📄 securelecture.tex
字号:
\begin{slide}
\begin{center}
\Large{PGP - Pretty Good Privacy(续)}
\end{center}
\begin{itemize}
\item 作者:Phil Zimmermann
\item 提供可用于电子邮件和文件存储应用的保密与鉴别服务。
\item openpgp已提交IETF标准化(RFC2440)
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionDissolve
\begin{slide}
\begin{center}
\Large{PGP发展特点}
\end{center}
\begin{itemize}
\item 选择最好的可用加密算法作为系统的构造模块
\item 将这些算法集成到一个通用的应用程序中,该程序独立于操作系统和处理器,并且基于一个使用方便的小命令集
\item 设计了程序、文档,并在Internet上公开
\item 一个商业公司(PGP有限公司)提供了商业版本
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{0}
\begin{slide}
\begin{center}
\Large{PGP原理图(身份鉴别)}
\end{center}
\begin{picture}(600,200)
\put(0,0){\line(0,1){200}}
\put(0,0){\line(1,0){600}}
\put(600,0){\line(0,1){200}}
\put(0,200){\line(1,0){600}}
\put(20,70){\framebox(20,40){M}}
\put(40,100){\vector(1,0){20}}
\put(70,100){\circle{20}}
\put(67,97){\tiny{$H$}}
\put(80,100){\line(1,0){10}}
\put(90,100){\line(0,-1){20}}
\put(90,80){\vector(1,0){10}}
\put(110,80){\circle{20}}
\put(103,77){\tiny{$EP$}}
\put(103,137){\tiny{$KR_a$}}
\put(110,135){\vector(0,-1){45}}
\put(123,177){Source A}
\put(100,180){\vector(-1,0){80}}
\put(200,180){\vector(1,0){80}}
\put(120,80){\line(1,0){10}}
\put(130,80){\line(0,1){10}}
\put(130,90){\vector(1,0){10}}
\put(40,80){\line(1,0){20}}
\put(60,80){\line(0,-1){60}}
\put(60,20){\line(1,0){90}}
\put(150,20){\vector(0,1){60}}
\put(150,90){\circle{20}}
\put(147,87){\tiny{$||$}}
\put(160,90){\vector(1,0){20}}
\put(190,90){\circle{20}}
\put(187,87){\tiny{$Z$}}
\put(200,90){\vector(1,0){120}}
\put(320,60){\framebox(20,40)}
\put(340,90){\vector(1,0){20}}
\put(370,90){\circle{20}}
\put(362,85){\tiny{$Z^{-1}$}}
\put(380,90){\vector(1,0){20}}
\put(400,60){\framebox(20,40){M}}
\put(385,117){\tiny{$E_{KRa}(H(M))$}}
\put(410,115){\vector(0,-1){10}}
\put(400,100){\framebox(20,10)}
\put(420,105){\vector(1,0){60}}
\put(490,105){\circle{20}}
\put(483,102){\tiny{$DP$}}
\put(500,105){\line(1,0){40}}
\put(540,105){\vector(0,-1){35}}
\put(483,137){\tiny{$KU_a$}}
\put(490,135){\vector(0,-1){20}}
\put(410,177){Destination B}
\put(400,180){\vector(-1,0){80}}
\put(500,180){\vector(1,0){80}}
\put(420,70){\line(1,0){20}}
\put(440,70){\line(0,-1){50}}
\put(440,20){\vector(1,0){40}}
\put(490,20){\circle{20}}
\put(485,17){\tiny{$H$}}
\put(500,20){\line(1,0){40}}
\put(540,20){\vector(0,1){35}}
\put(520,57){\small{Compare}}
\end{picture}
发送方
\begin{itemize}
\item 产生消息M
\item 用散列函数对M生成一个散列码
\item 用发送者的私钥对散列码加密,并与M连接
\end{itemize}
接收方
\begin{itemize}
\item 用发送者的公钥解密并恢复散列码
\item 对消息M生成一个新的散列码,与公钥解密的结果比较。如果一致,则消息M鉴别成功。
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{90}
\begin{slide}
\begin{center}
\Large{PGP原理图(保密性)}
\end{center}
\begin{picture}(600,200)
\put(0,0){\line(0,1){200}}
\put(0,0){\line(1,0){600}}
\put(600,0){\line(0,1){200}}
\put(0,200){\line(1,0){600}}
\put(20,20){\framebox(20,40){M}}
\put(40,30){\vector(1,0){20}}
\put(70,30){\circle{20}}
\put(67,27){\tiny{$Z$}}
\put(80,30){\vector(1,0){20}}
\put(110,30){\circle{20}}
\put(103,27){\tiny{$EC$}}
\put(107,77){\tiny{$K_s$}}
\put(110,70){\vector(0,-1){30}}
\put(123,177){Source A}
\put(100,180){\vector(-1,0){80}}
\put(200,180){\vector(1,0){80}}
\put(120,30){\vector(1,0){30}}
\put(160,30){\circle{20}}
\put(157,27){\tiny{$||$}}
\put(120,80){\vector(1,0){30}}
\put(160,80){\circle{20}}
\put(153,77){\tiny{$EP$}}
\put(160,70){\vector(0,-1){30}}
\put(153,127){\tiny{$KU_b$}}
\put(160,120){\vector(0,-1){30}}
\put(170,30){\line(1,0){50}}
\put(220,30){\line(0,1){60}}
\put(220,90){\vector(1,0){100}}
\put(320,60){\framebox(20,40)}
\put(340,85){\line(1,0){20}}
\put(360,85){\line(0,-1){55}}
\put(360,30){\vector(1,0){120}}
\put(305,117){\tiny{$E_{KUb}(K_s)$}}
\put(330,115){\vector(0,-1){10}}
\put(320,100){\framebox(20,10)}
\put(340,105){\line(1,0){40}}
\put(380,105){\line(0,-1){25}}
\put(380,80){\vector(1,0){30}}
\put(420,80){\circle{20}}
\put(413,77){\tiny{$DP$}}
\put(430,80){\line(1,0){60}}
\put(490,80){\vector(0,-1){40}}
\put(413,127){\tiny{$KR_b$}}
\put(420,120){\vector(0,-1){30}}
\put(410,177){Destination B}
\put(400,180){\vector(-1,0){80}}
\put(500,180){\vector(1,0){80}}
\put(490,30){\circle{20}}
\put(482,27){\tiny{$DC$}}
\put(500,30){\vector(1,0){20}}
\put(530,30){\circle{20}}
\put(522,25){\tiny{$Z^{-1}$}}
\put(540,30){\vector(1,0){20}}
\put(560,20){\framebox(20,40){M}}
\end{picture}
发送方
\begin{itemize}
\item 产生消息M
\item 随机生成一个会话密钥并用它加密消息
\item 用接收者的公钥加密会话密钥并与M连接
\end{itemize}
接收方
\begin{itemize}
\item 用自己的私钥解密并恢复会话密钥
\item 用会话密钥解密消息M
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{180}
\begin{slide}
\begin{center}
\Large{PGP原理图(保密性与身份鉴别同时作用)}
\end{center}
\begin{picture}(600,200)
\put(0,0){\line(0,1){200}}
\put(0,0){\line(1,0){600}}
\put(600,0){\line(0,1){200}}
\put(0,200){\line(1,0){600}}
\put(20,60){\framebox(20,40){M}}
\put(40,90){\vector(1,0){20}}
\put(70,90){\circle{20}}
\put(67,87){\tiny{$H$}}
\put(80,90){\line(1,0){10}}
\put(90,90){\line(0,-1){20}}
\put(90,70){\vector(1,0){10}}
\put(110,70){\circle{20}}
\put(103,67){\tiny{$EP$}}
\put(120,70){\vector(1,0){20}}
\put(150,70){\circle{20}}
\put(147,67){\tiny{$||$}}
\put(160,70){\vector(1,0){20}}
\put(190,70){\circle{20}}
\put(187,67){\tiny{$Z$}}
\put(200,70){\vector(1,0){20}}
\put(230,70){\circle{20}}
\put(223,67){\tiny{$EC$}}
\put(240,70){\vector(1,0){20}}
\put(270,70){\circle{20}}
\put(267,67){\tiny{$||$}}
\put(280,70){\vector(1,0){40}}
\put(123,177){Source A}
\put(100,180){\vector(-1,0){80}}
\put(200,180){\vector(1,0){80}}
\put(40,70){\line(1,0){30}}
\put(70,70){\line(0,-1){30}}
\put(70,40){\line(1,0){80}}
\put(150,40){\vector(0,1){20}}
\put(103,107){\tiny{$KR_a$}}
\put(110,100){\vector(0,-1){20}}
\put(230,100){\vector(0,-1){20}}
\put(227,107){\tiny{$K_s$}}
\put(240,110){\vector(1,0){20}}
\put(270,110){\circle{20}}
\put(263,107){\tiny{$EP$}}
\put(270,100){\vector(0,-1){20}}
\put(270,140){\vector(0,-1){20}}
\put(263,147){\tiny{$KU_b$}}
\put(320,50){\framebox(20,40)}
\put(320,90){\framebox(20,10)}
\put(330,105){\vector(0,-1){10}}
\put(305,107){\tiny{$E_{KUb}(K_s)$}}
\put(340,95){\vector(1,0){20}}
\put(370,95){\circle{20}}
\put(363,92){\tiny{$DP$}}
\put(363,132){\tiny{$KR_b$}}
\put(370,125){\vector(0,-1){20}}
\put(380,95){\line(1,0){30}}
\put(410,95){\vector(0,-1){25}}
\put(340,60){\vector(1,0){60}}
\put(410,60){\circle{20}}
\put(403,57){\tiny{$DC$}}
\put(420,60){\vector(1,0){20}}
\put(450,60){\circle{20}}
\put(442,55){\tiny{$Z^{-1}$}}
\put(460,60){\line(1,0){10}}
\put(470,60){\line(0,1){10}}
\put(470,70){\vector(1,0){10}}
\put(410,177){Destination B}
\put(400,180){\vector(-1,0){80}}
\put(500,180){\vector(1,0){80}}
\put(480,50){\framebox(20,40){M}}
\put(480,90){\framebox(20,10)}
\put(490,105){\vector(0,-1){10}}
\put(465,107){\tiny{$E_{KRa}(H(M))$}}
\put(500,95){\vector(1,0){30}}
\put(540,95){\circle{20}}
\put(533,92){\tiny{$DP$}}
\put(540,125){\vector(0,-1){20}}
\put(533,132){\tiny{$KU_a$}}
\put(550,95){\line(1,0){20}}
\put(570,95){\vector(0,-1){25}}
\put(570,30){\vector(0,1){25}}
\put(550,57){\small{Compare}}
\put(550,30){\line(1,0){20}}
\put(540,30){\circle{20}}
\put(537,27){\tiny{$H$}}
\put(500,70){\line(1,0){15}}
\put(515,70){\line(0,-1){40}}
\put(515,30){\vector(1,0){15}}
\end{picture}
发送方
\begin{itemize}
\item 产生消息M,并对其进行数字签名,将消息和签名进行连接
\item 随机生成一个会话密钥并用它加密第一步生成的结果
\item 用接收者的公钥加密会话密钥并与M连接
\end{itemize}
接收方
\begin{itemize}
\item 用自己的私钥解密并恢复会话密钥,并用会话密钥解密消息M
\item 用发送者的公钥验证数字签名
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionGlitter{270}
\begin{slide}
\begin{center}
\Large{PGP原理图的记号说明 (记号说明)}
\end{center}
Ks:Session Key(会话密钥)
KRa:用户A的私钥
KUa:用户A的公钥
EP:公钥加密
DP:公钥解密
EC:常规加密(对称密钥加密)
DC:常规解密(对称密钥解密)
H:散列函数
$||$:连接
Z:用ZIP算法数据压缩
R64:用radix64转换成可打印格式
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{0}
\begin{slide}
\begin{center}
\Large{PGP的公钥管理}
\end{center}
\begin{itemize}
\item 松散的管理模型,没有中心权威机构
\item 公钥服务器提供公钥的保存与获取服务
\item 著名的公钥服务器:pgp.mit.edu
\item 公钥服务器也可以自行架设
\end{itemize}
我在linux.pku.edu.cn上架设了一个公钥服务器,并且保存了我的公钥
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{90}
\begin{slide}
\begin{center}
\Large{GPG:开源的PGP替代软件}
\end{center}
美国政府将高强度的加密算法视如军火,限制它的出口。人们意识到如此重要的软件不应该受制于任何政府或者商业势力,因此使用了各种方法,将PGP的源代码带到欧洲,继续发展。于是GNU开始发展GnuPG,让隐私权与自由软件的力量结合,为全世界的人民服务。
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{180}
\begin{slide}
\begin{center}
\Large{GPG:开源的PGP替代软件(续)}
\end{center}
\begin{itemize}
\item GPG全称GNU Privacy Guard
\item 能提供和PGP一样的用于电子邮件和文件存储应用的保密与鉴别服务
\item 和RFC2440(OPENPGP)兼容
\item GPG不使用带有专利的IDEA加密算法,可以自由的使用
\end{itemize}
从现在开始,只要有心,就可以保护这些原本就属于你的权利
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionWipe{270}
\begin{slide}
\begin{center}
\Large{软件演示}
\end{center}
\begin{itemize}
\item Thunderbird:Mozilla出品的老牌开源email客户端。
\item GPG:提供加密算法密钥管理等。
\item enigmail:让Thunderbird能够使用GPG的服务。
\end{itemize}
以上软件全部属于开源软件。
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionSplitVI
\begin{slide}
\begin{center}
\Large{网络资源}
\end{center}
\begin{itemize}
\item Thunderbird下载地址:\href{http://www.mozilla.org/projects/thunderbird/}{\color{blue}http://www.mozilla.org/projects/thunderbird/}
\item GPG下载地址:\href{http://www.gnupg.org/}{\color{blue}http://www.gnupg.org/}
\item enigmail下载地址:\href{http://enigmail.mozdev.org/}{\color{blue}http://enigmail.mozdev.org/}
\item OpenSSL,一个开源的C语言加密算法实现库,在编写和安全相关的应用程序时可以使用:\href{http://www.openssl.org/}{\color{blue}http://www.openssl.org/}
\item BouncyCastle,一个不错的开源的Java语言加密算法实现库,在Java语言应用广泛的今天,它可以在各种Java环境下提供安全相关的库:\href{http://www.bouncycastle.org/}{\color{blue}http://www.bouncycastle.org/}
\item 中国OpenSSL论坛,国内的信息安全方面专业论坛:\href{http://www.openssl.cn/}{\color{blue}http://www.openssl.cn/}
\end{itemize}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Thanks %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newpage\pageTransitionDissolve
\begin{slide}
\vspace{20mm}
\begin{center}
\Huge \emph{Thanks!}
\end{center}
\vspace{20mm}
\end{slide}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\clearpage
\end{CJK*}
\end{document}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -