Security may be an eternal topic in the computer industry. From 2004 to 2005, Professor Wang Xiaoyun of Shandong University cracked MD5, which reduced the security strength of SHA- 1 and attracted everyone's attention. And with the development and popularization of network technology, everyone's awareness of network security is getting stronger and stronger. So here, I will introduce the basic knowledge of encryption and security, so that everyone can have a more accurate understanding and grasp of this aspect and better protect the security of their important data.
This paper focuses on the basic knowledge of cryptography. This article is gradually revised and improved. If any friends have questions about safety, please ask them. We will try our best to help them find the answer and enrich the content of this article, thus helping more people. If there are any problems or mistakes in this article, you are also welcome to criticize and correct them.
1. Please get ready and start work.
The method of cryptography is not far away from us. It is widely used, and we often use it in our daily use of computers, but we don't pay much attention to it. For example, when we start Windows, we need to enter a password, which is encrypted and stored in the system. When we surf the Internet, some websites need us to establish a secure connection, which is also supported by cryptographic algorithms. In your IE browser, look at the tools-> Internet options-> Content-> Certificate, you will find that cryptography has been quietly working for us in the background.
There are many encryption algorithms. Include symmetric algorithm, asymmetric algorithm, message digest algorithm, etc. Symmetric encryption algorithms include DES and AES. Asymmetric encryption algorithms include RSA, DSA, elliptic curve algorithm and so on.
Next, I will give a brief introduction to the main password security technologies in the form of explaining the basic concepts one by one.
2. Simple password
"Heavenly King Beggars, Woody, Baota Town River Demon ..." Everyone must have seen the scene of bandits exchanging signals in the movie. In fact, the "slang" in the mouth of bandits is the simplest password. It's just that this password is so simple that it can't stand the analysis of cryptographers and is very easy to decipher.
3. Caesar password
This is an ancient encryption method, which Julius Caesar used to communicate when marching in the war, hence the name. Its principle is very simple, in fact, it is the replacement of a single letter. Let's look at a simple example: "This is Caesar's code". Encrypted with Caesar password, the string becomes "Vjkuku Ecuct EQFG". It seems that encryption is "safe". But you can try to turn each letter of this puzzle into a letter that moves forward two places in the alphabet ... Oh, the result is out.
The letter correspondence of Caesar's password:
A b c d e f g h i … x y z
China English Learning Network
4.rot 13
ROT 13 is a simple "encryption" method that is common on the network. It replaces N-Z in the alphabet with A-M characters, and replaces A-M characters with N-Z characters. Its principle is very similar to Caesar's code. Caesar's password is shifted by 2 bits, while ROT 13 is shifted by 13 bits. ROT 13 is usually used as a simple means to prevent our e-mails from being directly recognized and read, and from being directly found by those matching programs in the usual way.
Such as "V Ybir lbh!" This sentence is actually "I love you!" .
ROT 13 correspondence:
A b c d e f g h I … x y z
N o p q r s t u v … k l m
Do you understand? "Decrypt" the following:
jrypbxr gb jjj.syntjner.arg
5. Restricted password
The "encryption" discussed above is very simple, so simple that it can be cracked manually without the help of a computer, so simple that it can only prevent my 3-year-old sister from peeking at your file J.
We can make these algorithms more complicated, introduce more transformations, more crossover and diffusion ... which may be more difficult to decipher. However, no matter how complicated it is on this basis, it can't jump out of the category of "restricted passwords". The so-called "restricted password" means that the security of the algorithm is based on the confidentiality of the algorithm. Once the algorithm is leaked, the encrypted content is completely unsafe. The algorithm we discussed earlier has this feature.
The problem of algorithm leakage greatly limits the application scope of this kind of algorithm. Basically no one uses it now.
6. The beginning of modern cryptography: the separation of keys and algorithms.
Once the restricted password reveals the algorithm, all encrypted content will be exposed in broad daylight. It is dangerous to protect important information in this way. Therefore, cryptographers put forward the idea of algorithm and key separation. This is a milestone in cryptography.
The idea is that the security of a password depends on the key, not the algorithm. Each message is encrypted with a key. As long as the key is not leaked, the message is secure. Even if the algorithm is public, it will not threaten the security of the message. Modern cryptographic algorithms, such as 3DES and AES AES, all belong to this category. We will briefly introduce these algorithms later.
7. Clarify that there is usually no absolute concept of information security.
Before introducing modern cryptography and information security technology, it is necessary to clarify a concept: information security mentioned in cryptography is usually not absolute, but a relative category.
A cryptographer once commented that if you want your information to be absolutely safe, you have to write down your confidential information and put it in a safe, weld the safe to death, and dig a hole in an unknown corner of the Pacific Ocean, which may be close to absolute security. But such security is useless, because it cannot be obtained by people who need information. Therefore, this "security" is useless. In fact, this can't be called "information security", but it may be more appropriate to call it "information hiding".
What we call information security is valuable information security. This kind of security is relatively safe.
However, "relative security" does not mean insecurity. The "lock" we use in our daily life is actually relatively safe. In fact, the security strength of cryptographic algorithms is many times higher than that of ordinary locks.
8. Relative security
In the information theory founded by the mathematician Claude E.Shanon, a conclusion is proved by strict mathematical methods: all cryptographic algorithms can be cracked in theory except one secret at a time. These cryptographic algorithms, including present and past, known and unknown, no matter how complex and advanced, can be deciphered as long as there are powerful computers and enough ciphertext.
Then the question comes: what's the use of a password in this case?
That's why we should discuss relative safety.
As mentioned earlier, all passwords are theoretically decipherable. However, it is only when you have a powerful computer that you can decipher it. In fact, there may not be such a strong computer. If it takes hundreds of years to decipher an algorithm with the most powerful computer, even if it can be deciphered in theory, it is actually of practical value.
Therefore, we can understand the concept of relative security in this way: if a piece of information needs to be kept secret for 10 years, and if it takes 20 years to crack, then the information is safe. Otherwise, it is not safe.
In reality, the available computing power is proportional to the economic cost to some extent. Therefore, the degree of security can also be measured from an economic point of view. If a piece of information is worth one million yuan, and it takes100000 yuan to make a computer powerful enough to be cracked, then it is safe. However, if the value of information is 6.5438+million yuan, with 6.5438+million yuan, enough computing power can be obtained to crack it, then it is not safe.
9. One secret at a time
As mentioned above, except one secret at a time, all other passwords can be cracked theoretically. So what is one secret at a time? One secret at a time means using a different key for each encryption (nonsense, just like nothing). Strictly speaking, a password that meets the following conditions is truly one secret at a time:
A. The key is randomly generated and must be a true random number, not a pseudo-random number;
B. The key cannot be reused;
The effective length of the key is not less than the length of the ciphertext.
One secret at a time is the safest encryption algorithm. Once the two parties have exchanged keys safely, the process of exchanging information afterwards is secure. This algorithm has been applied to some occasions that need high confidentiality. It is said that the hotlines of the United States and the former Soviet Union and the spies of the former Soviet Union are encrypted one secret at a time. No matter how powerful the supercomputer is, no matter how long it works, no matter how many people it uses, what methods and technologies it uses, and how much computing power it has, it is impossible to crack one-time encrypted information unless you go back to that era and get the cipher book (that is, the key) it used. A secret of the former Soviet spy and a secret encrypted message will become a permanent mystery.
10. The concept of symmetric algorithm
The so-called symmetric algorithm means that the encryption and decryption processes use the same key. DES, 3DES, AES and other algorithms are all symmetric algorithms. These representative algorithms will be introduced one by one.
1 1.DES algorithm
DES (Data Encryption Standard) is a classical symmetric algorithm. Its packet length is 64 bits, the used key is 64 bits, and the effective key length is 56 bits (8 bits are used for parity check). It was developed by IBM in the 1970s. After being screened by the government's encryption standard, it was adopted by the US government in June1976165438+1October, and then recognized by the American National Bureau of Standards and the American National Standards Institute (ANSI).
The algorithm of this technology is open and widely used in various industries. DES algorithm has been published for more than 20 years. With the rapid development of computer capabilities, the 56-bit key length of DES is somewhat short. Now, it is possible to attack it in an exhaustive way. But beyond that, we haven't found an effective way to decipher DES.
The data flow chart of DES algorithm is shown in the following figure:
12. Triple DES
DES algorithm can't provide enough security now, because its effective key is only 56 bits. Therefore, triple DES (or 3DES) was proposed later, and the strength of this method is similar to that of 1 12 bits.
This method uses two keys to perform three operations on plaintext. Let two keys be K 1 and K2, and the algorithm steps are shown as follows:
1. DES encryption with key K 1
2. Decrypt the result of step 1 with K2.
3. DES encrypt the result of step 2 with the key K 1.
13.AES algorithm
1997 1 10 In October, the National Institute of Standards and Technology (NIST) announced the collection of new encryption algorithms. On June 2nd, 2000, at 10, Rijndael algorithm designed by Belgian designers Joan Damon and Vincent Riemann finally won, and became a new generation encryption standard AES (Advanced Encryption Standard) because of its excellent performance and anti-attack ability.
Rijndael encryption:
Rijndael is a key iterative block cipher, which contains the repeated effect of cyclic transformation on the state. The value of the number of rounds Nr depends on the length of the packet and the key. For AES, when the key length is 128 bits, NR =10; ; When the key length is 192 bits, NR =12; ; When the key length is 256 bits, Nr = 14.
The encryption process of Rijndael algorithm is shown in figure 1. It includes an initial key addition, recorded as AddRoundKey, followed by Nr- 1 round transformation, and finally a FinalRound transformation is used.
Round transformation includes four steps: bytes, ShiftRows, MixColumns and AddRoundKey. The last round is slightly different from the previous Nr-1 round, and the MixColumns step is omitted.
Step sub-byte is the only nonlinear transformation in Rijndael algorithm.
Step ShiftRows is a kind of byte transpose, which cyclically shifts the lines in the state according to different offsets. Move the byte at the j-th bit of the ith line to the position (j -Ci)mod Nb, and the value of the shift offset Ci depends on the value of Nb. Where Nb = packet length /32, and for AES, Nb adopts a fixed length of 4.
Step MixColumns is a permutation algorithm, which acts on each column of the state.
Key addition AddRoundKey XOR the state with a cyclic key. The cyclic key is derived from the encryption key through the key permutation scheme [1]. The length of the cyclic key is equal to the length of the data packet.
Rijndael decryption:
Rijndael decryption algorithm has two forms. One is the direct decryption algorithm, that is, the data is directly decrypted by using the inverse operations of steps bytes, InvShiftRows, InvMixColumns and AddRoundKey.
The other is equivalent decryption algorithm, and its implementation principle is shown in Figure 2. The equivalent decryption algorithm is beneficial to effectively realize a good operation sequence.
14. The concept of asymmetric algorithm
The so-called asymmetric algorithm means that encryption and decryption do not use the same key.
The key of asymmetric algorithm is divided into two parts, which are usually called "public key" and "private key" (or "public key and private key"). There is a mathematical relationship between public key and private key, so that data encrypted with public key can only be decrypted with corresponding private key, and data encrypted with private key can only be decrypted with corresponding public key. However, it is very difficult to deduce the private key from the public key (it can be deduced in theory, but it is impossible to find such a strong computing power in practice).
Algorithms such as RSA and DSA belong to asymmetric algorithms.
15.RSA algorithm
RSA algorithm is the first algorithm that can be used for both encryption and digital signature, and it is also easy to understand and operate. RSA is the most widely studied public key algorithm. It has been nearly 30 years since 1978 was put forward. Tested by various attacks, it is gradually accepted by people. It is generally considered as one of the best public key schemes at present. It is generally believed that the difficulty of deciphering RSA is equivalent to the difficulty of decomposing large numbers. The algorithm was named after three inventors: Ron Livingstone, adi shamir and Leonard Aderman.
The principle of RSA algorithm:
1, key pair generation:
Choose two big prime numbers p and q to calculate: n = p * q.
Then the encryption key E is randomly selected, and it is required that E and (p- 1) * (q- 1) are prime numbers. Finally, use the
Euclidean algorithm calculates decryption key D to meet the following requirements.
e * d = 1(mod(p- 1)*(q- 1))
Where n and d are coprime. Numbers e and n are public keys and d is private key. Two prime numbers, P and Q, are no longer needed and should be discarded so that no one knows.
Step 2 encrypt
When encrypting information M (binary representation), firstly, M is divided into equal-length data blocks m 1, m2, ..., mi, block length s, where 2 s.
Ci = mi^e (modern)
3.[ Communication] Decryption
When decrypting, the following calculations are performed:
Mi = ci^d (modern)
16. Hash algorithm
Hash algorithm, also known as one-way hash function, hash function, hash algorithm, hash algorithm or message digest algorithm. By applying a one-way mathematical function to the data, it converts a piece of data with arbitrary length into irreversible data with fixed length. This part of data is usually called message digest (for example, by applying the hashing algorithm to a file of several megabytes, a message digest of 128 bits can be obtained). The message digest represents the characteristics of the original data. When the original data changes, the regenerated message digest will also change, even if the original data changes little, it can cause great changes in the message digest. Therefore, the message digest algorithm can sensitively detect whether the data has been tampered with. Message digest algorithm combined with other algorithms can be used to protect the integrity of data.
A good one-way hash function must have the following characteristics:
One-way calculation 1): given m and h, it is easy to find H = H (m), but conversely, given h and h, finding M = H- 1 (h) is computationally infeasible.
2) Weak collision degree of freedom: Given m, it is computationally infeasible to find another information M' and satisfy h(M')= h(M).
3) Strong collision degree of freedom: It is computationally infeasible to find different information m and M' and satisfy h(M')= h(M).
The one-way hash function is used to generate the hash value of data and save it, and then hash the data with the same hash function every time. If the obtained value is equal to the saved hash value, it is considered that the data has not been modified (data integrity verification) or the original data hashed twice is the same (password verification).
Typical hash functions are: MD5, SHA- 1, HMAC, GOST, etc. One-way hash function is mainly used in some occasions that only need encryption but not decryption, such as verifying the integrity of data, encryption of password table, digital signature, identity authentication and so on.
17. About MD5 and SHA- 1 etc.
In 2004, Professor Wang Xiaoyun of Shandong University cracked the MD5 algorithm, which caused an uproar in cryptography.
The full name of MD5 is Message-Digest Algorithm 5, which was developed by the Computer Science Laboratory of Massachusetts Institute of Technology and Ronald L. Rivest of RSA Data Security Company in the early 1990s, and by MD2, MD3 and MD4.
Crypto'2004 was held in Santa Barbara, California, USA on August 17, 2004, and three special reports on hash functions were arranged. After internationally renowned cryptographers Eli Biham and Antoine Joux successively analyzed SHA- 1 and gave a collision of SHA-0, Professor Wang Xiaoyun of Shandong University gave a report on decoding MD5, HAVAL- 128, MD4 and RIPEMD algorithms. Professor Wang Xiaoyun's report caused a sensation among the audience and was praised by the experts attending the meeting.
Soon, Lenstra, a cryptographer, forged a digital certificate conforming to the X.509 standard by using the collision of MD5 provided by Wang Xiaoyun, indicating that the decoding of MD5 is not only the result of theoretical decoding, but also leads to actual attacks, and the exit of MD5 is imminent.
The secure hashing algorithm 1(SHA- 1) was designed by NSA and incorporated into FIPS by NIST as the standard for hashing data. It can generate a hash value of 160 bits. SHA- 1 is a common one-way hash algorithm used to create digital signatures.
After MD5 was deciphered by experts from China, such as Wang Xiaoyun, the world cryptographers still think that SHA- 1 is safe. On February 7, 2005, the National Institute of Standards and Technology issued a statement that SHA- 1 has not been breached, and there is no sufficient reason to suspect that it will be breached soon. Only a week later, Wang Xiaoyun announced that the complexity of SHA- 1 algorithm to find a pair of conflicts is 2.69, not 2.80 as cryptographers used to think.
How to understand this result? In many reports, including the website of Shandong University, it is said that SHA 1 has been broken, cracked, and so on. The author has reservations about this statement. Quote Professor Wang Xiaoyun's paper:
"For SHA0, this attack is very effective, and we can find the actual collision in no more than 2 39 hash operations. We also attacked SHA 1 and weakened it to 58 steps, and found the actual collision in no more than 2 33 hash operations. "
"SHA0 and 58-step SHA 1 are simplified versions of 80-step complete SHA 1 to verify the efficiency of our new method. In addition, our analysis shows that the collision complexity of SHA 1 reduced to 70 steps is 2 50 hash operations. Based on this estimate, we expect to find a real collision of 70 steps SHA 1 on the current supercomputer. "
So strictly speaking, it should be understood as follows: this result reduces the calculation of breaking SHA 1 by 2000 times. In some cases, SHA 1 seems to be on the edge of insecurity.
MD5 has been breached, and SHA 1 is not so safe. What do we do now? There seem to be algorithms such as SHA-256 and SHA-5 12 available. Cryptographers are also studying new hashing algorithms.
18. Digital name recognition
Cryptography not only provides the encryption and decryption of information, but also provides the functions of identifying the source of information and ensuring the integrity and non-repudiation of information, and these three functions are all realized by combining digital signature technology.
Simply put, the principle of digital signature can be understood as follows: the content encrypted with the private key of asymmetric algorithm can only be decrypted with the corresponding public key. The private key is not public. Therefore, if a message can be decrypted with someone's public key, it must be encrypted with that person's private key. It is as difficult to forge as a real signature.
In practical application, the process of digital signature is usually realized as follows:
The plaintext to be transmitted is converted into message digest by function operation (different plaintext corresponds to different message digest), and the message digest is encrypted with private key and transmitted to the receiver together with plaintext. The receiver decrypts the message digest with the sender's public key, and then compares the new message digest generated by the accepted plaintext with the sender's message digest. The comparison results show that the plaintext does come from the expected sender and the hash has not been changed. If the inconsistency indicates that the plaintext has been tampered with or is not from the intended sender.
19. Digital certificate
In order to ensure the security of online electronic transactions and payments and prevent fraud in the process of transactions and payments, a trust mechanism must be established online. This requires that both buyers and sellers involved in e-commerce must have legal identities and can be effectively and correctly verified online. Digital certificate is an authoritative electronic document. It provides a way to verify your identity on the Internet, similar to the driver's license or ID card in daily life. It is issued by the authoritative organization-CA Certificate Authority Center, and people can use it to identify each other in Internet communication. Of course, CA, as an authoritative, fair and reliable third party, plays an important role in the process of digital certificate authentication.
The process of issuing digital certificates is generally as follows: the user first generates his own key pair and sends the public key and some personal identity information to the authentication center. After authentication, the authentication center will perform some necessary steps to ensure that the request is indeed sent by the user. Then, the authentication center will issue a digital certificate to the user, which contains the user's personal information and his public key information, as well as the signature information of the authentication center. Users can use their own digital certificates for various related activities. Digital certificates are issued by independent certification authorities. Digital certificates are different, and each certificate can provide different levels of credibility. You can get your own digital certificate from a certificate authority.
With the popularity of the Internet and the rapid development of various e-commerce activities and e-government activities, digital certificates have been widely used in various fields. At present, they mainly include: sending secure e-mail, visiting secure websites, online bidding, online signing, online ordering, secure online file transmission, online payment, online tax payment, online stock trading, online shopping and online customs declaration.
20.canada
CA is the abbreviation of Certification Authority. CA center, also known as digital certificate certification center. As a trusted third party in electronic transactions, CA Center is responsible for issuing digital certificates to all entities in the electronic commerce environment to prove the authenticity of their identities, and checking and managing the certificates in transactions. Users of digital certificates have their own public/private key pairs. A certificate contains the identity information of the certificate subject, its public key data, the name of the issuing authority, etc. After the issuing authority verifies that the certificate subject is a legally registered entity, it digitally signs the above information to form a certificate. In the public key certificate system, if a public key user needs the public key of any other user who has registered with CA, he can directly ask the user for the certificate, and then decrypt it with CA's public key to get the authenticated public key. Because the certificate has the signature of CA to realize authentication, and the attacker does not have the signature key of CA, it is difficult to forge a legitimate certificate, thus realizing public key authentication. Digital certificate certification center is the key link of the whole online electronic transaction security and the foundation of electronic transaction trust. It must be an authoritative, trustworthy and impartial third-party organization, which is trusted by all legally registered users.
The core function of CA is to issue and manage digital certificates. Generally speaking, the functions of CA certification center mainly include: certificate issuance, certificate renewal, certificate revocation and certificate verification. The specific description is as follows:
(1) receives an application for verifying a user's digital certificate.
(2) Determine whether to accept the user's digital certificate application, that is, the approval of the certificate.
(3) Issue (or refuse to issue) a digital certificate to the applicant.
(4) Receiving and processing the user's digital certificate update request.
(5) Receiving the query and revocation of the user's digital certificate.
(6) the validity period of the certificate.
(7) filing of digital certificates.
(8) Key archiving.
(9) Historical data archiving.
2 1. email encryption program
PGP is short for quite good privacy. PGP was originally the name of a program written by Phil Zimmermann in 199 1 This program was later maintained and published by MIT, ViaCrypt and PGP Inc Now, PGP is sold by NAI as commercial software. Meanwhile, PGP is also the name of a network standard (RFC 2440: Open PGP Message Format). Here, we mainly discuss PGP as RFC standard.
PGP is a system based on RSA and other encryption algorithms, which is used to protect the security of email and other information. You can use it to keep your email confidential to prevent unauthorized people from reading it, and it can also digitally sign your email so that the recipient can be sure that it was sent by you. It allows you to communicate safely with people you have never met, without any secret channels to deliver the key in advance.
Its encryption method uses the algorithm we discussed before. Its key management is different from other systems.
A mature encryption system must be supported by a mature key management mechanism. Public key system is put forward to solve the shortcoming of secrecy in the key distribution process of traditional encryption system. For example, one of the common means used by network hackers is "listening", and it is too dangerous to transmit keys through the network. For PGP, the public key should be public, so there is no anti-interception problem. However, there are still security problems in public key publishing, such as public key tampering, which may be the biggest loophole in public key cryptosystem. The user must ensure that the public key of the user belongs to the person who needs to receive the letter.
Let's take an example to illustrate this problem: take the communication between user A and user B as an example. Now suppose that user A wants to send a letter to user B. First, user A must obtain user B's public key. User A downloads from BBS or obtains it by other means, and uses it to encrypt letters and send them to B. Unfortunately, users A and B don't know that another user C sneaked into BBS or network, intercepted or intercepted user B's public key, and then replaced user B's public key with the public key in the key pair generated by user B's name in their own PGP system, put it on BBS or directly send the replaced "public key" as user B. The public key used by user A to send letters has been changed. In fact, it is another public key generated by user C disguised as user B ... so that no one will be suspicious, but in this way, after receiving the letter from user A, user B cannot decrypt it with his own private key. To make matters worse, user C can forge the signature of user B to send a letter to user A or others, because the public key in user A's hand is forged, and user A will think it is really a letter from user B.
The best way to prevent this is to avoid giving anyone else a chance to tamper with the public key, but it is very difficult to do so. One way is to get his public key directly from user B, but it is impossible when he is far away or can't be contacted in time.
But PGP proposed a public key introduction mechanism to solve this problem. The idea is this: If user A and user B have a friend D, and D knows that the public key of B in his hand is correct. In this way, D becomes a notary between user A and user B. In order to prevent others from tampering with his public key, user B uploads his own public key signed by D to BBS for users to obtain. If user A wants to get user B's public key, he must first get D's public key to decrypt BBS, or get D's public key of B on the Internet, which is equivalent to double insurance. It is generally impossible to tamper with it without being discovered by users, even BBS administrators. This is a secure way to transmit public keys from public channels.
Having said that, some people may think that notarization by only one signature is a bit small. Of course, PGP takes this into account by collecting their own public keys signed by different people and sending them to public places, so that most people can know at least one of them, thus indirectly authenticating users' public keys. After signing his public key, the same user should send it back to his friends, so that he can get the authentication of other friends of the user through this user. It's interesting, just like the communication between people in real society. PGP will automatically classify the public keys obtained by users into different trust levels according to which ones are introduced by friends, for users to refer to and decide their own trust levels. You can also specify that someone has several levels of ability to forward public keys, which decreases with the transmission of authentication.
How to obtain the public key of D or other signature friends safely? The public key of D or other signature friends obtained by user A may also be false, but this requires that this user C must be familiar with three of you or even many people. This is unlikely and requires long-term planning. Of course, if we must pursue this point, it is that an organization that everyone generally trusts will play this role. He is called a certification authority, and every public key he signs is considered to be true, so everyone only needs to have his public key. It is convenient to authenticate this person's public key because he provides this service widely, and it is extremely difficult to impersonate his public key because his public key is widely circulated. Such "authority" applies to non-personal control organizations or government agencies-this is the CA we discussed earlier.
22. Digital envelopes
Digital envelope is a message encryption mechanism that comprehensively uses symmetric algorithm, asymmetric algorithm, message digest algorithm and digital signature. Why should this mechanism be introduced? This is because:
1, the symmetric algorithm is faster, generally about three orders of magnitude faster than the asymmetric algorithm with the same security strength. However, symmetric algorithms need to exchange keys through secure channels (or negotiate keys, or agree on keys in advance) before they can communicate.
2. The speed of asymmetric algorithm is slow, but its advantage is that both communication parties don't have to agree on the key in advance.