In the last article, we introduced how to negotiate a key for symmetric encryption through asymmetric encryption, which can ensure that the key will not be stolen, thus achieving confidentiality.
But only confidentiality, far from security. ...
Because although the session key can't be stolen, the malicious person can try to modify the reorganization related information and return it to the website, because without the guarantee of integrity, the server can only "accept all orders".
In addition, malicious people can also forge public keys. If we get a "fake public key", the hybrid encryption at this time will be completely invalid. Maybe the target we thought was actually an impostor.
So, today we will talk about the characteristics of integrity and identity authentication based on confidentiality.
Secrets that lack integrity may be replaced or tampered with by hackers. Next, let's look at how to add integrity to secrets.
If encryption algorithm is the guarantee of confidentiality, then the main means to achieve integrity is digest algorithm, which is often called hash function and hash function.
We can approximately understand the abstract algorithm as a special compression algorithm. It can "compress" data of any length into a fixed length, which is the only "abstract string", just like generating a digital "fingerprint" for information. Therefore, a good summarization algorithm must be "anti-collision" (two different original texts correspond to the same summarization) and make this possibility as small as possible. Because abstract algorithms have one-way and avalanche effects on input.
1. Unidirectional
All hash functions have a basic feature: if the hash values are different (the same function), the original inputs of the two hash values are also different. A hash function with this property is called a one-way hash function, that is, for a given hash value, the original text cannot be deduced reversely.
2. Avalanche effect
Avalanche effect means that when the input changes minimally, the output changes indistinguishably. A qualified digest algorithm, no matter any slight change in key or plaintext, will inevitably lead to an indistinguishable change in hash value. Therefore, TLS also uses summary algorithm to generate pseudo-random function (PRF).
It is believed that every developer has heard or used SHA- 1 (Secure Hash Algorithm 1) and MD5 (Message-Digest 5) at work, which are the two most commonly used summarization algorithms, and can generate digital abstracts with the length of 20 bytes and 16 bytes. Unfortunately, it was cracked in 2005 and 2009 respectively and has been banned in TLS.
At present, TLS recommends SHA-2, the successor of SHA- 1, which belongs to cryptographic hash function.
Algorithm standard, developed by the National Security Agency. * * * There are six kinds, commonly used are SHA224, SHA256 and SHA384, which can generate 28-byte, 32-byte and 48-byte abstracts respectively.
This algorithm can ensure that the "digital abstract" is completely equivalent to the original text, so we can ensure the integrity of the data as long as we attach its abstract to the original text.
How to understand it? After the client sends the message and message digest (SHA-2) to the server, the server also calculates and compares the two "fingerprints" after getting the message digest. If they are consistent, it means that the message is complete and credible and has not been modified. Because even a small change in the message (such as a punctuation mark, which is the avalanche effect), the summary will be completely different, and the server will find that the message has been tampered with and is not credible.
However, everyone must have seen the problem at this time. Algorithms are not secret. If the transmission is in plain text, the hacker can modify the message and the digest together.
Therefore, the real integrity must be based on confidentiality, which is the cornerstone of network security (I)-encryption, as explained in the last issue: in a hybrid encryption system, messages and abstracts are encrypted with session keys, so that hackers can't know the plaintext, and there is no way to "cheat".
Encryption and summarization realize the confidentiality and integrity of the communication process, and our communication process can be said to be relatively safe. But there are still loopholes, that is, the two ends of communication.
For the two ends of the communication, we also need to solve the problem of identity authentication. Simply put, it is how to prove each other's true identity. Because on the one hand, hackers can pretend to be websites to steal your information, on the other hand, they can also pretend to be you and send messages such as payment and transfer to websites. The website can't confirm your identity, so money may be stolen.
Recall that in real life, the common means to solve identity authentication are signature, handprint, seal and so on. As long as you write your signature and seal on the paper, you can prove that this document is really sent by yourself and not by others.
What fingerprints in TLS are so similar to seals that they can only be held by themselves? As long as you have this thing, you can prove your identity in the online world. Looking back at what we introduced earlier, it is easy to think that it is the private key in asymmetric encryption. Using private key and digest algorithm can realize digital signature, identity authentication and non-repudiation.
Signature and verification
The principle of digital signature is actually not complicated, that is, the usage of public key and private key is reversed. Previously, public key encryption and private key decryption were used. Now it's private key encryption and public key decryption.
A signature is as public as a public key, and anyone can get it. However, this signature can only be unlocked by using the public key corresponding to the private key. After you get the abstract, you can verify the integrity by comparing it with the original text, and you can prove that the message is indeed sent by you like signing a document. The two behaviors in the whole process also have their own special terms, called signature and verification.
Looking back at the four characteristics of secure communication, we all realized it. Is the whole communication process perfect? The answer is no, there is also a problem of "public key trust", because anyone can publish public keys, and we still lack the means to prevent hackers from forging public keys. This part can refer to the next article "Public Key Trust-Digital Certificate and CA".
abstract
Network security involves too many aspects of knowledge, especially the basic knowledge of the network is very important to us. What do you want to share about this part? Welcome to share your information or correct me.
Network security series topics