Current location - Quotes Website - Famous sayings - How can we better protect 217 computer information security?
How can we better protect 217 computer information security?
Introduction to the role of cryptography in information security Based on daily life, students' understanding of passwords may only intuitively come from the passwords of social accounts and bank cards. If computers are mentioned again, it may be the power-on password. Strictly speaking, the passwords mentioned above are not passwords in cryptography, they are just passwords. Cryptography is a technical science that studies the compilation and decoding of passwords. Studying the objective law of password change and applying it to compiling passwords to keep communication secrets is called coding; The application of deciphering codes to obtain communication information is called deciphering, which is called cryptography. It is easy to understand here that we can cite the technical mechanism of "door lock" because it can reflect the technical thought of cryptography to a certain extent. First, the role of cryptography So what is the role of cryptography? It is a subject used to study how to transmit information in secret. In modern times, especially the mathematical study of information and its transmission, is often considered as a branch of mathematics and computer science, and is also closely related to information theory. Ron Rivest, a famous cryptographer, explained: "Cryptography is about how to communicate in the presence of enemies". From the perspective of self-engineering, this is equivalent to the similarities and differences between cryptography and pure mathematics. Cryptography is the core of information security and other related issues, such as authentication and access control. The primary purpose of cryptography is to hide the meaning of information, not the existence of information. It can be seen that the password is an important secret means for the communication parties to carry out special information transformation according to the agreed rules, so that the exchanged information can be secured and not obtained by others. Generally speaking, it is to disguise information so that unauthorized people can't get the true meaning of information. Second, some related concepts of cryptography must first be mentioned as encryption keys. Because encryption and decryption are all under its control. Secondly, encryption algorithm is a cluster of mathematical transformations used for encryption, and correspondingly, a cluster of mathematical transformations used for decryption is called decryption algorithm, and decryption algorithm is the inverse operation of encryption algorithm. Only those who master encryption keys and algorithms can be considered as authorized people. According to these laws, changing plaintext into ciphertext (called encryption transformation) and ciphertext into plaintext (called decryption transformation) will enable legal communication parties to exchange information. Three properties of a password: confidentiality, fidelity and integrity. Therefore, cryptography is gradually developed in the practice of the struggle between coding and decoding, and with the application of advanced science and technology, it has become a comprehensive cutting-edge technical science. It is closely related to linguistics, mathematics, electronics, acoustics, information theory and computer science. Its practical research results, especially the encryption and decoding methods used by governments all over the world, are highly confidential. Fourth, the relationship between the origin of passwords and information security About 19 BC, some strange symbols appeared in the epitaph of a slave owner in ancient Egypt. Western cryptographers believe that this is the earliest appearance of passwords. Generally speaking, epitaphs do not need to be kept secret, probably out of respect for the owner of the tomb and the pursuit of artistic expression. With the rapid development of the Internet, the security of network information has become a major issue. In the early days, passwords only changed the encryption and decryption of characters or numbers. With the development of communication technology, encryption and decryption of voice, image, data and so on can be implemented. Now, especially in the technologies used in computer and network security, such as access control and information confidentiality. So cryptography and computer science promote each other. Now cryptography has been widely used in daily life, including chip cards of ATMs, computer users' access passwords, e-commerce and so on. When it comes to the relationship between password and information security, it is not difficult to understand that password is the key technology or core technology of information security. Therefore, internationally, passwords belong to the sovereignty of a country. That is, any country has its own choice. Because of the confidentiality of information, almost all fields of information security need to apply cryptography, so cryptography is also a * * * technology of information security. Then the importance of passwords to information security can also be seen. V. Professional definition of information security Information security refers to the protection of information systems (including hardware, software, data, people, physical environment and its infrastructure) from accidental or malicious reasons, damage, change and disclosure, continuous and reliable operation of the system, uninterrupted information service, and finally business continuity. Information security mainly includes the following five aspects: the need to ensure the confidentiality, authenticity, integrity, unauthorized copying and the security of the parasitic system. Its fundamental purpose is to protect internal information from threats from internal, external and natural factors. In order to ensure information security, information source authentication and access control are required, and there can be no illegal software resident or unauthorized operation. Since some people want to encrypt the information, some enemies want to crack the password and intercept the information. 6. The relationship between the development of password deciphering and information security In 1412, the encyclopedia compiled by Persian Kalekashandi contained the method of deciphering simple passwords instead of passwords. By the end of 16th century, some European countries had full-time decipherers to decipher intercepted secret messages. Cryptographic decoding technology has made considerable progress. Cryptography and Decoding Techniques written by Kasinsky, a Prussian in 1863, and Military Cryptography written by Kerckhoff, a Frenchman in 1883, all discussed and discussed the theory and methods of cryptography. It has to be said that the two world wars were "invincible periods" for the development of cryptography and information security. Cryptography in the First World War. The United States deciphered the passwords of other countries. After the end of World War I, MI8 was dissolved. Yadeli led more than 5 people left behind to set up the American Black Room, which was dedicated to deciphering the diplomatic secrets of various countries. From 1917 to 1929, the "American Black Room" team led by Yadley deciphered more than 45, secret messages, including China, Germany, Britain, France and Russia. In October 1927, Yardley's "American Black Room" was closed by the Secretary of State on the grounds that "gentlemen don't peek at letters". This language has become a famous saying in the history of American cryptography. Later, Yardley wrote this experience into a book "American Black Room". Cryptography in the Second World War. Cryptography technology has been greatly improved during World War II. In World War I, cryptography mainly relied on manual encryption and decryption, and the complexity, security and encryption and decryption speed of passwords were not high enough. The cryptographers were mainly composed of language experts, guessing experts and chess champions. The encryption technology in wartime has been electromechanical, and encryption and decryption are carried out by electromechanical devices, which greatly improves the complexity, security and encryption and decryption speed of passwords. Cryptographers also have math experts to join in and play a leading role. Military experts commented: "The success of the allied forces in cryptography made the Second World War end ten years earlier." China's War of Resistance against Japanese Aggression was an important part of the Second World War. It is proud that China people cracked some Japanese passwords and made important contributions to the victory of the war. At the end of 1938, Yadeli came to Chongqing as a consultant for the military system to decipher passwords, trained more than 2 cryptographers for the military system, and returned to China in July 194. Later, China deciphered the Chongqing meteorological secret message of Japanese spies and captured them. He also cracked a spy password of Wang Fei and captured the spy. It also deciphered the code of the Japanese air force, which reduced the loss of air combat in Chongqing; He also cracked some passwords of the Japanese Ministry of Foreign Affairs and obtained some information before the Pearl Harbor incident. By 1949, Shannon, an American, published the article "Communication Theory of Secret System", and applied the principle of information theory to analyze some basic problems in cryptography. Since the 19th century, the widespread use of telegrams, especially wireless telegrams, has provided extremely favorable conditions for cryptographic communication and interception by a third party. Communication secrecy and detection and decoding have formed a hidden front with fierce struggle. At present, the governments of major countries in the world attach great importance to cryptography. Some of them have set up huge institutions, allocated huge funds, concentrated tens of thousands of experts and scientific and technological personnel, and invested a lot of high-speed computers and other advanced equipment in their work. At the same time, private enterprises and academic circles have paid more and more attention to cryptography, and many mathematicians, computer scientists and experts in other related disciplines have also devoted themselves to the research of cryptography, which has accelerated the development of cryptography. Finally, cryptography has become an independent discipline. The relationship between cryptography and information security cryptography is an interdisciplinary subject, which is derived from many fields: it can be regarded as information theory, but it uses a lot of tools in the field of mathematics, such as number theory and finite mathematics. Information security is also a comprehensive subject involving computer science, network technology, communication technology, cryptography technology, information security technology, applied mathematics, number theory, information theory and other disciplines. As a resource, information is of great significance to human beings because of its universality, enjoyment, value-added, treatability and multi-utility. China's reform and opening up has brought about a sharp increase in all aspects of information, and requires large-capacity and efficient transmission of this information. There are many ways to transmit information, including local computer network, Internet and distributed database, cellular wireless, packet-switched wireless, satellite video conference, e-mail and other transmission technologies. In the process of information storage, processing and exchange, there is the possibility of leakage, interception, eavesdropping, tampering and forgery, so the security guarantee is highly valued. No matter organizations or individuals, more and more things are being entrusted to computers, sensitive information is being transmitted between computer systems through fragile communication lines, special information is stored in computers or transmitted between computers, electronic banking enables financial accounts to be consulted through communication lines, law enforcement departments know criminals' criminal records from computers, and doctors use computers to manage medical records. All these, the most important problem is that information cannot be transmitted without taking precautions against illegal (unauthorized) access. Therefore, we put forward the term security policy. Information security policy refers to the rules that must be observed to ensure a certain level of security protection. Realizing information security depends not only on advanced technology, but also on strict security management, legal constraints and security education. Eight, cryptography and information security * * * With the rapid development, China's information security industry started late. Since the beginning of this century, it has experienced three important stages of development (germination, outbreak and popularization, and the scale of the industry has gradually expanded. It has driven the continuous growth of market demand for information security products and services; In addition, the government's attention and policy support have also continuously promoted the rapid development of China's information security industry. According to the data of "Analysis Report on the Development Prospect and Investment Strategic Planning of China Information Security Industry in 213-217", the market scale of information security products in China reached 11.174 billion yuan in 21, up by 2.23% year-on-year. Qianwei. com believes that the information security industry has great development potential, but the information security situation in the domestic Internet industry is not optimistic at present. With the increasing penetration of the network into all aspects of social life, it is particularly urgent to enhance the awareness of network information security and enhance information security prevention measures. In 212, the information security industry will enter the stage of rapid development, and the requirements of the entire Internet users for security products will also be transferred to "active security defense". With the increasing awareness of users' security, active security products will be more concerned, and active security defense will become the mainstream of future security applications. In the market of information security, the mainstream e-commerce takes encryption technology as the basic security measure. Encryption technology is divided into two categories, namely symmetric encryption and asymmetric encryption. 1. Symmetric encryption is also called private key encryption, that is, the sender and receiver of information use the same key to encrypt and decrypt data. Its biggest advantage is its fast encryption/decryption speed, which is suitable for encrypting large amounts of data, but the key management is difficult. If the two communicating parties can ensure that the private key has not been leaked in the key exchange stage, confidentiality and message integrity can be realized by encrypting confidential information and sending message digest or message hash value with the message by this encryption method. Second, asymmetric encryption, also known as public key encryption, uses a pair of keys to complete encryption and decryption operations respectively, one of which is publicly released (that is, the public key) and the other is secretly kept by the user himself (that is, the private key). The process of information exchange is: Party A generates a pair of keys and makes one of them public as a public key, and Party B who gets the public key encrypts the information and then sends it to Party A, and Party A decrypts the encrypted information with its own private key because every computer has more or less security problems on the Internet. Security problems will inevitably lead to serious consequences. Such as system destruction, data loss, secret theft and direct and indirect economic losses, all of which can not be ignored. When it comes to security, we often talk about using firewalls, antivirus software and so on. One disadvantage of cryptographic technology is that passwords are not good at solving the security problems of information processing forms. This is the root cause of the current virus flooding, and we don't have a good solution. So please remember: "No matter how good the password is, it can't kill the virus, and no matter how good the virus killing software is, it can't be used as a password." Both are important! Having said that, cryptography and information security are complementary. Cryptography develops faster because of information security, and information can be exchanged safely under the protection of cryptography. References: [1] Xie Xiren. Computer Network (4th Edition) [M]. Beijing: Electronic Industry Press, 23. [2] Zhang Min, Xu Yuejin. Network Security Experiment Course, Tsinghua University Press, June, 27. [3] Xu Zhikun, Wang Wei, etc. Network Infiltration Technology, Electronic Industry Press, 25-5. . I wrote this by hand before, and it can also be related to cryptography. If you think it can be used, take it.