"Rukawa Kaede, you are so handsome" is called plaintext, which needs to be turned into ciphertext by some encryption algorithm, and this encryption algorithm must be public, otherwise it will have no promotion significance.
If the encryption algorithm is similar to a function, then some information unique to me must be passed in as parameters to make the encryption result different. This is the key.
Haruko intends to provide a key K A, which is a string. As a part of the encryption algorithm, M represents plaintext, K A (m) represents ciphertext obtained by encrypting M with K A, and Rukawa Kaede will also have a K B. The plaintext M is obtained by the decryption algorithm of K B (K A (M)) = M M.
When K A ==K B, this is a symmetric key system.
When K A! =K B, this is a public key system.
The knowledge of cryptography is very extensive, so this paper does not study how the specific encryption algorithm is encrypted. By default, using this encryption algorithm can make eavesdroppers unable to crack it.
There are three different attacks to crack ciphertext.
All these haruko thought of it, so she began to think about encryption methods.
In ancient times, Caesar's password was to shift the English letters to the right by K.
Then "I love you" will become "s gktc wky"
Of course, this method can be cracked by statistical methods, because E appears most frequently in English. As long as Sakuragi collects enough ciphertext, it can be counted who is E, and other letters are similar.
There is only one unknown k in a single code, and then all the letters are moved by k bits.
Obviously, multiple k's can be used, with the first sentence being k 1 and the second sentence being k2.
When encrypting, we can use the sequence of 1, 2, 2, 1, 2 to cycle.
The first letter k==5, the second and third letters k== 19, the fourth letter k==5 and the fifth letter k== 19.
Then cycle in turn, and you can crack the statistical law.
Of course, these are all simple ways to start using symmetric encryption. In modern times, there are two main ways of symmetric encryption, stream cipher and block cipher. Because the password will be sent in clear text when it is sent to the computer remotely, it is easy to be stolen.
How about I use an encrypted password?
Similarly, Sakuragi doesn't care whether the password is a paragraph or a random number.
The root cause of the above failure is that Rukawa Kaede can't judge whether Haruko is still online. If Haruko is still online, Sakuragi can't disguise Haruko's ip address.
So judging whether Haruko is online is the key.
Using nonce means that it is used only once in the lifetime of the protocol.
Rukawa Kaede will initially select a random number r and send it to Haruko.
Then Haruko encrypts this random number with the symmetric key K that they both have, and then Rukawa Kaede decrypts it.
If R is decrypted, it proves that Haruko is the opposite, because only he has the key, but Sakuragi doesn't!
Https adds a layer of SSL (Secure Sockets Layer) to http. Chinese is the Secure Sockets Layer. Pay attention to the correct sentence break.
So, the whole SSL step is like this.
Articles 3 and 4 may be difficult to understand. Their main purpose is to get the same encryption key and hash key for both parties. Why do they each have two? Because from a security point of view,
Haruko needs an encryption key to send it to Rukawa Kaede.
Rukawa Kaede sent haruko a different encryption key.
There are also two hash keys to maintain the integrity of the document.
As for the former master key and master key, they are only steps to generate the last four keys, but this thing cannot be given to a third party, so it needs to be generated like that.
Articles 5 and 6 seem a bit redundant, but think about this situation. In the first article, Sakuragi intercepted the list and deleted some powerful encryption algorithms (such as DES, AES AES), because no key was generated at this time, and Haruko sent plaintext.
Then change the encryption algorithm to a weaker one (such as Caesar password? )
Therefore, in order to ensure the integrity of the message sent by Haruko in the first article, the MAC of all messages before concatenation is sent in the fifth article (at this time, the key is already available, which ensures the integrity and security), and the server also MAC the message sent by Haruko, and then compares the two Macs. If it is not the same, it proves that the first one has been tampered with! !