密码学外文文献及译文.docx
- 文档编号:27585419
- 上传时间:2023-07-03
- 格式:DOCX
- 页数:19
- 大小:69.68KB
密码学外文文献及译文.docx
《密码学外文文献及译文.docx》由会员分享,可在线阅读,更多相关《密码学外文文献及译文.docx(19页珍藏版)》请在冰豆网上搜索。
密码学外文文献及译文
外文文献:
CryptographyisthescienceofkeepingsecretsasenderreferredtohereandinwhatfollowsasAlice(asiscommonlyused)wantstosendamessagemtoareceiverreferredtoasBob.Sheusesaninsecurecommunicationexample,thechannelcouldbeacomputernetworkoratelephoneisaproblemifthemessagecontainsconfidentialinformation.Themessagecouldbeinterceptedandreadbyan,evenworse,theadversary,asusualreferredtohereasEve,mightbeabletomodifythemessageduringtransmissioninsuchawaythatthelegitimaterecipientBobdoesnotdetectthemanipulation.
OneobjectiveofcryptographyistoprovidemethodsforpreventingsuchobjectivesarediscussedinSection.
EncryptionandSecrecy
Thefundamentalandclassicaltaskofcryptographyistoprovideconfidentialitybyencryptionmessagetobetransmitted–itcanbesometext,numericaldata,anexecutableprogramoranyotherkindofinformation–iscalledtheencryptstheplaintextmandobtainstheciphertextciphertextcistransmittedtoturnstheciphertextbackintotheplaintextbydecrypt,Bobneedssomesecretinformation,asecretdecryptionkey.AdversaryEvestillmayintercepttheciphertext.
However,theencryptionshouldguaranteesecrecyandpreventherfromderivinganyinformationabouttheplaintextfromtheobservedciphertext.
Encryptionisveryexample,Caesar’sshiftcipherwasintroducedmorethan2000yearsencryptionmethodprovidesanencryptionalgorithmEandadecryptionalgorithmclassicalencryptionschemes,bothalgorithmsdependonthesamesecretkey
.Thiskeykisusedforbothencryptionandencryptionmethodsarethereforecalledexample,inCaesar’scipherthesecretkeyistheoffsetofthehave
SymmetricencryptionandtheimportantexamplesDES(dataencryptionstandard)andAES(advancedencryptionstandard)arediscussedinChapter2.
In1976,andpublishedtheirfamouspaper,NewDirectionsinCryptography([DifHel76]).Theretheyintroducedtherevolutionaryconceptofpublic-keycryptography.Theyprovidedasolutiontothelongstandingproblemofkeyexchangeandpointedthewaytodigitalpublic-keyencryptionmethods(comprehensivelystudiedinChapter3)arerecipientofmessageshashispersonalkey
consistingoftwoparts:
istheencryptionkeyandismadepublic,
isthedecryptionkeyandiskeptsecret.IfAlicewantstosendamessagemtoBob,sheencryptsmbyuseofBob’spubliclyknownencryption
decryptstheciphertextbyuseofhisdecryptionkey
whichisknownonlytohave
Mathematicallyspeaking,public-keyencryptionisaso-calledone-wayfunctionwithatrapdoor.Everyonecaneasilyencryptaplaintextusingthepublickey
buttheotherdirectionisispracticallyimpossibletodeducetheplaintextfromtheciphertext,withoutknowingthesecretkey
(whichiscalledthetrapdoorinformation).
Public-keyencryptionmethodsrequiremorecomplexcomputationsandarelessefficientthanclassicalsymmetricsymmetricmethodsareusedfortheencryptionoflargeamountsofapplyingsymmetricencryption,AliceandBobhavetoagreeonakeepthiskeysecret,theyneedasecurecommunicationiscommonpracticetousepublic-keyencryptionforthispurpose.
TheObjectivesofCryptography
Providingconfidentialityisnottheonlyobjectiveofisalsousedtoprovidesolutionsforotherproblems:
receiverofamessageshouldbeabletocheckwhetherthemessagewasmodifiedduringtransmission,eitheraccidentallyoroneshouldbeabletosubstituteafalsemessagefortheoriginalmessage,orforpartsofit.
receiverofamessageshouldbeabletoverifyitsoneshouldbeabletosendamessagetoBobandpretendtobeAlice(dataoriginauthentication).Wheninitiatingacommunication,AliceandBobshouldbeabletoidentifyeachother(entityauthentication).
sendershouldnotbeabletolaterdenythatshesentamessage.
Ifmessagesarewrittenonpaper,themedium-paper-providesacertainsecurityagainstmanipulation.Handwrittenpersonalsignaturesareintendedtoguaranteeauthenticationandelectronicmediaareused,themediumitselfprovidesnosecurityatall,sinceitiseasytoreplacesomebytesinamessageduringitstransmissionoveracomputernetwork,anditisparticularlyeasyifthenetworkispubliclyaccessible,liketheInternet.
So,whileencryptionhasalonghistory,theneedfortechniquesprovidingdataintegrityandauthenticationresultedfromtherapidlyincreasingsignificanceofelectroniccommunication.
Therearesymmetricaswellaspublic-keymethodstoensuretheintegrityofsymmetricmethodsrequireasecretkeykthatissharedbysenderandmessagemisaugmentedbyamessageauthenticationcode(MAC).Thecodeisgeneratedbyanalgorithmanddependsonthesecretaugmentedmessage
isprotectedagainstreceivermaytesttheintegrityofanincomingmessage(m,m)bycheckingwhether
Messageauthenticationcodesmaybeimplementedbykeyedhashfunctions(seeChapter3).
Digitalsignaturesrequirepublic-keymethods(seeChapter3forexamplesanddetails).Aswithclassicalhandwrittensignatures,theyareintendedtoprovideauthenticationandthatnon-repudiationisanindispensablefeatureifdigitalsignaturesareusedtosignsignaturesdependonthesecretkeyofthesigner-theycanbegeneratedonlybytheotherhand,anyonecancheckwhetherasignatureisvalid,byapplyingapubliclyknownverificationalgorithmVerify,whichdependsonthepublickeyoftheAlicewantstosignthemessagem,sheappliesthealgorithmSignwithhersecretkey
andgetsthesignature
receivesasignaturesformessagem,andmaythencheckthesignaturebytestingwhether
withAlice’spublickey
.
Itiscommonnottosignthemessageitself,buttoapplyacryptographichashfunction(seeSectionfirstandthensignthehashschemeslikethefamousRSA(namedafteritsinventors:
Rivest,ShamirandAdleman),thedecryptionalgorithmisusedtogeneratesignaturesandtheencryptionalgorithmisusedtoverifyapproachtodigitalsignaturesisthereforeoftenreferredtoasthe“hash-then-decrypt”paradigm(seefordetails).Moresophisticatedsignatureschemes,liketheprobabilisticsignaturescheme(PSS),requiremorethehashvaluebypseudorandomsequencesturnssigningintoaprobabilisticprocedure(seeSectionsignaturesdependonthemessagesyielddifferent,likeclassicalmessageauthenticationcodes,digitalsignaturescanalsobeusedtoguaranteetheintegrityofmessages.
Attacks
Theprimarygoalofcryptographyistokeeptheplaintextsecretfromeavesdropperstryingtogetsomeinformationaboutthediscussedbefore,adversariesmayalsobeactiveandtrytomodifythe,cryptographyisexpectedtoguaranteetheintegrityoftheareassumedtohavecompleteaccesstothecommunicationchannel.
Cryptanalysisisthescienceofstudyingattacksagainstcryptographicattacksmay,forexample,recovertheplaintext(orpartsoftheplaintext)fromtheciphertext,substitutepartsoftheoriginalmessage,orforgedigitalandcryptanalysisareoftensubsumedbythemoregeneraltermcryptology.
AfundamentalassumptionincryptanalysiswasfirststatedbyinthenineteenthisusuallyreferredtoasKerkhoff’sstatesthattheadversaryknowsallthedetailsofthecryptosystem,includingalgorithmsandtheirtothisprinciple,thesecurityofacryptosystemmustbeentirelybasedonthesecretkeys.
Attacksonthesecrecyofanencryptionschemetrytorecoverplaintextsfromciphertexts,orevenmoredrastically,torecoverthesecretfollowingsurveyisrestrictedtopassiveadversary,asusualwecallherEve,doesnottrytomodifythemonitorsthecommunicationchannelandtheendpointsoftheshemaynotonlyintercepttheciphertext,but(atleastfromtimetotime)shemaybeabletoobservetheencryptionanddecryptionofhasnoinformationabouttheexample,Evemightbetheoperatorofabankseesincomingciphertextsandsometimesalsothecorrespondingsheobservestheoutgoingplaintextsandthegeneratedshemanagestoletencryptplaintextsordecryptciphertextsofherownchoice.
ThepossibleattacksdependontheactualresourcesoftheadversaryEve.Theyareusuallyclassifiedasfollows:
1.Ciphertext-onlyhastheabilitytoobtainislikelytobethecaseinanyencryptionifEvecannotperformthemoresophisticatedattacksdescribedbelow,onemustassumethatshecangetaccesstoencryptedencryptionmethodthatcannotresistaciphertext-onlyattackiscompletelyinsecure.
hastheabilitytoobtainplaintext-ciphertexttheinformationfromthesepairs,sheattemptstodecryptaciphertextforwhichshedoesnothavethefirstglance,itmightappearthatsuchinformationwouldnotordinarilybeavailabletoan,itveryoftenismaybesentinstandardformatswhichEveknows.
hastheabilitytoobtainciphertextsforplaintextsofhersheattemptstodecryptaciphertextforwhichshedoesnothavetheagainthismayseemunlikely,therearemanycasesinwhichEvecandojustexample,shesendssomeinterestinginformationtoherintendedvictimwhichsheisconfidenthewillencryptandsendtypeofattackassumesthatEvemustfirstobtainwhateverplaintext-ciphertextpairsshewantsandthendoheranalysis,withoutanyfurthermeansthatsheonlyneedsaccesstotheencryptingdeviceonce.
isthesameasthepreviousattack,exceptnowEvemaydosomeanalysisontheplaintext-ciphertextpairs,andsubsequentlygetmoremayswitchbetweengatheringpairsandperformingtheanalysisasoftenasshemeansthatshehaseitherlengthyaccesstotheencryptingdeviceorcansomehowmakerepeateduseofit.
adaptively-chosen-ciphertexttwoattacksaresimilartotheaboveplaintextattacks.Evecanchooseciphertextsandgetsthecorrespondinghasaccesstothedecryptiondevice.
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 密码学 外文 文献 译文