}{\fontsize{36pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\yichu}{\fontsize{32pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\yihao}{\fontsize{28pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\erhao}{\fontsize{21pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\xiaoerhao}{\fontsize{18pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\sanhao}{\fontsize{15.75pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\sihao}{\fontsize{14pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\xiaosihao}{\fontsize{12pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\wuhao}{\fontsize{10.5pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\xiaowuhao}{\fontsize{9pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\liuhao}{\fontsize{7.875pt}{\baselineskip}\selectfont} % 字号设置
\newcommand{\qihao}{\fontsize{5.25pt}{\baselineskip}\selectfont} % 字号设置
\begin{document}
\begin{CJK*}{GBK}{hei} %用汉字,定义”黑体“为文档字体。
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 幻灯片主体 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 幻灯片封面 %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionDissolve
\begin{slide}
\vspace{-30mm}
\vspace{-2mm}\hspace{-2mm}\fs\raisebox{4mm}\\
\vspace{0.5cm}
\centering
\Large\color{blue} \textbf{An Introduction to Email Security}\\[-3mm]
\normalsize\vspace{1.75cm}\centering\textsc{\textbf{\textcolor[rgb]{0.00,0.00,0.50}{Zhou Mo}}}\\
\vspace{1.75cm}
\centering\color{black}\textsl{Computer Center, Peking University}\\\emph{Beijing, China}\\
\vspace{1.0cm}
\href{mailto:zac_zhou@263.net}{\color{section1}\textsf{zac\_zhou@263.net}}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% the second slide
\linespread{1.3}
\newpage\pageTransitionGlitter{0}
\begin{slide}
\begin{center}
\Large{为什么要使用加密邮件?}
\end{center}
\begin{itemize}
\item 明文电子邮件安全性低于传统邮政邮件
\item 传统邮政邮件的信封可避免一般的窥视
\item 电子邮件传递中经过的任何节点可以随意查看其内容
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{90}
\begin{slide}
\begin{center}
\Large{我没有做任何非法的事情,为什么要加密电子邮件?}
\end{center}
\begin{itemize}
\item 在传统邮件中,并不是所有的通信都写在明信片背面。
\item 保护自己的隐私并等于自己在干什么非法的活动。
\item 未加密的电子邮件相当于写在明信片后面的信息,加密过的电子邮件相当于使用了信封的邮件,仅此而已。
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{180}
\begin{slide}
\begin{center}
\Large{信息安全的定义}
\end{center}
\begin{itemize}
\item \textcolor[rgb]{0.00,0.00,1.00}{机密性:}即信息在传输的过程中,不能被有恶意的第三方获取,因此要对信息进行一定的加密,使窃听者即使从通讯线路中获取到通讯双方传输的信息,也无法得知其确切含义。
\item \textcolor[rgb]{0.00,0.00,1.00}{完整性:}即保证信息能够不被恶意的篡改,要做到这一点需要对信息有一个完整性验证的机制,使得接收方可以检查信息是否被篡改。
\item \textcolor[rgb]{0.00,0.00,1.00}{有效性:}即不可否认性,发送方在发送完信息后无法抵赖,声称自己从来没有发送过这些信息,要做到这一点需要对发送过的信息进行数字签名,这种签名必须是可靠的,并且是容易被验证的。
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{270}
\begin{slide}
\begin{center}
\Large{密码学中的若干定义}
\end{center}
消息被称为明文。用某种方法伪装消息以隐藏它的内容的过程称为加密,被加密的消息称为密文,而把密文转变为明文的过程称为解密。
密码算法是用于加密和解密的数学函数。
\includegraphics{Crypt.pdf}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{0}
\begin{slide}
\begin{center}
\Large{密码算法的分类}
\end{center}
\begin{itemize}
\item \textcolor[rgb]{0.00,0.00,1.00}{对称密码算法: }Symmetric
\begin{itemize}
\item 古典密码
\item 现代对称分组密码: DES AES
\end{itemize}
\item \textcolor[rgb]{0.00,0.00,1.00}{非对称(公钥)算法:}Public-key
RSA、背包密码、椭圆曲线ECC
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{90}
\begin{slide}
\begin{center}
\Large{对称密钥加密体系:}
\end{center}
$\star$加密和解密使用同一密钥
$$E(k,P)=C$$
$$D(k,C)=P$$
对称加密算法通常有算法速度快,软硬件实现的代价小的特点,但是密钥的分发问题是对称加密算法中一个难以解决的问题
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{180}
\begin{slide}
\begin{center}
\Large{对称密钥加密体系:(续)}
\end{center}
\includegraphics[width=600pt]{Symmetric.pdf}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{270}
\begin{slide}
\begin{center}
\Large{非对称密钥加密体系:}
\end{center}
$\star$加密和解密使用不同密钥
$$E(k_{pub},P)=C$$
$$D(k_{pri},C)=P$$
非对称密钥加密算法解决了密钥分发的问题,也使得数字签名成为了可能,但是在保持同样加密强度的情况下,速度通常都较对称密钥加密算法要慢。
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionBoxI
\begin{slide}
\begin{center}
\Large{非对称密钥加密体系:(续)}
\end{center}
\includegraphics[width=600pt]{Asymmetric.pdf}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{经典公开密钥加密算法RSA介绍(实现原理)}
\end{center}
\begin{itemize}
\item 用户产生两个大素数$p$和$q$,满足$p\not=q$。
\item 用户计算出$n=pq$,$n$的欧拉数$\phi(n)=(p-1)(q-1)$
\item 用户选择随机数$e$,$(0<e<\phi(n))$,使得$gcd(e,\phi(n))=1$,这里gcd代表最大公约数。
\item 用户计算出$d \equiv e^{-1}mod\phi(n)$
\item 公钥:$K_u=\{e,n\}$,私钥:$K_r=\{d,p,q\}$
\item 假设明文为$P$,则加密过程为:$C=P^emod(n)$
\item 对应的解密过程为:$P=C^dmod(n)$
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{经典公开密钥加密算法RSA介绍(举例)}
\end{center}
\begin{itemize}
\item 产生素数,$p=5,q=7$
\item 计算出$n=35$,$n$的欧拉数$\phi(n)=(p-1)(q-1)=24$
\item 用户选择随机数$e=5$,$gcd(e,\phi(n))=1$。
\item 由于$d \equiv e^{-1}mod\phi(n)$,经计算$d=5$
\item 公钥:$K_u=\{5,35\}$,私钥:$K_r=\{5,5,7\}$
\item 现在假设明文为$P=11$,则密文$C=11^5(mod35)=16$
\item 解密:明文$P=16^5(mod35)=11$
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{散列函数(Hash函数)}
\end{center}
\begin{itemize}
\item \textcolor[rgb]{0.00,0.00,1.00}{特点:}一个散列函数以一个变长的报文作为输入,并产生一个固定长度的散列码,有时也称消息摘要,作为输出。
\item \textcolor[rgb]{0.00,0.00,1.00}{作用:}消息鉴别,即消息完整性的验证,数字签名
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{散列函数$H=h(m)$的要求}
\end{center}
\begin{itemize}
\item $h$可以作用于一个任意长度的数据块
\item $h$产生一个固定长度的输出
\item 对任意给定的$x$,$h(x)$计算相对容易,无论是软件还是硬件实现
\item 对任意给定码$H$,找到$x$满足$h(x)=H$具有计算不可行性(单向性)
\item 对任意给定的数据块$x$,找到满足$h(y)=h(x)$的$y\not=x$具有计算不可行性
\item 找到任意数据对$(x,y)$,满足$h(x)=h(y)$是计算不可行的
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{常用的散列函数}
\end{center}
\begin{itemize}
\item MD5
\item SHA-1
\item RIPEMD-160
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionBoxO
\begin{slide}
\begin{center}
\Large{数字签名的需求}
\end{center}
消息鉴别只能保重通信双方的消息没有被第三方所篡改,无法保证双方互相的欺骗。
如:1.B伪造一份消息,声称是从A处发送的。
2.A发送一份消息,但是事后否认是自己发送的。
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionBoxI
\begin{slide}
\begin{center}
\Large{数字签名的作用}
\end{center}
\begin{itemize}
\item 签名者事后不能否认自己的签名
\item 接收者能验证签名,而任何其他人都不能伪造签名
\item 在有争议时,可由第三方进行验证
\item 对签名的作者、日期和时间、签名时刻消息的内容提供验证
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{数字签名的过程}
\end{center}
\begin{itemize}
\item 签名过程:使用私钥对明文进行加密
\item 验证过程:使用公钥对加密后的信息(签名)进行解密,查看其是否与原始明文相同
\end{itemize}
在实际的数字签名过程中,通常不用私钥直接对明文进行加密来完成数字签名,而是首先使用散列函数生成消息摘要,然后使用私钥加密消息摘要
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVO
\begin{slide}
\begin{center}
\Large{数字签名的过程(续)}
\end{center}
\includegraphics[width=600pt]{Digitalsignature.pdf}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitHI
\begin{slide}
\begin{center}
\Large{实际应用中所面临的问题}
\end{center}
\begin{itemize}
\item 公钥的发放问题,即如何让其它人得到我的公钥?
\item 身份的认证问题,即网络另外一端的人声称自己是某人,并且告诉你这是他的公钥,是否该相信这一点?
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitHO
\begin{slide}
\begin{center}
\Large{常用的信任管理模型}
\end{center}
\begin{itemize}
\item PGP密钥管理模型:公钥环、私钥环,简单的信任模型,相当于把一个朋友介绍另一个朋友
\item X509:基于数字证书的信任模型,进行安全通讯的实体都需要信任数字证书认证中心(CA)
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionBlindsH
\begin{slide}
\begin{center}
\Large{PGP - Pretty Good Privacy}
\end{center}
\begin{flushleft}
\Huge
\emph{如果隐私权被判定为非法,那么世界上就将只有歹徒才能拥有隐私权。}
\newline
\emph{If privacy is outlawed, only outlaws will have privacy.}
\end{flushleft}
\begin{flushright}
\Huge
\emph{--Phil Zimmermann}
\end{flushright}
\vspace{20mm}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionBlindsV
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -