RHCA笔记 333—1 加解密


1.Hashed
Commonly used to store passwords
Converts an input string of any length to an output string of fixed length
One-way:not feasible to get plaintext from hash
Collision-free:not feasibleto find two strings that hash to the same output
Algorithms:CRC-32,MD5,SHA-1,SHA-256,etc.
CRC-32 is not cryptographically secure
Utilities:sha1sum,md5sum,chsum,openssl dgst
Examples
To hash file see if it changed
md5sum file
同一文件,只要没有被修改,无论用md5加密多少次,所得字符串都一致
sha1sum file
openssl dgst -sha1

2.Message Authentication Codes(消息认证码)
MAC is used to maintain the integrity of a network communication,preventing message from tampering
Attacker needs secret key to forge MAC
MAC funtion uses a shared secret key to generate MAC
CBC-MAC:use block cipher to construct
Encrypt the message in CBC mode and use last block
HMAC:use keyed cryptographic hash
HMAC(secret key,message)

3.User Authentication
Cryptographic hash of account password is stored
By adding random “salt” to password ,two users with the same password will have different password hashes
MD5-based hash by default,old modified DES version also availble
System hashes password given to login
If passwords match,user is authenticated
Utilities:password,openssl,openssl passwd -1

4.Asymmetric Encryption(非对称加密)
Public key to encrypt,private key to decrypt
Public means public,private means private
Partial solution to key distribution problem
Can give the public key to everybody
Algorithms:RSA,ElGamal
RSA is limited in the size of the message( So,it is common to use RSA to transmit a secret symmetric session key securely,and switch to the fast免费云主机域名er symmetric secret key
Utilities:gpg openssl rsautl

Examples
Generate RSA key
openssl genrsa 1024 > secret.key
Extract public key from secret key
openssl rsa -puboutn-in secret.key > public.key
echo ‘My secret message .’ > tomylove.txt
Encrypt using public key
openssl rsautl -encrypt -pubin -inkey public.key -in tomylove.txt -out tomylove.encrypt
Decrypt using secret key
openssl rsautl -decrypt -inkey secret.key -in tomylove.enc -out tomylove.txt
使用RSA实现加密的例子
生成bob的私钥,存放到secret.key文件中
从私钥中提取公钥,存放到public.key文件中
切换到alice用户,生成自己的公私钥
现在bob要给alice发送加密消息:
bob用alice的公钥给alice发送加密消息,alice收到消息后,用自己的私钥解密即可
现在alice将自己的公钥发送给bob
bob现在使用alice的公钥将要发送的文件tomylove.txt加密
使用GPG实现加密的例子
Generate GPG keys
pgp –gen-key(RSA encrypt and sign)
Export public key
gpg –export -a > pulic.key
echo ‘My secret message.’ > tomylove.txt
Encrypt using public key
gpg -r keyID -e tomylove.txt(you got tomylove.gpg)
Import public key
gpg –import public.key
Decrypt using secret key
gpg -r keyID -o tomylove.txt -d tomylove.gpg

相关推荐: linux中finger找不到如何解决

这篇文章主要介绍了linux中finger找不到如何解决的相关知识,内容详细易懂,操作简单快捷,具有一定借鉴价值,相信大家阅读完这篇linux中finger找不到如何解决文章都会有所收获,下面我们一起来看看吧。 linux中finger找不到的解决方法:1、将…

免责声明:本站发布的图片视频文字,以转载和分享为主,文章观点不代表本站立场,本站不承担相关法律责任;如果涉及侵权请联系邮箱:360163164@qq.com举报,并提供相关证据,经查实将立刻删除涉嫌侵权内容。

(0)
打赏 微信扫一扫 微信扫一扫
上一篇 01/26 12:20
下一篇 01/26 12:20