Position: Home page » Blockchain » FIPS blockchain
FIPS blockchain
Publish: 2021-03-25 22:32:58
1. What is digital signature? Is digital signature the same as electronic signature
the connotation of electronic signature is different from that of digital signature. Digital signature is one of the electronic signature technologies, but the relationship between them is also very close. At present, the signature mentioned in the electronic signature law generally refers to & quot; Digital Signature & quot
electronic signature
to understand what an electronic signature is, we need to start with the traditional manual signature or seal. In the traditional business activities, in order to ensure the security and authenticity of the transaction, a written contract or official document should be signed and sealed by the parties or the person in charge, so that the two parties can identify who signed the contract, and ensure that the person signing or sealing the contract recognizes the content of the contract. Only in law can the contract be recognized as valid. In the virtual world of e-commerce, contracts or documents are expressed and transmitted in the form of electronic documents. In electronic documents, the traditional handwritten signature and seal can not be carried out, which must be replaced by * technical means. Electronic signature is an electronic technical means that can identify the real identities of both parties in the electronic documents, ensure the security and authenticity of the transaction, and play the same role as handwritten signature or seal
legally speaking, a signature has two functions: identifying the signer and indicating the signer's approval of the content of the document. In the model law on electronic signature of the United Nations Conference on Trade and development, the definition of electronic signature is as follows: & quot; It can be used to identify the signer related to the data message and indicate the signer's approval of the information contained in the data message;; In the EU's common framework directive on electronic signatures, it is stipulated that? quot; Data attached in electronic form or logically related to other electronic data, as a method of discrimination; It's called electronic signature
there are many kinds of technical means to realize electronic signature, but the mature electronic signature technology commonly used in advanced countries in the world is still & quot; Digital Signature & quot; Technology. As maintaining the neutrality of technology is a basic principle of law making, there is no reason to say that public key cryptography is the only technology for signature making, so it is necessary to provide a more general concept to adapt to the development of technology in the future. However, the signature mentioned in the current electronic signature law generally refers to & quot; Digital Signature & quot
digital signature
so called & quot; Digital Signature & quot; It is to generate a series of symbols and codes to form an electronic password for signature through a certain cryptographic operation, instead of writing a signature or seal. For this kind of electronic signature, technical verification can also be carried out, and the accuracy of verification can not be compared with that of manual signature and stamp verification& quot; Digital Signature & quot; It is the most popular, mature and operable electronic signature method in e-commerce and e-government. It uses standardized proceres and scientific methods to identify the signer and recognize the content of an electronic data. It can also verify whether the original text of the document has changed in the process of transmission, and ensure the integrity, authenticity and non repudiation of the transmitted electronic document
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive organ of PKI is the electronic authentication service provider, which is commonly known as Ca (certificate authority). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files<
respondent: gufanyy - Magician level 4 12-4 15:00
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Integrity and acceptability. The process is very secure, and some governments have legislated to give legal effect to digital signature
in collaboration with leading security providers including enter and VeriSign, Adobe enables all instries to embed digital signatures into Adobe & reg; Portable document format (PDF) file. With adobe solution, you can:
integrate digital signature into the round-trip workflow
send signed documents safely inside and outside the firewall
verify the digital identity of the signer
authenticate electronic documents by digital signature before sending
verify that documents have not been fraulently changed
rece costs and speed up the approval process
the connotation of electronic signature is different from that of digital signature. Digital signature is one of the electronic signature technologies, but the relationship between them is also very close. At present, the signature mentioned in the electronic signature law generally refers to & quot; Digital Signature & quot
electronic signature
to understand what an electronic signature is, we need to start with the traditional manual signature or seal. In the traditional business activities, in order to ensure the security and authenticity of the transaction, a written contract or official document should be signed and sealed by the parties or the person in charge, so that the two parties can identify who signed the contract, and ensure that the person signing or sealing the contract recognizes the content of the contract. Only in law can the contract be recognized as valid. In the virtual world of e-commerce, contracts or documents are expressed and transmitted in the form of electronic documents. In electronic documents, the traditional handwritten signature and seal can not be carried out, which must be replaced by * technical means. Electronic signature is an electronic technical means that can identify the real identities of both parties in the electronic documents, ensure the security and authenticity of the transaction, and play the same role as handwritten signature or seal
legally speaking, a signature has two functions: identifying the signer and indicating the signer's approval of the content of the document. In the model law on electronic signature of the United Nations Conference on Trade and development, the definition of electronic signature is as follows: & quot; It can be used to identify the signer related to the data message and indicate the signer's approval of the information contained in the data message;; In the EU's common framework directive on electronic signatures, it is stipulated that? quot; Data attached in electronic form or logically related to other electronic data, as a method of discrimination; It's called electronic signature
there are many kinds of technical means to realize electronic signature, but the mature electronic signature technology commonly used in advanced countries in the world is still & quot; Digital Signature & quot; Technology. As maintaining the neutrality of technology is a basic principle of law making, there is no reason to say that public key cryptography is the only technology for signature making, so it is necessary to provide a more general concept to adapt to the development of technology in the future. However, the signature mentioned in the current electronic signature law generally refers to & quot; Digital Signature & quot
digital signature
so called & quot; Digital Signature & quot; It is to generate a series of symbols and codes to form an electronic password for signature through a certain cryptographic operation, instead of writing a signature or seal. For this kind of electronic signature, technical verification can also be carried out, and the accuracy of verification can not be compared with that of manual signature and stamp verification& quot; Digital Signature & quot; It is the most popular, mature and operable electronic signature method in e-commerce and e-government. It uses standardized proceres and scientific methods to identify the signer and recognize the content of an electronic data. It can also verify whether the original text of the document has changed in the process of transmission, and ensure the integrity, authenticity and non repudiation of the transmitted electronic document
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive organ of PKI is the electronic authentication service provider, which is commonly known as Ca (certificate authority). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files<
respondent: gufanyy - Magician level 4 12-4 15:00
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Integrity and acceptability. The process is very secure, and some governments have legislated to give legal effect to digital signature
in collaboration with leading security providers including enter and VeriSign, Adobe enables all instries to embed digital signatures into Adobe & reg; Portable document format (PDF) file. With adobe solution, you can:
integrate digital signature into the round-trip workflow
send signed documents safely inside and outside the firewall
verify the digital identity of the signer
authenticate electronic documents by digital signature before sending
verify that documents have not been fraulently changed
rece costs and speed up the approval process
2.
Digital signature is the data attached to the data unit or the cipher transformation of the data unit. This kind of data or transformation allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery
it is a method of signing electronic messages, a signed message can be transmitted in a communication network. Digital signature can be obtained based on public key cryptosystem and private key cryptosystem, mainly based on public key cryptosystem. Including ordinary digital signature and special digital signature
extended data:
implementation method
digital signature algorithm relies on public key encryption technology. In public key cryptography, each user has a pair of keys: a public key and a private key. The public key can be released freely, but the private key is kept secret; Another requirement is to make it impossible to calculate the private key from the public key
there are three common digital signature algorithms:
1
(2) labeling algorithm3. Verify the algorithm
3. The so-called & quot; Digital Signature & quot; It is to generate a series of symbols and codes to form an electronic password for signature through a certain cryptographic operation, instead of writing a signature or seal. For this kind of electronic signature, technical verification can also be carried out, and the accuracy of verification can not be compared with that of manual signature and stamp verification& quot; Digital Signature & quot; It is the most popular, mature and operable electronic signature method in e-commerce and e-government. It uses standardized proceres and scientific methods to identify the signer and recognize the content of an electronic data. It can also verify whether the original text of the document has changed in the process of transmission, and ensure the integrity, authenticity and non repudiation of the transmitted electronic document
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive mechanism of PKI is the electronic authentication service provider, which is commonly known as Ca (certificate authority). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files
example: now let's get to the point. The digital signature class of Java is encapsulated in the signature class (Java. Security. Signature)
next, I will write three functions (namely three Java classes)
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive mechanism of PKI is the electronic authentication service provider, which is commonly known as Ca (certificate authority). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files
example: now let's get to the point. The digital signature class of Java is encapsulated in the signature class (Java. Security. Signature)
next, I will write three functions (namely three Java classes)
4. What is digital signature? Is digital signature the same as electronic signature
the connotation of electronic signature is different from that of digital signature. Digital signature is one of the electronic signature technologies, but the relationship between them is also very close. At present, the signature mentioned in the electronic signature law generally refers to & quot; Digital Signature & quot
electronic signature
to understand what an electronic signature is, we need to start with the traditional manual signature or seal. In the traditional business activities, in order to ensure the security and authenticity of the transaction, a written contract or official document should be signed and sealed by the parties or the person in charge, so that the two parties can identify who signed the contract, and ensure that the person signing or sealing the contract recognizes the content of the contract. Only in law can the contract be recognized as valid. In the virtual world of e-commerce, contracts or documents are expressed and transmitted in the form of electronic documents. In electronic documents, the traditional handwritten signature and seal can not be carried out, which must be replaced by * technical means. Electronic signature is an electronic technical means that can identify the real identities of both parties in the electronic documents, ensure the security and authenticity of the transaction, and play the same role as handwritten signature or seal
legally speaking, a signature has two functions: identifying the signer and indicating the signer's approval of the content of the document. In the model law on electronic signature of the United Nations Conference on Trade and development, the definition of electronic signature is as follows: & quot; It can be used to identify the signer related to the data message and indicate the signer's approval of the information contained in the data message;; In the EU's common framework directive on electronic signatures, it is stipulated that? quot; Data attached in electronic form or logically related to other electronic data, as a method of discrimination; It's called electronic signature
there are many kinds of technical means to realize electronic signature, but the mature electronic signature technology commonly used in advanced countries in the world is still & quot; Digital Signature & quot; Technology. As maintaining the neutrality of technology is a basic principle of law making, there is no reason to say that public key cryptography is the only technology for signature making, so it is necessary to provide a more general concept to adapt to the development of technology in the future. However, the signature mentioned in the current electronic signature law generally refers to & quot; Digital Signature & quot
digital signature
so called & quot; Digital Signature & quot; It is to generate a series of symbols and codes to form an electronic password for signature through a certain cryptographic operation, instead of writing a signature or seal. For this kind of electronic signature, technical verification can also be carried out, and the accuracy of verification can not be compared with that of manual signature and stamp verification& quot; Digital Signature & quot; It is the most popular, mature and operable electronic signature method in e-commerce and e-government. It uses standardized proceres and scientific methods to identify the signer and recognize the content of an electronic data. It can also verify whether the original text of the document has changed in the process of transmission, and ensure the integrity, authenticity and non repudiation of the transmitted electronic document
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive organ of PKI is the electronic authentication service provider, which is commonly known as the certificate authority (CA). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files
respondent: gufanyy - Magician level 4 12-4 15:00
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Integrity and acceptability. The process is very secure, and some governments have legislated to give legal effect to digital signature
in collaboration with leading security providers including enter and VeriSign, Adobe enables all instries to embed digital signatures into Adobe & reg; Portable document format (PDF) file. With adobe solution, you can:
integrate digital signature into the round-trip workflow
send signed documents safely inside and outside the firewall
verify the digital identity of the signer
authenticate electronic documents by digital signature before sending
verify that documents have not been fraulently changed
rece costs and speed up the approval process
the connotation of electronic signature is different from that of digital signature. Digital signature is one of the electronic signature technologies, but the relationship between them is also very close. At present, the signature mentioned in the electronic signature law generally refers to & quot; Digital Signature & quot
electronic signature
to understand what an electronic signature is, we need to start with the traditional manual signature or seal. In the traditional business activities, in order to ensure the security and authenticity of the transaction, a written contract or official document should be signed and sealed by the parties or the person in charge, so that the two parties can identify who signed the contract, and ensure that the person signing or sealing the contract recognizes the content of the contract. Only in law can the contract be recognized as valid. In the virtual world of e-commerce, contracts or documents are expressed and transmitted in the form of electronic documents. In electronic documents, the traditional handwritten signature and seal can not be carried out, which must be replaced by * technical means. Electronic signature is an electronic technical means that can identify the real identities of both parties in the electronic documents, ensure the security and authenticity of the transaction, and play the same role as handwritten signature or seal
legally speaking, a signature has two functions: identifying the signer and indicating the signer's approval of the content of the document. In the model law on electronic signature of the United Nations Conference on Trade and development, the definition of electronic signature is as follows: & quot; It can be used to identify the signer related to the data message and indicate the signer's approval of the information contained in the data message;; In the EU's common framework directive on electronic signatures, it is stipulated that? quot; Data attached in electronic form or logically related to other electronic data, as a method of discrimination; It's called electronic signature
there are many kinds of technical means to realize electronic signature, but the mature electronic signature technology commonly used in advanced countries in the world is still & quot; Digital Signature & quot; Technology. As maintaining the neutrality of technology is a basic principle of law making, there is no reason to say that public key cryptography is the only technology for signature making, so it is necessary to provide a more general concept to adapt to the development of technology in the future. However, the signature mentioned in the current electronic signature law generally refers to & quot; Digital Signature & quot
digital signature
so called & quot; Digital Signature & quot; It is to generate a series of symbols and codes to form an electronic password for signature through a certain cryptographic operation, instead of writing a signature or seal. For this kind of electronic signature, technical verification can also be carried out, and the accuracy of verification can not be compared with that of manual signature and stamp verification& quot; Digital Signature & quot; It is the most popular, mature and operable electronic signature method in e-commerce and e-government. It uses standardized proceres and scientific methods to identify the signer and recognize the content of an electronic data. It can also verify whether the original text of the document has changed in the process of transmission, and ensure the integrity, authenticity and non repudiation of the transmitted electronic document
digital signature is defined as & quot; Some data attached to the data unit, or the cipher transformation of the data unit, which allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery;. The American electronic signature standard (DSS, fips186-2) explains digital signature as follows: & quot; Using a set of rules and a parameter to calculate the result of the data, this result can confirm the identity of the signer and the integrity of the data;. According to the above definition, PKI (public key infrastructure) can provide the cipher transformation of data unit, and enable the receiver to judge the data source and verify the data
the core executive organ of PKI is the electronic authentication service provider, which is commonly known as the certificate authority (CA). The core element of PKI signature is the digital certificate issued by ca. The PKI services it provides are authentication, data integrity, data confidentiality and non repudiation. It uses the certificate public key and the corresponding private key to encrypt / decrypt, and generates the signature and verification signature for the digital message. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic password for signature, instead of writing signature and seal; This kind of electronic signature can also be verified by technology, and its verification accuracy is incomparable to that of manual signature and stamp in the physical world. This signature method can be used for authentication in a large number of trusted PKI domains, or cross authentication in multiple trusted PKI domains. It is especially suitable for secure authentication and transmission in Internet and WAN
the biggest difference between "digital signature" and ordinary text signature is that it can use graphic files with distinct personality. As long as you use scanners or mapping tools to make your personal signature, seal and even photos into bmp files, you can use them as the material of "digital signature"
at present, there are many software that can provide "digital signature" function, and the usage and principle are similar, among which "onsign" is more commonly used. After "onsign" is installed, the shortcut button of "onsign" will appear on the toolbar of word, outlook and other programs. You need to enter your own password every time you use it to ensure that others can't embezzle it
for the files sent by using "onsign", the recipient also needs to install "onsign" or "onsign viewer" to have the function of identifying "digital signature". According to the design of "onsign", any tampering and interception of the content of a file will invalidate the signature. Therefore, when the other party identifies your "digital signature", it can be determined that the document was sent by you and has not been tampered or intercepted in the process. Of course, if the recipient is not at ease, you can also click the blue question mark on the "digital signature" and "onsign" will automatically check again. If there is a problem with the file, a red warning sign will appear on the "digital signature"
in the Internet age when e-mail is frequently used, the use of "digital signature" is just like the "registered letter" in traditional letters, which undoubtedly adds a protective barrier to the security of network transmission files
respondent: gufanyy - Magician level 4 12-4 15:00
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Integrity and acceptability. The process is very secure, and some governments have legislated to give legal effect to digital signature
in collaboration with leading security providers including enter and VeriSign, Adobe enables all instries to embed digital signatures into Adobe & reg; Portable document format (PDF) file. With adobe solution, you can:
integrate digital signature into the round-trip workflow
send signed documents safely inside and outside the firewall
verify the digital identity of the signer
authenticate electronic documents by digital signature before sending
verify that documents have not been fraulently changed
rece costs and speed up the approval process
5.
AES advanced encryption standard, also known as Rijndael encryption in cryptography, is a block encryption standard adopted by the federal government of the United States. This standard is used to replace the original DES, which has been analyzed by many parties and widely used all over the world. After five years of selection process, advanced encryption standard was published in FIPS pub 197 by National Institute of standards and Technology (NIST) on November 26, 2001, and became an effective standard on May 26, 2002. In 2006, advanced encryption standard has become one of the most popular algorithms in symmetric key encryption. Unlike its predecessor, DES, Rijndael uses a substitution permutation network rather than Feistel architecture. AES can encrypt and decrypt quickly in both software and hardware, and it is relatively easy to implement, and only needs a small amount of memory. As a new encryption standard, it is being deployed to a wider range. Strictly speaking, AES and Rijndael encryption are not exactly the same (although they are interchangeable in practical application), because Rijndael encryption can support a wider range of block and key length: the block length of AES is fixed at 128 bits, and the key length can be 128192 or 256 bits; The key and block length used by Rijndael can be an integral multiple of 32 bits, with 128 bits as the lower limit and 256 bits as the upper limit. The key used in the encryption process is generated by Rijndael key generation scheme
most AES calculations are performed in a special finite field. AES encryption process is in a 4 × This matrix is also called "state". Its initial value is a plaintext block (the size of an element in the matrix is a byte in the plaintext block) Because Rijndael encryption method supports larger blocks, the number of matrix rows can be increased according to the situation{ RRRRR}
6. Ciphertext is relative to plaintext. Plaintext is actually the message you want to convey, and plaintext becomes ciphertext after encryption. Ciphertext is actually a word of information security. Let me introce you<
the development history of information security
the birth of communication security science
Caesar password in the ancient Roman Empire: it can transform plaintext information into strings that people can't understand, and when the ciphertext is sent to partners, it can be easily restored to the original plaintext form. Caesar cipher is obtained by moving plaintext letters by 3 bits
in 1568, L. Battista invented multiple tables instead of passwords, which were used by allied forces ring the American Civil War. For example: Vigenere password and Beaufort password
in 1854, Playfair invented multiple letters instead of password, which was used in Britain in the first World War. For example: Hill cipher, multi table, multi letter instead of cipher, has become the mainstream of classical cryptography
the development of Cryptanalysis: for example, W. Friedman used coincidence index to decipher multiple tables instead of cryptanalysis in 1918 as a milestone. In 1949, C. Shannon's communication theory of secure system was published in bell system technology magazine. These two achievements lay a foundation for the scientific research of cryptography. From art to science. In fact, this is the birth of communication security science, in which cryptography is the core technology< In the 1970s, DES (American data encryption standard) of IBM and Diffie Hellman of 1976 proposed the idea of public key cryptography. In 1977, RSA, the public key cryptography algorithm, injected new vitality into the development of cryptography
public key cryptography has set off a revolution, which has three contributions to information security: firstly, it describes the strength of cryptographic algorithm in terms of computational complexity, breaking through the limitation that Shannon only cares about theoretical strength; He transforms the two requirements of key management in traditional cryptographic algorithm into the requirements of protecting the confidentiality of one lattice and the integrity of the other lattice; It changes the key ownership of traditional cryptographic algorithm from two sides of communication to a single user, so that the complexity of key management is greatly reced
for the proposal of public key cryptography, we should pay attention to the following aspects: firstly, the research of cryptography has graally gone beyond the scope of data communication security, and carried out the research of data integrity, digital signature and other technologies; Second, with the development of computer and network, cryptography has graally become an important pillar of computer security and network security, which makes data security become a new content of information security, surpassing the previous dominant status of physical security in computer security< In 1969, B. Lampson proposed the access control model
in 1973, D. bell and L. lapala established a computer operation model to simulate military security strategy, which is the earliest and most commonly used computer multilevel security model< In 1985, the U.S. Department of Defense (DoD) proposed the trusted computer evaluation criteria (commonly known as the Orange Book) based on the bell lapala model. According to the security protection ability of computer system, it is divided into 8 levels< In 1987, Clark Wilson model was proposed for integrity protection and commercial application
Information Assurance
in October 1998, the US National Security Agency (NSA) issued the Information Assurance Technology Framework version 1.1, and on February 6, 2003, the US Department of Defense (DoD) issued the information assurance implementation order 8500.2, thus information assurance has become the established guiding ideology for us defense organizations to implement information warfare
Information Assurance (IA): protect the information system by ensuring the availability, integrity, identifiability, confidentiality and repudiation of the information, and introce the ability of protection, detection and response to provide the recovery function for the information system. This is the information assurance model PDRR
protection, detect detection, react response, restore recovery
with the development of American information assurance technology framework, people realize that the understanding of information security should not stay under the framework of protection, but also pay attention to the detection and response ability of information system< In 2003, China published the opinions of the national information leading group on information security, which is the guiding document for the country to raise information security to a strategic level.
research achievements of information security technology:
development of various cryptographic algorithms and their applications:
des (data encryption standard), RSA (public key system), RSA (public key system), RSA (public key system) and ECC (elliptic curve discrete logarithm cryptosystem), etc
computer information system security model and security evaluation criteria:
access monitor model, multi-level security model, etc; TCSEC (trusted computer system evaluation criteria), ITSEC (information technology security evaluation criteria), etc<
encryption
encryption is a means that only the sender and receiver can decode and restore the information by recombining the information
the traditional encryption system is based on the key, which is a kind of symmetric encryption, that is to say, users use the same key to encrypt and decrypt< At present, with the development of technology, encryption is graally integrated into the system and network, such as the next generation Internet Protocol IPv6, which is being developed by IETF. In terms of hardware, Intel is also developing an encryption coprocessor for PC and server motherboards
authentication
firewall is the first line of defense of the system to prevent the intrusion of illegal data, and the role of security check is to prevent illegal users. There are many ways to identify the legitimacy of a user, password is the most commonly used, but because many users use easily guessed words or phrases as passwords, this method often fails. Other methods include identification of human physiological characteristics (such as fingerprints), smart IC card and USB disk<
digital signature
digital signature can be used to prove that the message is indeed signed by the sender, and when the digital signature is used for stored data or program, it can be used to verify the integrity of the data or program
the digital signature standard (DSS) adopted by the US government uses secure hash algorithm. By using this algorithm to calculate the processed information, a 160 bit digital string can be obtained. By combining this digital string with the key of the information in some way, a digital signature can be obtained
content inspection
even with firewall, identity authentication and encryption, people are still worried about being attacked by viruses. Some viruses spread through e-mail or ActiveX and Java applets downloaded by users. After the applet with virus is activated, it may automatically download other applets. The existing anti-virus software can remove e-mail virus, and there are also some ways to deal with new Java and ActiveX viruses, such as improving the firewall to monitor the operation of the applet, or labeling the applet to let users know their source< In 1976, Diffie and Hellman published their paper "new directions in cryptography" [9], the so-called cryptography refers to symmetric key cryptosystem. Because encryption / decryption uses the same key, it is also called single key cryptosystem
this kind of algorithm has a long history, from the earliest Caesar cipher to the most used des cipher algorithm, all belong to the single key cryptosystem
generally, A key encryption system consists of the following parts:
① message space m (message)
② ciphertext space C (ciphertext)
③ key space K (key)
④ encryption algorithm e (encryption algorithm)
⑤ decryption algorithm D (decryption algorithm)
the message M (called plaintext) in message space is encrypted by encryption algorithm controlled by encryption key K1 C Ciphertext C can recover original plaintext m by decryption algorithm controlled by decryption key K2. That is:
EK1 (m) = C
DK2 (c) = m
DK2 (EK1 (m)) = m
concept:
when the encryption key of an algorithm can be calculated from the decryption key, or vice versa, the decryption key can be calculated from the encryption key, this algorithm is called symmetric algorithm, also known as secret key algorithm or single key algorithm
when the encryption key is different from the decryption key and one of the keys cannot be calculated from the other key, this algorithm is called public key algorithm< Caesar cipher transformation
the more general shift substitution cipher transformation is
encryption: e (m) = (M + k) mod 26
decryption: D (c) = (c-k) mod 26
2. Permutation cipher
in permutation cipher, the letters of plaintext and ciphertext remain the same, but the order is disordered. In a simple permutation cipher, the plaintext is written horizontally on a chart with a fixed width, and the ciphertext is read vertically; Decryption is to write the ciphertext vertically on the chart paper according to the same width, and then read the plaintext horizontally. For example:
plaintext: encryption is the transformation of data into some unreadable form
ciphertext: eiffeb nsodml ctraee rhmtuf yeaano pttirr trinem iaota onod nsosa
in 1940s, Shannon proposed a commonly used evaluation concept. A good encryption algorithm should have fuzziness and diffusion
Fuzziness: the encryption algorithm should hide all local patterns, that is, any recognition character of the language should become fuzzy, and the encryption method should hide the suggestive language features that may lead to cracking the key
diffusibility: the encryption method is required to mix different parts of the ciphertext, so that no character is in its original position
the reason why the encryption algorithm is easy to crack is that it fails to meet the two Shannon conditions< Data encryption standard (DES)
DES algorithm changes 64 bit plaintext input block into 64 bit ciphertext output block, and its key is also 64 bit. Its function is to recombine the input 64 bit data block bit by bit, and divide the output into two parts, l0 and R0, each with 32 bits in length, after 16 iterations. L16 and R16 are obtained, which are used as input and inversely permuted to get ciphertext output. Inverse permutation is just the inverse operation of the initial set.
I can't put the specific method on the graph. Sorry,
DES algorithm can be summarized as follows:
subkey generation:
C [0] d [0] = PC – 1 (k)
for 1 & lt= i <= 16
{C[i] = LS[i](C[i− 1])
D[i] = LS[i](D[i− 1] )
k [i] = PC – 2 (C [i] d [i])}
encryption process:
L [0] R [0] = IP (x)
for 1 & lt= i <= 16
{L[i] = R[i− 1]
R[i] = L[i− 1] XOR f ( R[i− 1], K[i])}
c= IP− 1 (R [16] l [16]) V
decryption process:
R [16] l [16] = IP (c)
for 1 & lt= i <= 16
{R[i− 1] = L[i]
L[i− 1] = R[i] XOR f ( L[i], K[i])}
x= IP− 1 (L [0] R [0])
des encrypts 64 bit data block with 56 bit key, and encrypts 6 bit data block with 6 bit key
the development history of information security
the birth of communication security science
Caesar password in the ancient Roman Empire: it can transform plaintext information into strings that people can't understand, and when the ciphertext is sent to partners, it can be easily restored to the original plaintext form. Caesar cipher is obtained by moving plaintext letters by 3 bits
in 1568, L. Battista invented multiple tables instead of passwords, which were used by allied forces ring the American Civil War. For example: Vigenere password and Beaufort password
in 1854, Playfair invented multiple letters instead of password, which was used in Britain in the first World War. For example: Hill cipher, multi table, multi letter instead of cipher, has become the mainstream of classical cryptography
the development of Cryptanalysis: for example, W. Friedman used coincidence index to decipher multiple tables instead of cryptanalysis in 1918 as a milestone. In 1949, C. Shannon's communication theory of secure system was published in bell system technology magazine. These two achievements lay a foundation for the scientific research of cryptography. From art to science. In fact, this is the birth of communication security science, in which cryptography is the core technology< In the 1970s, DES (American data encryption standard) of IBM and Diffie Hellman of 1976 proposed the idea of public key cryptography. In 1977, RSA, the public key cryptography algorithm, injected new vitality into the development of cryptography
public key cryptography has set off a revolution, which has three contributions to information security: firstly, it describes the strength of cryptographic algorithm in terms of computational complexity, breaking through the limitation that Shannon only cares about theoretical strength; He transforms the two requirements of key management in traditional cryptographic algorithm into the requirements of protecting the confidentiality of one lattice and the integrity of the other lattice; It changes the key ownership of traditional cryptographic algorithm from two sides of communication to a single user, so that the complexity of key management is greatly reced
for the proposal of public key cryptography, we should pay attention to the following aspects: firstly, the research of cryptography has graally gone beyond the scope of data communication security, and carried out the research of data integrity, digital signature and other technologies; Second, with the development of computer and network, cryptography has graally become an important pillar of computer security and network security, which makes data security become a new content of information security, surpassing the previous dominant status of physical security in computer security< In 1969, B. Lampson proposed the access control model
in 1973, D. bell and L. lapala established a computer operation model to simulate military security strategy, which is the earliest and most commonly used computer multilevel security model< In 1985, the U.S. Department of Defense (DoD) proposed the trusted computer evaluation criteria (commonly known as the Orange Book) based on the bell lapala model. According to the security protection ability of computer system, it is divided into 8 levels< In 1987, Clark Wilson model was proposed for integrity protection and commercial application
Information Assurance
in October 1998, the US National Security Agency (NSA) issued the Information Assurance Technology Framework version 1.1, and on February 6, 2003, the US Department of Defense (DoD) issued the information assurance implementation order 8500.2, thus information assurance has become the established guiding ideology for us defense organizations to implement information warfare
Information Assurance (IA): protect the information system by ensuring the availability, integrity, identifiability, confidentiality and repudiation of the information, and introce the ability of protection, detection and response to provide the recovery function for the information system. This is the information assurance model PDRR
protection, detect detection, react response, restore recovery
with the development of American information assurance technology framework, people realize that the understanding of information security should not stay under the framework of protection, but also pay attention to the detection and response ability of information system< In 2003, China published the opinions of the national information leading group on information security, which is the guiding document for the country to raise information security to a strategic level.
research achievements of information security technology:
development of various cryptographic algorithms and their applications:
des (data encryption standard), RSA (public key system), RSA (public key system), RSA (public key system) and ECC (elliptic curve discrete logarithm cryptosystem), etc
computer information system security model and security evaluation criteria:
access monitor model, multi-level security model, etc; TCSEC (trusted computer system evaluation criteria), ITSEC (information technology security evaluation criteria), etc<
encryption
encryption is a means that only the sender and receiver can decode and restore the information by recombining the information
the traditional encryption system is based on the key, which is a kind of symmetric encryption, that is to say, users use the same key to encrypt and decrypt< At present, with the development of technology, encryption is graally integrated into the system and network, such as the next generation Internet Protocol IPv6, which is being developed by IETF. In terms of hardware, Intel is also developing an encryption coprocessor for PC and server motherboards
authentication
firewall is the first line of defense of the system to prevent the intrusion of illegal data, and the role of security check is to prevent illegal users. There are many ways to identify the legitimacy of a user, password is the most commonly used, but because many users use easily guessed words or phrases as passwords, this method often fails. Other methods include identification of human physiological characteristics (such as fingerprints), smart IC card and USB disk<
digital signature
digital signature can be used to prove that the message is indeed signed by the sender, and when the digital signature is used for stored data or program, it can be used to verify the integrity of the data or program
the digital signature standard (DSS) adopted by the US government uses secure hash algorithm. By using this algorithm to calculate the processed information, a 160 bit digital string can be obtained. By combining this digital string with the key of the information in some way, a digital signature can be obtained
content inspection
even with firewall, identity authentication and encryption, people are still worried about being attacked by viruses. Some viruses spread through e-mail or ActiveX and Java applets downloaded by users. After the applet with virus is activated, it may automatically download other applets. The existing anti-virus software can remove e-mail virus, and there are also some ways to deal with new Java and ActiveX viruses, such as improving the firewall to monitor the operation of the applet, or labeling the applet to let users know their source< In 1976, Diffie and Hellman published their paper "new directions in cryptography" [9], the so-called cryptography refers to symmetric key cryptosystem. Because encryption / decryption uses the same key, it is also called single key cryptosystem
this kind of algorithm has a long history, from the earliest Caesar cipher to the most used des cipher algorithm, all belong to the single key cryptosystem
generally, A key encryption system consists of the following parts:
① message space m (message)
② ciphertext space C (ciphertext)
③ key space K (key)
④ encryption algorithm e (encryption algorithm)
⑤ decryption algorithm D (decryption algorithm)
the message M (called plaintext) in message space is encrypted by encryption algorithm controlled by encryption key K1 C Ciphertext C can recover original plaintext m by decryption algorithm controlled by decryption key K2. That is:
EK1 (m) = C
DK2 (c) = m
DK2 (EK1 (m)) = m
concept:
when the encryption key of an algorithm can be calculated from the decryption key, or vice versa, the decryption key can be calculated from the encryption key, this algorithm is called symmetric algorithm, also known as secret key algorithm or single key algorithm
when the encryption key is different from the decryption key and one of the keys cannot be calculated from the other key, this algorithm is called public key algorithm< Caesar cipher transformation
the more general shift substitution cipher transformation is
encryption: e (m) = (M + k) mod 26
decryption: D (c) = (c-k) mod 26
2. Permutation cipher
in permutation cipher, the letters of plaintext and ciphertext remain the same, but the order is disordered. In a simple permutation cipher, the plaintext is written horizontally on a chart with a fixed width, and the ciphertext is read vertically; Decryption is to write the ciphertext vertically on the chart paper according to the same width, and then read the plaintext horizontally. For example:
plaintext: encryption is the transformation of data into some unreadable form
ciphertext: eiffeb nsodml ctraee rhmtuf yeaano pttirr trinem iaota onod nsosa
in 1940s, Shannon proposed a commonly used evaluation concept. A good encryption algorithm should have fuzziness and diffusion
Fuzziness: the encryption algorithm should hide all local patterns, that is, any recognition character of the language should become fuzzy, and the encryption method should hide the suggestive language features that may lead to cracking the key
diffusibility: the encryption method is required to mix different parts of the ciphertext, so that no character is in its original position
the reason why the encryption algorithm is easy to crack is that it fails to meet the two Shannon conditions< Data encryption standard (DES)
DES algorithm changes 64 bit plaintext input block into 64 bit ciphertext output block, and its key is also 64 bit. Its function is to recombine the input 64 bit data block bit by bit, and divide the output into two parts, l0 and R0, each with 32 bits in length, after 16 iterations. L16 and R16 are obtained, which are used as input and inversely permuted to get ciphertext output. Inverse permutation is just the inverse operation of the initial set.
I can't put the specific method on the graph. Sorry,
DES algorithm can be summarized as follows:
subkey generation:
C [0] d [0] = PC – 1 (k)
for 1 & lt= i <= 16
{C[i] = LS[i](C[i− 1])
D[i] = LS[i](D[i− 1] )
k [i] = PC – 2 (C [i] d [i])}
encryption process:
L [0] R [0] = IP (x)
for 1 & lt= i <= 16
{L[i] = R[i− 1]
R[i] = L[i− 1] XOR f ( R[i− 1], K[i])}
c= IP− 1 (R [16] l [16]) V
decryption process:
R [16] l [16] = IP (c)
for 1 & lt= i <= 16
{R[i− 1] = L[i]
L[i− 1] = R[i] XOR f ( L[i], K[i])}
x= IP− 1 (L [0] R [0])
des encrypts 64 bit data block with 56 bit key, and encrypts 6 bit data block with 6 bit key
7. XP, win7 are OK, but the cracked version of the machine configuration requirements
8. In terms of performance and security, wpa2-psk (AES) is the best. Most routers can handle this type of encryption with ease. Moreover, wpa2-psk (AES) is the most secure and widely used wireless encryption protocol so far, Wired Equivalent Privacy (WEP) protocol is a way of encrypting the data transmitted wirelessly between two devices to prevent illegal users from eavesdropping or intruding into the wireless network. However, cryptanalysis experts have identified several weaknesses of WEP, so it was eliminated by Wi Fi protected access (WPA) in 2003 and replaced by the complete IEEE 802.11i standard (also known as WPA2) in 2004
the full name of WPA is Wi Fi protected access, which has two standards: WPA and WPA2. It is a system to protect the security of wireless computer network (Wi Fi). WPA implements most of the IEEE 802.11i standard, which is a transitional scheme to replace WEP before 802.11i is complete. The design of WPA can be used in all wireless network cards, but it may not be used in the first generation of wireless access points
WPA2 is the authentication form of IEEE 802.11i standard verified by Wi Fi alliance. WPA2 implements the mandatory elements of 802.11i. In particular, Michael algorithm is replaced by CCMP message authentication code, and RC4 is replaced by AES. WPA2 has a complete standard system, but it can not be applied to some old network cards
there are two encryption methods in WPA / WPA2: TKIP and AES. TKIP: temporary Key Integrity Protocol (TKIP) is responsible for the encryption part of wireless security. TKIP was designed with a very strict limitation: it must run on existing hardware, so it can not use advanced encryption algorithm. AES (Advanced Encryption Standard), also known as Rijndael encryption in cryptography, is a block encryption standard adopted by the federal government of the United States. This standard is used to replace the original DES, which has been analyzed by many parties and widely used all over the world. After five years of selection process, advanced encryption standard was published in FIPS pub 197 by National Institute of standards and Technology (NIST) on November 26, 2001, and became an effective standard on May 26, 2002. In 2006, advanced encryption standard has become one of the most popular algorithms in symmetric key encryption.
the full name of WPA is Wi Fi protected access, which has two standards: WPA and WPA2. It is a system to protect the security of wireless computer network (Wi Fi). WPA implements most of the IEEE 802.11i standard, which is a transitional scheme to replace WEP before 802.11i is complete. The design of WPA can be used in all wireless network cards, but it may not be used in the first generation of wireless access points
WPA2 is the authentication form of IEEE 802.11i standard verified by Wi Fi alliance. WPA2 implements the mandatory elements of 802.11i. In particular, Michael algorithm is replaced by CCMP message authentication code, and RC4 is replaced by AES. WPA2 has a complete standard system, but it can not be applied to some old network cards
there are two encryption methods in WPA / WPA2: TKIP and AES. TKIP: temporary Key Integrity Protocol (TKIP) is responsible for the encryption part of wireless security. TKIP was designed with a very strict limitation: it must run on existing hardware, so it can not use advanced encryption algorithm. AES (Advanced Encryption Standard), also known as Rijndael encryption in cryptography, is a block encryption standard adopted by the federal government of the United States. This standard is used to replace the original DES, which has been analyzed by many parties and widely used all over the world. After five years of selection process, advanced encryption standard was published in FIPS pub 197 by National Institute of standards and Technology (NIST) on November 26, 2001, and became an effective standard on May 26, 2002. In 2006, advanced encryption standard has become one of the most popular algorithms in symmetric key encryption.
Hot content