Ciphertext is relative to plaintext. Plaintext is actually the message you want to convey, and plaintext becomes ciphertext after being encrypted. Ciphertext is actually a vocabulary for information security. Let me introduce it to you.

The history of the development of information security

The birth of communications security science

The Caesar cipher during the ancient Roman Empire: able to transform plain text information into something that people cannot understand String, (ciphertext), when the ciphertext is transmitted to the partner, it can be easily restored to the original plaintext form. The Caesar cipher is obtained by rotating the plaintext letters by 3 bits.

In 1568, L. Battista invented the multi-table substitution cipher, which was used by the coalition forces during the American Civil War. Examples: Vigenere cipher and Beaufort cipher

In 1854, Playfair invented a multi-letter substitution cipher, which was used by the British in World War I. Example: Hill cipher, multi-table, multi-letter substitution ciphers have become the mainstream of classical cryptography.

The development of cryptography technology (cryptanalysis): Example: In 1918, W. Friedman used the coincidence index to decipher multiple tables instead of cryptography technology as a milestone. In 1949, C. Shannon's article "Communication Theory of Security Systems" was published in Bell System Technology Magazine. These two results laid the foundation for the scientific research of cryptography. From art to science. In fact, this was the birth of the science of communications security, in which cryptography was the core technology.

Public key cryptography revolution

Twenty-five years later, in the 1970s, IBM's DES (American Data Encryption Standard) and Diffie-Hellman in 1976 proposed the public key Cryptozoological ideas, the proposal of the public key cryptographic algorithm RSA in 1977 injected new vitality into the development of cryptography.

Public key cryptography set off a revolution and made three contributions to information security: for the first time, it characterized the strength of cryptographic algorithms in terms of computational complexity, breaking through the limitations of Shannon who only cared about theoretical strength; The confidentiality requirements in the management of two keys in traditional cryptographic algorithms are transformed into requirements to protect the confidentiality of one of the keys and the integrity of the other; it changes the key ownership in the traditional cryptographic algorithms from two communicating parties to one. Separate users, thus greatly reducing the complexity of key management.

The proposal of public key cryptography, please note: First, the research on cryptography has gradually transcended the scope of data communication confidentiality, and carried out research on data integrity, digital signature and other technologies; second, with the development of computers With the development of the Internet and the Internet, cryptography has gradually become an important pillar of computer security and network security, making data security a brand-new content of information security, surpassing the previous dominance of physical security in computer security.

Access control technology and trusted computer evaluation criteria

In 1969, B. Lampson proposed the access control model.

In 1973, D. Bell and L. Lapadula created a computer operation model to simulate military security strategies. This is the earliest and most commonly used computer multi-level security model.

In 1985, the U.S. Department of Defense proposed the Trusted Computer Assessment Criteria (commonly known as the Orange Book) based on the Bell-Lapadula model. According to the security protection capabilities of computer systems, they are divided into 8 levels.

In 1987, the Clark-Wilson model was proposed for integrity protection and commercial applications.

Information Assurance

In October 1998, the U.S. National Security Agency (NSA) promulgated the Information Assurance Technical Framework Version 1.1. On February 6, 2003, the U.S. Department of Defense (DOD) Information Assurance Implementation Order 8500.2 was promulgated, making information assurance the established guiding ideology for U.S. defense organizations to implement information operations.

Information assurance (IA: information assurance): Protect information systems by ensuring the availability, integrity, identifiability, confidentiality and repudiation of information, while introducing protection, detection and response capabilities to provide information The system provides recovery functionality. This is the information assurance model PDRR.

Protect protection, detect detection, react response, restore recovery

The advancement of the U.S. information assurance technology framework has made people realize that their understanding of information security should not stay within the framework of protection. At the same time, attention needs to be paid to the detection and response capabilities of the information system.

In 2003, China issued the "Opinions of the National Information Leading Group on Information Security Assurance Work", which is a guiding document for the country to elevate information security to a strategic level

Information confidentiality Technical research results:

Develop various cryptographic algorithms and their applications:

DES (Data Encryption Standard), RSA (Public Key System), ECC (Elliptic Curve Discrete Logarithm) Cryptosystem) etc.

Computer information system security model and security evaluation criteria:

Access monitor model, multi-level security model, etc.; TCSEC (Trusted Computer System Evaluation Criteria), ITSEC (Information Technology Security evaluation criteria), etc.

Encryption

Encryption is a means of recombining information so that only the sender and receiver can decode and restore the information.

Traditional encryption systems are key-based, which is a type of symmetric encryption, that is, users use the same key to encrypt and decrypt.

Currently, with the advancement of technology, encryption is gradually being integrated into systems and networks, such as the next-generation Internet Protocol IPv6 being developed by the IETF. In terms of hardware, Intel is also developing encryption co-processors for PCs and server motherboards.

Identity Authentication (Authentication)

The firewall is the first line of defense of the system to prevent the intrusion of illegal data, while the function of the security check is to prevent illegal users. There are many ways to verify the legitimacy of a user, passwords are the most commonly used, but this method often fails because many users use words or phrases that are easily guessed as passwords. Other methods include recognition of human physiological characteristics (such as fingerprints), smart IC cards and USB disks.

Digital Signature

Digital signatures can be used to prove that a message is indeed signed by the sender, and when a digital signature is used for stored data or programs, it can Used to verify the integrity of data or programs.

The Digital Signature Standard (DSS) adopted by the U.S. government uses a secure hash algorithm. Using this algorithm to calculate the processed information, a 160-bit digital string can be obtained. This digital string is combined with the key of the information in a certain way to obtain a digital signature.

Content Inspection

Even with firewalls, authentication and encryption, people still worry about being attacked by viruses. Some viruses spread through emails or ActiveX and Java applets downloaded by users. After the virus-containing Applet is activated, it may automatically download other Applets. Existing anti-virus software can remove E-mail viruses. There are also some methods to deal with new Java and ActiveX viruses, such as improving the firewall so that it can monitor the operation of Applets, or adding labels to Applets to let users know their origins.

Introducing some encryption knowledge

Key encryption/decryption system model

In 1976, Diffie and Hellman published their paper "New Directions in Cryptography" [ 9] Before, the so-called cryptography referred to symmetric key cryptography systems. Because encryption/decryption uses the same key, it is also called a single-key cryptosystem.

This type of algorithm has a long history. From the earliest Caesar cipher to the most commonly used DES cipher algorithm, they are all single-key cryptosystems.

Usually, a key encryption system includes the following parts:

① Message space M (Message)

② Ciphertext space C (Ciphertext)< /p>

③ Key space K (Key)

④ Encryption algorithm E (Encryption Algorithm)

⑤ Decryption algorithm D (Decryption Algorithm)

The message M in the message space (called plaintext) is encrypted by an encryption algorithm controlled by the encryption key K1 to obtain the ciphertext C. The ciphertext C can recover the original plaintext M through the decryption algorithm controlled by the decryption key K2. That is:

EK1(M)=C

DK2(C)=M

DK2(EK1(M))=M

Concept:

When the encryption key of the algorithm can be deduced from the decryption key, or conversely, the decryption key can be deduced from the encryption key, the algorithm is called a symmetric algorithm, also known as Secret key algorithm or single key algorithm;

When the encryption key and decryption key are different and one key cannot be deduced from the other key, the algorithm is called a public key algorithm.

1.Caesar cipher transformation

The more general shift substitution cipher transformation is

Encryption: E(m)=(m+k) mod 26

Decryption: D(c)=(c-k) mod 26

2. Substitution cipher

In the substitution cipher, the letters of the plaintext and ciphertext remain the same , but the order is disrupted. In a simple column substitution cipher, the plaintext is written horizontally on a piece of chart paper with a fixed width, and the ciphertext is read vertically; decryption is to write the ciphertext vertically on the chart paper with the same width, and then Read plain text horizontally. For example:

Plain text: encryption is the transformation of data into some unreadable form

Cryptotext: eiffob nsodml ctraee rhmtuf yeaano pttirr trinem iaota onnod nsosa

20th century In the 1940s, Shannon proposed a commonly used assessment concept. It is particularly believed that a good encryption algorithm should have fuzziness and diffusion.

Fuzziness: The encryption algorithm should hide all local patterns, that is, any identifying characters of the language should be obscured, and the encryption method should hide suggestive language features that may lead to cracking the key;

p>

Diffusion: Encryption is required to mix different parts of the ciphertext so that no character is in its original position.

The reason why the encryption algorithm is easy to crack is that these two Shannon conditions are not met.

Data Encryption Standard (DES)

The DES algorithm turns a 64-bit plaintext input block into a 64-bit ciphertext output block. The key it uses is also 64-bit. The function is to recombine the input 64-bit data blocks bit by bit, and divide the output into two parts, L0 and R0, each part is 32 bits long, after 16 iterations. Obtain L16 and R16, take this as input, perform inverse permutation, and obtain the ciphertext output. The inverse permutation is just the inverse operation of the initialization.

I can’t put up a picture for the specific method, I’m sorry

The DES algorithm can be summarized as follows:

Sub-secret Key generation:

C[0]D[0] = PC–1(K)

for 1 <= i <= 16

{C[ i] = LS[i](C[i?1])

D[i] = LS[i](D[i?1])

K[i] = PC–2(C[i]D[i])}

Encryption process:

L[0]R[0] = IP(x)

< p>for 1 <= i <= 16

{L[i] = R[i?1]

R[i] = L[i?1] XOR f? (R[i?1], K[i])}

c= IP?1(R[16]L[16])v

Decryption process:

R[16]L[16] = IP(c)

for 1 <= i <= 16

{R[i?1] = L[i ]

L[i?1] = R[i] XOR f?(L[i], K[i])}

x= IP?1(L[0 ]R[0])

DES uses a 56-bit key to encrypt a 64-bit data block and performs 16 rounds of encoding on the 64-bit data block. With per-round encoding, a 48-bit "per-round" key value is derived from the 56-bit full key. DES took a long time to decode using software, while hardware decoding was very fast, but fortunately most hackers at the time did not have enough equipment to create such hardware.

In 1977, it was estimated that it would cost $20 million to build a special computer for DES decryption, and that it would take 12 hours to crack the code to get the result. Therefore, DES was considered a very strong encryption method at that time. But today's computers are getting faster and the cost of building a special machine like this has dropped to around $100,000, so using it to protect a billion dollars of interbank cables requires careful consideration. On the other hand, if you only use it to protect one server, then DES is indeed a good method, because hackers will never spend so much money to crack the DES ciphertext just to invade a server.

Since it is now possible to build a special computer that can decipher DES for $200,000, it is no longer applicable to situations that require "strong" encryption

Misunderstandings in the application of the DES algorithm

The DES algorithm has extremely high security. So far, apart from using the exhaustive search method to attack the DES algorithm, no more effective method has been found. The exhaustive space of a 56-bit key is 256, which means that if a computer is capable of detecting one million keys per second, it will take nearly 2285 years to search for all keys. , it can be seen that this is difficult to achieve. Of course, with the development of science and technology, when ultra-high-speed computers appear, we can consider increasing the length of the DES key to achieve a higher level of confidentiality.

From the above introduction to the DES algorithm, we can see that only 56 bits of the 64-bit key are used in the DES algorithm, while the 8th, 16th, 24th,...64th bit 8 The single digit does not participate in the DES operation. This point puts forward an application requirement for us, that is, the security of DES is based on the combination of the remaining 56 bits except 8, 16, 24,...64 bits. Change 256 is guaranteed. Therefore, in practical applications, we should avoid using the 8th, 16th, 24th,...64th bits as valid data bits, and use the other 56 bits as valid data bits to ensure that the DES algorithm is safe and reliable. play a role. If you don't understand this and use 8, 16, 24,...64 bits of the key as valid data, you will not be able to guarantee the security of DES encrypted data, which will cause problems for systems that use DES to achieve confidentiality. The danger of data being deciphered is exactly the misunderstanding in the application of the DES algorithm, leaving a great hidden danger of being attacked and deciphered.

A5 algorithm

Introduction to sequence ciphers

Sequence ciphers, also known as stream ciphers, divide plaintext into characters (such as single letters) or the basic units of their encoding (such as 0, 1), then it is used with the key stream to encrypt, and decryption is implemented with the same key stream generated synchronously.

The strength of sequence cryptography depends entirely on the randomness and unpredictability of the sequence generated by the key stream generator. The core issue is the design of the key stream generator. Maintaining accurate synchronization of key streams at both the sending and receiving ends is a key technology to achieve reliable decryption.

A5 algorithm

The A5 algorithm is a sequence cipher. It is an encryption algorithm specified in the European GSM standard. It is used for the encryption of digital cellular mobile phones from the user equipment to the base station. links between. There are many types of A5 algorithms, mainly A5/1 and A5/2. Among them, A5/1 is a strong encryption algorithm and is suitable for European regions; A5/2 is a weak encryption algorithm and is suitable for regions outside Europe. The A5/1 algorithm will be discussed in detail here.

The main components of the A5/1 algorithm are three linear feedback shift registers (LFSR) of different lengths R1, R2 and R3, whose lengths are 19, 22 and 23 respectively. The three shift registers are shifted left under the control of the clock. After each left shift, the lowest bit of the register is filled with the XOR bits of some bits in the register. The feedback polynomial of each register is:

R1: x18+x17+x16+x13

R2: x21+x20

R3: x22+x21+x2 The input of the x7

A5 algorithm is a 64-bit session key Kc and a 22-bit random number (frame number).

IDEA

IDEA is the International Data Encryption Algorithm, and its prototype is PES (Proposed Encryption Standard). The new algorithm improved on PES was called IPES, and was renamed IDEA (International Data Encryption Algorithm) in 1992.

IDEA is a block cipher algorithm with a block length of 64 bits and a key length of 128 bits. The same algorithm can be used for encryption and decryption.

IDEA's encryption process includes two parts:

(1) The input 64-bit plaintext group is divided into four 16-bit sub-groups: X1, X2, X3 and X4. The four sub-groups are used as the input of the first round of the algorithm, and a total of eight rounds of iterative operations are performed to produce a 64-bit ciphertext output.

(2) The input 128-bit session key generates 52 subkeys required for eight rounds of iterations (six are required for each round of eight rounds of operation, and four are used for output transformation)

p>

Subkey generation: The input 128-bit key is divided into eight 16-bit subkeys (as the six for the first round of operation and the first two keys for the second round of operation); the 128-bit key is After rotating left by 25 bits, eight more subkeys are obtained (the first four are used for the second round, and the last four are used for the third round). This process is repeated until all keys are generated.

The decryption process of IDEA is the same as the encryption process, but the requirements for subkeys are different.

The following table gives the encryption subkeys and corresponding decryption subkeys.

The keys satisfy:

Zi(r) ⊙ Zi(r) ?1=1 mod (216+1) Zi(r) ?+? Zi(r) = 0 mod (216+1)

Blowfish algorithm

Blowfish was designed by Bruce Schneier and can be used for free.

Blowfish is a 16-round block cipher with a plaintext block length of 64 bits and a variable-length key (from 32 to 448 bits). The Blowfish algorithm consists of two parts: key expansion and data encryption.

1. Data Encryption

The data encryption process goes through 16 rounds of iterations, as shown in the figure. The specific description is (divide plaintext x into two parts of 32 bits: xL, xR)

for i = 1 to 16

{

xL = xL XOR Pi

xR = F(xL) XOR xR

if

{

Exchange xL and xR

}

}

xR = xR XOR P17

xL = xL XOR P18

Merge xL and xR

Among them, the P array is 18 32-bit sub-keys P1, P2,..., P18.

The decryption process is exactly the same as the encryption process, except that the keys P1, P2,..., P18 are used in reverse order.

2. Function F

Divide xL into four 8-bit subgroups: a, b, c and d, and send them to four S boxes respectively, each S box is 8 bits Input, 32-bit output. The outputs of the four S boxes are combined into a 32-bit output through certain operations. The operation is

F(xL) =((S1,a + S2,b mod 232) XOR S3,c) + S4, d mod 232

Among them, Si,x represents the output of subgroup x (x=a, b, c or d) passing through Si (i=1, 2, 3 or 4) box.

There isn’t much space to write about it, so I won’t list the entire process, so I’ll just briefly introduce it.

GOST algorithm

GOST is a block cipher algorithm designed by the former Soviet Union and adopted by the National Bureau of Standards of the former Soviet Union. The standard number is: 28147–89[5].

GOST's message grouping is 64 bits, the key length is 256 bits, and there are some additional keys, using 32 rounds of iteration.

RC5 algorithm

RC5 is a block cipher system with variable block length, key length and encryption iteration rounds. The RC5 algorithm consists of three parts: key expansion, encryption algorithm and decryption algorithm.

PKZIP algorithm

The PKZIP encryption algorithm is a sequence cipher algorithm that encrypts one byte at a time and has a variable key length. It is embedded in the PKZIP data compression program.

This algorithm uses three 32-bit variables key0, key1, key2 and an 8-bit variable key3 derived from key2. Key0, key1, and key2 are initialized by the key and updated by the plaintext during the encryption process. The main function of PKZIP sequence password is update_keys(). This function updates three 32-bit variables and obtains key3 based on the input bytes (usually plain text).

Key points: one-way hash function

MD5 algorithm

The full name of md5 is message-?digest?algorithm?5 (message-digest algorithm). It was developed by ronald l.rivest of mit laboratory for computer science and rsa data security inc in the early 1990s, and evolved from md2, md3 and md4. Its function is to allow large-capacity information to be "compressed" into a confidential format (that is, to convert a byte string of any length into a large integer of a certain length) before signing the private key with digital signature software. Whether it is md2, md4 or md5, they all need to obtain a random length of information and generate a 128-bit information digest. Although the structures of these algorithms are more or less similar, the design of md2 is completely different from md4 and md5. That is because md2 is designed and optimized for 8-bit machines, while md4 and md5 are designed for 32-bit machines. ?brain.

rivest developed the md2 algorithm in 1989.

In this algorithm, the information is first padded with data so that the byte length of the information is a multiple of 16. Then, a 16-bit checksum is appended to the end of the message. And calculate the hash value based on this newly generated information. Later, rogier and chauvaud discovered that md2 conflicts would occur if the checksum was omitted. The encrypted result of the md2 algorithm is unique - neither duplicated. ? In order to enhance the security of the algorithm, rivest developed the md4 algorithm in 1990. The md4 algorithm also needs to pad the information to ensure that the byte length of the information plus 448 can be divisible by 512 (the information byte length mod?512?=?448). Then, a 64-bit binary representation of the original length of the message is added. Information is processed into blocks of 512-bit damg?rd/merkle iterations, and each block is processed in three different steps. Den? Boer and bosselaers and others quickly discovered vulnerabilities that attacked the first and third steps of the md4 version. Dobbertin shows how you can use an ordinary PC to find a conflict in the full version of md4 in a few minutes (this conflict is actually a vulnerability that will lead to the encryption of different content but the same Encrypted result). There is no doubt that md4 has been eliminated. ? Although the md4 algorithm has such a big security loophole, it has a guiding role that cannot be ignored in the emergence of several information security encryption algorithms that were later developed. In addition to md5, the more famous ones include sha-1, ripe-md and haval. ?

A year later, in 1991, rivest developed the md5 algorithm, which was more technically mature. It adds the concept of "safety-belts" on the basis of md4. Although md5 is slightly slower than md4, it is more secure. This algorithm obviously consists of four steps that are slightly different from the md4 design. In the md5 algorithm, the necessary conditions for the size and padding of the message-digest are exactly the same as for md4. Denboer and Bosselaers discovered pseudo-collisions in the md5 algorithm, but no other encryption results were discovered. Van?rschot and Wiener had considered a brute-force hash function that searched for collisions in hashes, and they speculated on a machine designed specifically to search for md5 collisions (this machine was introduced in 1994 (costing approximately $1 million to manufacture) can find a conflict every 24 days on average. But in the 10 years from 1991 to 2001, there was no md6 that replaced the md5 algorithm or a new algorithm called something else. We can see that this flaw did not affect the security of md5 too much. . All of the above are not enough to be a problem for md5 in practical applications. Moreover, since the use of the md5 algorithm does not require the payment of any copyright fees, under normal circumstances (not in top-secret application fields. But even if it is applied in top-secret fields, md5 can be regarded as a very excellent intermediate technology). md5 should be considered very safe anyway.

Algorithm

MD stands for Message Digest. MD5 is an improved version of MD4. This algorithm generates a 128-bit hash value (or message digest) for the input message of any length. The MD5 algorithm can be represented by Figure 4-2.

A brief description of the md5 algorithm can be : md5 uses 512-bit groups to process the input information, and each group is divided into 16 32-bit sub-groups. After a series of processing, the output of the algorithm consists of four 32-bit groups. These four 32-bit sub-groups are Bit group concatenation will produce a 128-bit hash value?

1) Additional padding bits

First pad the message so that its length is 64 bits less than a multiple of 512. number. Padding method: pad one bit of 1 after the message, and then pad the required number of 0s. The number of padding bits ranges from 1 to 512.

2) Append length

Append the 64-bit representation of the original message length to the end of the padded message. When the original message length is greater than 264, it is filled with the message length mod 264. At this time, the message length is exactly an integer multiple of 512. Let M[0 1…N?1] be each word of the filled message (each word is 32 bits), and N is a multiple of 16.

3) Initialize MD buffer

Initialize the 128-bit buffer used to calculate the message digest. This buffer is represented by four 32-bit registers A, B, C, and D.

The initialization value of the register is (stored in order of low-order byte first):

A: 01 23 45 67

B: 89 ab cd ef

C: fe dc ba 98

D: 76 54 32 10

4) Process the input message in 512-bit groups

This step is the main loop of MD5 , including four wheels, as shown in Figure 4-3. Each cycle takes the currently processed 512-bit packet Yq and the 128-bit buffer value ABCD as input, and then updates the buffer content.

The difference between the four rounds of operations is that the nonlinear functions used in each round are different. Before the first round of operations, A, B, C, and D are first copied to other variables a, b, and c. , d. These four nonlinear functions are (their input/output are all 32-bit words):

F(X,Y,Z) = (XY)((~X) Z)

G(X,Y,Z) = (XZ)(Y(~Z))

H(X,Y,Z) = XYZ

I(X, Y,Z) = Y(X(~Z))

Among them, means bitwise AND; means bitwise OR; ~ means bitwise inversion; means bitwise XOR.

In addition, as shown in Figure 4-4, a table T[1..64] with 64 elements is also used in this step, T[i]=232×abs(sin(i) ), the unit of i is radians.

Based on the above description, the process of this step is summarized as follows:

for i = 0 to N/16?1 do

/* each time Process 16 words in a loop, that is, a 512-byte message group*/

/*Divide the i-th word block (512 bits) into 16 32-bit sub-groups and copy them to X*/

for j = 0 to 15 do

Set X[j] to M[i*16+j]

end /*j loop*/

< p>/*Save A as AA, B as BB, C as CC, and D as DD*/

AA = A

BB = B

CC = C

DD = D /* First round*/

/* Let [abcd k s i] represent the operation

a = b + ((a + F(b,c,d) + /

/* Complete the following 16 operations*/

[ABCD 0 7 1 ?] [DABC 1 12 2 ?] [CDAB 2 17 3 ?] [BCDA 3 22 4 ?]

[ABCD 4 7 5 ?] [DABC 5 12 6 ?] [CDAB 6 17 7 ?] [BCDA 7 22 8 ?]

[ABCD 8 7 9 ? ] [DABC 9 12 10] [CDAB 10 17 11] [BCDA 11 22 12]

[ABCD 12 7 13] [DABC 13 12 14] [CDAB 14 17 15] [BCDA 15 22 16]

/* Second round*/

/*Let [abcd k s i] represent the operation

a = b + ((a + G(b,c ,d) + X[k] + T[i]) <<< s)*/

/*Complete the following 16 operations*/

[ABCD 1 5 17] [DABC 6 9 18] [CDAB 11 14 19] [BCDA 0 20 20]

[ABCD 5 5 21] [DABC 10 9 22] [CDAB 15 14 23] [BCDA 4 20 24]< /p>

[ABCD 9 5 25] [DABC 14 9 26] [CDAB 3 14 27] [BCDA 8 20 28]

[ABCD 13 5 29] [DABC 2 9 30] [ CDAB 7 14 31] [BCDA 12 20 32]

/*Third round*/

/*Let [abcd k s t] represent the operation

a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s)*/

/*Complete the following 16 operations*/

[ABCD 5 4 33] [DABC 8 11 34] [CDAB 11 16 35] [BCDA 14 23 36]

[ABCD 1 4 37] [DABC 4 11 38] [CDAB 7 16 39] [BCDA 10 23 40]

[ABCD 13 4 41] [DABC 0 11 42] [CDAB 3 16 43] [BCDA 6 23 44]

[ABCD 9 4 45] [DABC 12 11 46] [CDAB 15 16 47] [BCDA 2 23 48]

/*Fourth round*/

/*Order[abcd k s t] Represents the operation

a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s) */

/*Complete the following 16 operations*/

[ABCD 0 6 49] [DABC 7 10 50] [CDAB 14 15 51] [BCDA 5 21 52]

[ABCD 12 6 53] [DABC 3 10 54] [CDAB 10 15 55] [BCDA 1 21 56]

[ABCD 8 6 57] [DABC 15 10 58] [CDAB 6 15 59] [BCDA 13 21 60]

[ABCD 4 6 61] [DABC 11 10 62] [CDAB 2 15 63] [BCDA 9 21 64]

A = A + AA

< p> B = B + BB

C = C + CC

D = D + DD

end /*i loop*/

< p>5) Output

The output of the four registers A, B, C, and D is in the order of low-order byte first (that is, starting with the low-order byte of A and ending with the high-order byte of D) Get a 128-bit message digest.

The above is the description of the MD5 algorithm. The operations of the MD5 algorithm are all basic operations, which are relatively easy to implement and very fast.

Secure Hash Function (SHA)

Algorithm

SHA is a Secure Hash Algorithm jointly designed by the US NIST and NSA. , used in the digital signature standard DSS (Digital Signature Standard). A modified version of SHA, SHA–1, was released in 1995 as the U.S. Federal Information Processing Standards Bulletin (FIPS PUB 180–1) [2].