Cryptography overview (3)
As we said the problem of multiple password algorithms, but we ignore a problem, if our password protocol is designed to vulnerability, the hacker does not need time-consuming and time to attack and guess your password - A famous war story that I have heard like ancient times said that the king of a country has repaired a long defense work in order to defend against foreign enemies. I didn't expect the enemy to kill it from behind - what is the name? Anyway, it is not Qin Shihuang.
In fact, the research scope of the password protocol is not that simple, including what network security protocol design and analysis, key management protocol design and analysis, key management protocol design and analysis, and research in the relevant fields, such as identity Or information authentication. Information integrity. Secret sharing. Zero knowledge proof. Finite State Machine. Modal logic, bundling mechanism. Key recovery, etc. I don't dare to say complications, and there are two very representative password protocols: Secure Sockets Layer Protocol (SSL) and Hosting Encryption Standards Agreement (EES), let's take a look at these two Agreement!
1. Secure Sockets Layer Agreement (SSL) Security Sockets Protocol is a famous security agreement launched in 1996 in 1996. This agreement is an open protocol based on the network application security communication between the TCP / IP protocol. The SSL protocol is built between the transfer layer and the application layer, consists of a recording protocol and handshake protocol, where the record protocol is at the lower end of the handshake protocol. The SL record protocol mainly completes grouping and combining, compression, and decompression, as well as message authentication and encryption. The encryption process is shown in Figure 1, and the decryption process is shown in Figure 2.
Figure 1 Encryption process diagram 2 decryption process
SSL Handshake Protocol Describes the process of secure connection, complete the determination of the encryption algorithm, the key encryption key algorithm, and the exchange precedible key, and finally generate the corresponding customer and server mac secret before the client and server transmits application layer data. , Session encryption key, etc., the protocol consists of different continuous processes below:
