版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)
文檔簡(jiǎn)介
1、<p><b> 中文3698字</b></p><p><b> A.英文原文</b></p><p> Core Java, Volume II--Advanced Features</p><p> When Java technology first appeared on the scene,
2、the excitement was not about a well-crafted programming language but about the possibility of safely executing applets that are delivered over the Internet (see Volume I, Chapter 10 for more information about applets). O
3、bviously, delivering executable applets is practical only when the recipients are sure that the code can't wreak havoc on their machines. For this reason, security was and is a major concern of both the designers and
4、 the users of </p><p> Three mechanisms help ensure safety:</p><p> ?Language design features (bounds checking on arrays, no unchecked type conversions, no pointer arithmetic, and so on).<
5、/p><p> ?An access control mechanism that controls what the code can do (such as file access, network access, and so on).</p><p> ?Code signing, whereby code authors can use standard cryptograp
6、hic algorithms to authenticate Java code. Then, the users of the code can determine exactly who created the code and whether the code has been altered after it was signed.</p><p> Below, you'll see the
7、cryptographic algorithms supplied in the java.security package, which allow for code signing and user authentication.</p><p> As we said earlier, applets were what started the craze over the Java platform.
8、In practice, people discovered that although they could write animated applets like the famous "nervous text" applet, applets could not do a whole lot of useful stuff in the JDK 1.0 security model. For example,
9、 because applets under JDK 1.0 were so closely supervised, they couldn't do much good on a corporate intranet, even though relatively little risk attaches to executing an applet from your company's secure intra&l
10、t;/p><p> To give more trust to an applet, we need to know two things:</p><p> ?Where did the applet come from?</p><p> ?Was the code corrupted in transit?</p><p> I
11、n the past 50 years, mathematicians and computer scientists have developed sophisticated algorithms for ensuring the integrity of data and for electronic signatures. The java.security package contains implementations of
12、many of these algorithms. Fortunately, you don't need to understand the underlying mathematics to use the algorithms in the java.security package. In the next sections, we show you how message digests can detect chan
13、ges in data files and how digital signatures can prove the iden</p><p> A message digest is a digital fingerprint of a block of data. For example, the so-called SHA1 (secure hash algorithm #1) condenses any
14、 data block, no matter how long, into a sequence of 160 bits (20 bytes). As with real fingerprints, one hopes that no two messages have the same SHA1 fingerprint. Of course, that cannot be true—there are only 2160 SHA1 f
15、ingerprints, so there must be some messages with the same fingerprint. But 2160 is so large that the probability of duplication occurring is negli</p><p> A message digest has two essential properties:</
16、p><p> ?If one bit or several bits of the data are changed, then the message digest also changes.</p><p> ?A forger who is in possession of a given message cannot construct a fake message that
17、has the same message digest as the original.</p><p> The second property is again a matter of probabilities, of course. Consider the following message by the billionaire father:"Upon my death, my prope
18、rty shall be divided equally among my children; however, my son George shall receive nothing."</p><p> That message has an SHA1 fingerprint of</p><p> 2D 8B 35 F3 BF 49 CD B1 94 04 E0 66
19、21 2B 5E 57 70 49 E1 7E</p><p> The distrustful father has deposited the message with one attorney and the fingerprint with another. Now, suppose George can bribe the lawyer holding the message. He wants to
20、 change the message so that Bill gets nothing. Of course, that changes the fingerprint to a completely different bit pattern:</p><p> 2A 33 0B 4B B3 FE CC 1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92</p>&
21、lt;p> Can George find some other wording that matches the fingerprint? If he had been the proud owner of a billion computers from the time the Earth was formed, each computing a million messages a second, he would no
22、t yet have found a message he could substitute.</p><p> A number of algorithms have been designed to compute these message digests. The two best-known are SHA1, the secure hash algorithm developed by the Na
23、tional Institute of Standards and Technology, and MD5, an algorithm invented by Ronald Rivest of MIT. Both algorithms scramble the bits of a message in ingenious ways. For details about these algorithms, see, for example
24、, Cryptography and Network Security, 4th ed., by William Stallings (Prentice Hall 2005). Note that recently, subtle regularities h</p><p> The Java programming language implements both SHA1 and MD5. The Mes
25、sageDigest class is a factory for creating objects that encapsulate the fingerprinting algorithms. It has a static method, called getInstance, that returns an object of a class that extends the MessageDigest class. This
26、means the MessageDigest class serves double duty:</p><p> ?As a factory class</p><p> ?As the superclass for all message digest algorithms</p><p> For example, here is how you
27、obtain an object that can compute SHA fingerprints:</p><p> MessageDigest alg = MessageDigest.getInstance("SHA-1");</p><p> (To get an object that can compute MD5, use the string &qu
28、ot;MD5" as the argument to getInstance.)</p><p> After you have obtained a MessageDigest object, you feed it all the bytes in the message by repeatedly calling the update method. For example, the follo
29、wing code passes all bytes in a file to the alg object just created to do the fingerprinting:</p><p> InputStream in = . . .</p><p><b> int ch;</b></p><p> while ((ch
30、 = in.read()) != -1)</p><p> alg.update((byte) ch);</p><p> Alternatively, if you have the bytes in an array, you can update the entire array at once:</p><p> byte[] bytes = . .
31、.;</p><p> alg.update(bytes);</p><p> When you are done, call the digest method. This method pads the input—as required by the fingerprinting algorithm—does the computation, and returns the di
32、gest as an array of bytes.</p><p> byte[] hash = alg.digest();</p><p> The program in Listing 9-15 computes a message digest, using either SHA or MD5. You can load the data to be digested from
33、 a file, or you can type a message in the text area. </p><p> Message Signing</p><p> In the last section, you saw how to compute a message digest, a fingerprint for the original message. If t
34、he message is altered, then the fingerprint of the altered message will not match the fingerprint of the original. If the message and its fingerprint are delivered separately, then the recipient can check whether the mes
35、sage has been tampered with. However, if both the message and the fingerprint were intercepted, it is an easy matter to modify the message and then recompute the fingerprint.</p><p> To help you understand
36、how digital signatures work, we explain a few concepts from the field called public key cryptography. Public key cryptography is based on the notion of a public key and private key. The idea is that you tell everyone in
37、the world your public key. However, only you hold the private key, and it is important that you safeguard it and don't release it to anyone else. The keys are matched by mathematical relationships, but the exact natu
38、re of these relationships is not importan</p><p> The keys are quite long and complex. For example, here is a matching pair of public and private Digital Signature Algorithm (DSA) keys.</p><p>
39、 Public key:</p><p> Code View:</p><p><b> p:</b></p><p> fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d
40、99151bdc43ee737592e17</p><p> q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5</p><p> g:678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0d
41、a20a6c416e50be794ca4</p><p><b> y:</b></p><p> c0b6e67b4ac098eb1a32c5f8c4c1f0e7e6fb9d832532e27d0bdab9ca2d2a8123ce5a8018b8161a760480fadd040b927281ddb22cb9bc4df596d7de4d1b977d50 <
42、/p><p> Private key:</p><p> Code View:</p><p><b> p:</b></p><p> fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12
43、ed0899bcd132acd50d99151bdc43ee737592e17</p><p> q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5</p><p><b> g:</b></p><p> 678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d64
44、86931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4</p><p> x: 146c09f881656cc6c51f27ea6c3a91b85ed1d70a</p><p> It is believed to be practically impossible to comp
45、ute one key from the other. That is, even though everyone knows your public key, they can't compute your private key in your lifetime, no matter how many computing resources they have available.</p><p>
46、 It might seem difficult to believe that nobody can compute the private key from the public keys, but nobody has ever found an algorithm to do this for the encryption algorithms that are in common use today. If the keys
47、are sufficiently long, brute force—simply trying all possible keys—would require more computers than can be built from all the atoms in the solar system, crunching away for thousands of years. Of course, it is possible t
48、hat someone could come up with algorithms for computing keys </p><p> Figure 9-12 illustrates how the process works in practice.</p><p> Suppose Alice wants to send Bob a message, and Bob want
49、s to know this message came from Alice and not an impostor. Alice writes the message and then signs the message digest with her private key. Bob gets a copy of her public key. Bob then applies the public key to verify th
50、e signature. If the verification passes, then Bob can be assured of two facts:</p><p> ?The original message has not been altered.</p><p> ?The message was signed by Alice, the holder of the
51、 private key that matches the public key that Bob used for verification.</p><p> You can see why security for private keys is all-important. If someone steals Alice's private key or if a government can
52、require her to turn it over, then she is in trouble. The thief or a government agent can impersonate her by sending messages, money transfer instructions, and so on, that others will believe came from Alice.</p>&
53、lt;p> The X.509 Certificate Format</p><p> To take advantage of public key cryptography, the public keys must be distributed. One of the most common distribution formats is called X.509. Certificates in
54、 the X.509 format are widely used by VeriSign, Microsoft, Netscape, and many other companies, for signing e-mail messages, authenticating program code, and certifying many other kinds of data. The X.509 standard is part
55、of the X.500 series of recommendations for a directory service by the international telephone standards body, the CCITT.</p><p> The precise structure of X.509 certificates is described in a formal notation
56、, called "abstract syntax notation #1" or ASN.1. Figure 9-13 shows the ASN.1 definition of version 3 of the X.509 format. The exact syntax is not important for us, but, as you can see, ASN.1 gives a precise def
57、inition of the structure of a certificate file. The basic encoding rules, or BER, and a variation, called distinguished encoding rules (DER) describe precisely how to save this structure in a binary file. That is,</p&
58、gt;<p> Cay S. Horstmann / Gary Cornell, Core Java, Volume II--Advance Features, Prentice Hall,2013-3-6</p><p><b> B.原文的翻譯</b></p><p> Java核心技術(shù) 卷Ⅱ高級(jí)特性&l
59、t;/p><p> 當(dāng)Java技術(shù)剛剛問(wèn)世時(shí),令人激動(dòng)的并不是因?yàn)樗且粋€(gè)設(shè)計(jì)完美的編程語(yǔ)言,而是因?yàn)樗軌虬踩剡\(yùn)行通過(guò)因特網(wǎng)傳播的各種applet。很顯然,只有當(dāng)用戶確信applet的代碼不會(huì)破壞他的計(jì)算機(jī)時(shí),用戶才會(huì)接受在網(wǎng)上傳播的可執(zhí)行的applet。正因?yàn)槿绱?,無(wú)論過(guò)去還是現(xiàn)在,安全都是設(shè)計(jì)人員和Java技術(shù)使用者所關(guān)心的一個(gè)重大問(wèn)題。這就意味著,Java技術(shù)與其他的語(yǔ)言和系統(tǒng)有所不同,在那些語(yǔ)言和系統(tǒng)中
60、安全是事后才想到要去實(shí)現(xiàn)的,或者僅僅是對(duì)破壞的一種應(yīng)對(duì)措施,而對(duì)Java技術(shù)來(lái)說(shuō),安全機(jī)制是一個(gè)不可分割的組成部分。</p><p> Java技術(shù)提供了以下三種確保安全的機(jī)制:</p><p> (1)語(yǔ)言設(shè)計(jì)特性(對(duì)數(shù)組的邊界進(jìn)行檢查,無(wú)不檢查類(lèi)型的轉(zhuǎn)換,無(wú)指針?biāo)惴ǖ龋?lt;/p><p> (2)訪問(wèn)控制機(jī)制,用于控制代碼能夠執(zhí)行的功能(比如文件訪問(wèn),網(wǎng)絡(luò)
61、訪問(wèn)等)。</p><p> (3) 代碼簽名,利用該特性,代碼的作者就能夠用標(biāo)準(zhǔn)的加密算法來(lái)表明Java代碼的身份。這樣,該代碼的使用者就能夠準(zhǔn)確地知道誰(shuí)創(chuàng)建了該代碼,以及代碼被標(biāo)識(shí)后是否被修改過(guò)。</p><p> 下面,我們要介紹java.security包提供的加密算法,用來(lái)進(jìn)行代碼的標(biāo)識(shí)和用戶身份認(rèn)證。</p><p> 正如我們前面所說(shuō),apple
62、t 是在Java平臺(tái)上開(kāi)始流行起來(lái)的。實(shí)際上,人們發(fā)現(xiàn)盡管他們可以編寫(xiě)像著名的“nervous text”那樣栩栩如生的applet,但是在JDK1.0安全模式下無(wú)法發(fā)揮其一整套非常有用的作用。例如,由于JDK1.0下的applet要受到嚴(yán)密的監(jiān)督,因此,即使applet在公司安全內(nèi)部網(wǎng)上運(yùn)行時(shí)的風(fēng)險(xiǎn)相對(duì)較小,applet也無(wú)法在企業(yè)內(nèi)部網(wǎng)上發(fā)揮很大的作用。Sun公司很快就認(rèn)識(shí)到,要使applet真正變得非常有用,用戶必須可以根據(jù)app
63、let的來(lái)源為其分配不同的安全級(jí)別。如果applet來(lái)自值得信賴(lài)的提供商,并且沒(méi)有被篡改過(guò),那么applet的用戶就可以決定是否給applet授予更多的運(yùn)行特權(quán)。</p><p> 如果要給予applet更多的信賴(lài),你必須知道下面兩件事:</p><p> (1)applet來(lái)自哪里?</p><p> (2)在傳輸過(guò)程中代碼是否被破壞?</p>
64、<p> 在過(guò)去的50年里,數(shù)學(xué)家和技術(shù)機(jī)科學(xué)家已經(jīng)開(kāi)發(fā)出各種各樣成熟的算法,用于確保數(shù)據(jù)和電子簽名的完整性,在java.security包中包含了許多這些算法的實(shí)現(xiàn)。在下面幾節(jié),我們將要介紹消息摘要是如何檢測(cè)數(shù)據(jù)文件中的變化的,以及數(shù)字簽名是如何證明簽名者的身份的。</p><p> 消息摘要是數(shù)據(jù)塊的數(shù)字指紋。例如,所謂的SHA1(安全散列算法#1)可將任何數(shù)據(jù)塊,無(wú)論其數(shù)據(jù)有多長(zhǎng),都?jí)嚎s為1
65、60位(20字節(jié))的序列。與真實(shí)的指紋一樣,人們希望任何兩條消息都不會(huì)有相同的SHA1指紋。當(dāng)然這是不可能的—因?yàn)橹淮嬖?160 個(gè)SHA1指紋,所有肯定會(huì)有某些消息具有相同的指紋。因?yàn)?160 是一個(gè)很大的數(shù)字,所以存在重復(fù)指紋的可能性微乎其微,那么這種重復(fù)的可能性到底小到什么程度呢?根據(jù)James Walsh在他的《True Odds:How Risks Affect Your Everyday Life》,Merritt Publ
66、ishing出版社1996年出版,一書(shū)中所闡述的,你和他們所有的人都死于雷擊的概率,比偽造的消息與原來(lái)消息具有相同的SHA1指紋的概率還要高。(當(dāng)然,可能有你不認(rèn)識(shí)的其他10個(gè)以上的人會(huì)死于雷擊,但這里我們討論的是你選擇的特定的人的死亡概率)。</p><p> 消息摘要具有兩個(gè)基本屬性: </p><p> (1)如果數(shù)據(jù)的1位或者幾位改變了,那么消息摘要也將改變。</p>
67、;<p> (2)擁有給定消息的偽造者不能創(chuàng)建與原消息具有相同摘要的假消息。</p><p> 當(dāng)然,第二個(gè)屬性又是一個(gè)概率問(wèn)題。讓我們來(lái)看看下面這位億萬(wàn)富翁下的遺囑:“我死了之后,我的財(cái)產(chǎn)將由我的孩子平分,但是,我的兒子George應(yīng)該拿不到一個(gè)子?!?lt;/p><p> 這份遺囑的SHA1指紋為:</p><p> 2D 8B 35 F3 B
68、F 49 CD B1 94 04 E0 66 21 2B 5E 57 70 49 E1 7E</p><p> 這位有疑心病的父親將這份遺囑交給一位律師保存,而將指紋交給另一位律師保存?,F(xiàn)在,假設(shè)George能夠賄賂那位保存遺囑的律師,他想修改這份遺囑,使得Bill一無(wú)所得。當(dāng)然,這需要將原指紋改為下面這樣完全不同的位模式:</p><p> 2A 33 0B 4B B3 FE CC
69、1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92</p><p> 那么George能夠找到與該指紋相匹配的其他文字嗎?如果從地球形成之時(shí),他就很自豪地?fù)碛?0億臺(tái)計(jì)算機(jī),每臺(tái)計(jì)算機(jī)每秒鐘處理一百萬(wàn)條信息,他依然無(wú)法找到一個(gè)能夠替換的遺囑。</p><p> 人們已經(jīng)設(shè)計(jì)出大量的算法,用于計(jì)算這些消息摘要,其中最著名的兩種算法是SHAI和MD5。SHAI是由
70、美國(guó)國(guó)家標(biāo)準(zhǔn)和技術(shù)學(xué)會(huì)開(kāi)發(fā)的加密散列算法,MD5是由麻省理工學(xué)院的Ronald Rivest發(fā)明的算法。這兩種算法都使用了獨(dú)特巧妙的方法對(duì)消息中的各個(gè)位進(jìn)行擾亂。如果要了解這些方法的詳細(xì)信息,請(qǐng)參閱William Stallings撰寫(xiě)的《Cryptography and Network Security》一書(shū),該書(shū)由Prentice Hall出版社于2005年出版口值得注意的是,最近人們?cè)谶@兩種算法中發(fā)現(xiàn)了某些微妙的規(guī)律性,因此許多密
71、碼人員建議最好避免使用MD5,而應(yīng)該使用SHA1算法,直到有更強(qiáng)的加密算法出現(xiàn)。(查看http://www.rsa.com/rsalabs/node.asp?id=2834以了解更多的信息)。</p><p> Java編程語(yǔ)言已經(jīng)實(shí)現(xiàn)了SHA1和MD5。MessageDigest類(lèi)是用于創(chuàng)建封裝了指紋算法的對(duì)象的“工廠”,它的靜態(tài)方法getInstance返回繼承了MessageDigest類(lèi)的某個(gè)類(lèi)的對(duì)象。
72、這意味著MessageDigest類(lèi)能夠承擔(dān)下面的雙重職責(zé):</p><p> ?。?)作為一個(gè)工廠類(lèi)。</p><p> ?。?)作為所有消息摘要算法的超類(lèi)。</p><p> 例如,下面是如何獲取一個(gè)能夠計(jì)算SHA指紋的對(duì)象的方法:</p><p> MessageDigest alg = MessageDigest.getInsta
73、nce(“SHA-1”);</p><p> ?。ㄈ绻@取計(jì)算MD5的對(duì)象,請(qǐng)使用字符串“MD5”作為getInstance的參數(shù)。)</p><p> 當(dāng)你已經(jīng)獲取MessageDigest對(duì)象之后,通過(guò)反復(fù)調(diào)用update方法,將信息中的所有字節(jié)提供給該對(duì)象。例如,下面的代碼將文件中的所有字節(jié)傳給上面建立的alg對(duì)象,以執(zhí)行指紋算法:</p><p> I
74、nputStream in=….</p><p><b> int ch;</b></p><p> while((ch=in.read())!=-1)</p><p> alg.updat((byte) ch);</p><p> 另外,如果這些字節(jié)存放在一個(gè)數(shù)組中,那就可以一次完成整個(gè)數(shù)組的更新:</p
75、><p> byte[] bytes =...;</p><p> alg.update(bytes);</p><p> 當(dāng)完成上述操作后,調(diào)用digest方法。該方法填充輸入信息—指紋算法需要的—并且進(jìn)行相應(yīng)的計(jì)算,然后以字節(jié)數(shù)組的形式返回消息摘要。</p><p> byte[] hash=alg.digest();</p&g
76、t;<p> 程序清單9-15中的程序計(jì)算了一個(gè)消息摘要,既可以用SHA,也可以使用MD5來(lái)計(jì)算??梢詮奈募虞d需要計(jì)算摘要的數(shù)據(jù),也可以直接將信息輸入文本區(qū)域。圖9-11顯示了該應(yīng)用程序的畫(huà)面。</p><p><b> 消息簽名</b></p><p> 在上一節(jié)中,我們介紹了如何計(jì)算原始消息的消息摘要和指紋的方法。如果消息改變了,那么改變后的
77、消息的指紋與原消息的指紋將不匹配。如果消息和它的指紋是分開(kāi)傳送的,那么接收者就可以檢查消息是否被篡改過(guò)。但是,如果消息和指紋同時(shí)被截獲了,對(duì)消息進(jìn)行修改,再重新計(jì)算指紋,這是一件很容易的事情。畢竟,消息摘要算法是公開(kāi)的,不需要使用任何密鑰。在這種情況下,假消息和新指紋的接收者永遠(yuǎn)不會(huì)知道消息已經(jīng)被篡改。數(shù)字簽名解決了這個(gè)問(wèn)題。</p><p> 為了了解數(shù)字簽名的工作原理,我們需要解釋關(guān)于公共密鑰加密技術(shù)領(lǐng)域中
78、的幾個(gè)概念。公共密鑰加密技術(shù)是基于公共密鑰和私有密鑰這個(gè)兩個(gè)基本概念的。它的設(shè)計(jì)思想是你可以將公共密鑰告訴世界上的任何人,但是,只有自己才擁有私有密鑰,重要的是你要保護(hù)你的私有密鑰,不將它泄漏給其他任何入。這些密鑰之間存在一定的數(shù)學(xué)關(guān)系,但是這種關(guān)系的具體性質(zhì)對(duì)于實(shí)際的編程來(lái)說(shuō)并不重要(如果你有興趣,可以參閱http://www.cacr.math.uwaterloo.ca/hac/站點(diǎn)上的《The Handbook of Applie
79、d Cryptography》 一書(shū))。</p><p> 密鑰非常長(zhǎng),而且很復(fù)雜。例如,下面是一對(duì)匹配的數(shù)字簽名算法(DSA)公共密鑰和私有密鑰。</p><p><b> 公共密鑰:</b></p><p> p: fca682ce8e12caba26efccf7ll0e526db078b05e6ecbcdleb4a208f3ae1
80、617ae0lf35b9la47e6df63413c5e12ed0899bcd132acd50d9915lbdc43ee737592el7</p><p> q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5</p><p> g:67847lb27a9cf44ee9la49c5147dbla9aaf244f05a434d648693ld2d1427
81、lb9e35030b7lfd73da179069b32e2935630elc2062354d0da20a6c416e50be794ca4</p><p><b> y:</b></p><p> c0b6e67b4ac098ebla32c5f8c4clfee7e6fb9d832532e27d0bdab9ca2d2a8123ce5a8018b816la6048efa
82、dd040b927281ddb22cb9bc4df596d7de4dlb977dS0</p><p><b> 私有密鑰:</b></p><p><b> p:</b></p><p> fca682ce8e12caba26efccf7ll0e526db078b05edecbcdleb4a208f3ae1617ae
83、0lf35b9la47e6df63413c5e12ed0899bcd132acd50d9915lbdc43ee737592e17</p><p> q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5</p><p><b> g:</b></p><p> 67847lb27a9cf44ee9la49c
84、5147dbla9aaf244f05a434d648693ld2d1427lb9e35030b7lfd73da179069b32e2935630elc2062354d0da20a6c416e50be794ca4</p><p> x: 146c09f881656cc6c5lf27ea6c3a9lb85edld70a</p><p> 在現(xiàn)實(shí)中,幾乎不可能用一個(gè)密鑰去推算出另一個(gè)密鑰。也
85、就是說(shuō),即使每個(gè)人都知道你的公共密鑰,不管他們擁有多少計(jì)算資源,他們一輩子也無(wú)法計(jì)算出你的私有密鑰。</p><p> 任何人都無(wú)法根據(jù)公共密鑰來(lái)推算私有密鑰,這似乎讓人難以置信。但是時(shí)至今日,還沒(méi)有人能夠找到一種算法,來(lái)為現(xiàn)在常用的加密算法進(jìn)行這種推算。如果密鑰足夠長(zhǎng),那么要是使用窮舉法—也就是直按試驗(yàn)所有可能的密鑰—所需要的計(jì)算機(jī)將比用太陽(yáng)系中的所有原子來(lái)制造的計(jì)算機(jī)還要多,而且還得花費(fèi)數(shù)千年的時(shí)間。當(dāng)然,
86、可能會(huì)有人提出比窮舉更靈活的計(jì)算密鑰的算法。例如,RSA算法(該加密算法由Rivest, Shamir和Adleman發(fā)明)就利用了對(duì)數(shù)值巨大的數(shù)字進(jìn)行因子分解的困難性。在最近20年里,許多優(yōu)秀的數(shù)學(xué)家都在嘗試提出好的因子分解算法,但是迄今為止都沒(méi)有成功。據(jù)此,大多數(shù)密碼學(xué)者認(rèn)為,擁有2000位或者更多位“模數(shù)”的密鑰目前是完全安全的,可以抵御任何攻擊。DSA被認(rèn)為具有類(lèi)似的安全性。</p><p> 圖9-1
87、2展示了這項(xiàng)工作的處理過(guò)程。</p><p> 假設(shè)Alice想要給Bob發(fā)送一個(gè)消息,Bob想知道該消息是否來(lái)自Alice,而不是冒名頂替者。Alice寫(xiě)好了消息,并且用她的私有密鑰對(duì)該消息摘要簽名。 Bob得到了她的公共密鑰的拷貝,然后Bob用公共密鑰對(duì)該簽名進(jìn)行校驗(yàn)。如果通過(guò)了校驗(yàn),則Bob可以確認(rèn)以下兩個(gè)事實(shí):</p><p> ?。?)原始消息沒(méi)有被篡改過(guò)。</p>
88、<p> ?。?)該消息是由Alice簽名的,她是私有密鑰的持有者,該私有密鑰就是Bob</p><p> 與她用于校驗(yàn)的公共密鑰相匹配的密鑰。</p><p> 你可以看到私有密鑰的安全性為什么是最重要的。如果某個(gè)人偷了Alice的私有密鑰,或者政府要求她交出私有密鑰,那么她就麻煩了。小偷或者政府代表就可以假扮她的身份來(lái)發(fā)送消息和資金轉(zhuǎn)賬指令等等,而其他人則會(huì)相信這些消
89、息確實(shí)來(lái)自于Alice。</p><p><b> X.509證書(shū)格式</b></p><p> 為了利用公共密鑰這種密碼系統(tǒng),必須將公共密鑰分發(fā)出去。最通用的一種簽名證書(shū)格式稱(chēng)為X.509格式。X.509格式的證書(shū)被VeriSign、微軟、網(wǎng)景和其他許多公司廣泛應(yīng)用于對(duì)電子郵件消息進(jìn)行簽名,對(duì)程序代碼進(jìn)行認(rèn)證,以及對(duì)許多其他類(lèi)型的數(shù)據(jù)進(jìn)行認(rèn)證等等。 X.509標(biāo)
90、準(zhǔn)是由國(guó)際電話標(biāo)準(zhǔn)機(jī)構(gòu),即國(guó)際電報(bào)電話咨詢委員會(huì)(CCITT)提出的用于目錄服務(wù)的X.500系列建議的組成部分。</p><p> X.509證書(shū)的具體結(jié)構(gòu)是用一種形式化表示來(lái)描述的,稱(chēng)為“抽象語(yǔ)法表示法#1”(abstract syntax notation)即ASN.1。圖9-13顯示了第3版X.509格式的ASN.1定義。雖然具體的語(yǔ)法對(duì)我們并不重要,但是你可以看到,ASN.1為證書(shū)文件的結(jié)構(gòu)給出了精確的
溫馨提示
- 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
- 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
- 5. 眾賞文庫(kù)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
- 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。
最新文檔
- java核心技術(shù) 卷ⅱ高級(jí)特性
- java核心技術(shù) 卷ⅱ高級(jí)特性
- 外文翻譯---java核心技術(shù) 卷ⅱ高級(jí)特性
- 計(jì)算機(jī)類(lèi)外文文獻(xiàn)翻譯---java核心技術(shù)
- java核心技術(shù)習(xí)題答案
- java的超市管理系統(tǒng)計(jì)算機(jī)畢業(yè)論文
- 基于java的計(jì)算機(jī)考試系統(tǒng)畢業(yè)論文
- 計(jì)算機(jī)java畢業(yè)論文---學(xué)校圖書(shū)管理系統(tǒng)
- java的超市管理系統(tǒng)計(jì)算機(jī)畢業(yè)論文
- 計(jì)算機(jī)專(zhuān)業(yè) java外文翻譯
- 計(jì)算機(jī)外文翻譯---java技術(shù)與ssh框架
- 計(jì)算機(jī)專(zhuān)業(yè)畢業(yè)論文_論文外文文獻(xiàn)中英文翻譯(object)
- java內(nèi)存分配與管理是java的核心技術(shù)之一
- java計(jì)算機(jī)源代碼
- 計(jì)算機(jī)java實(shí)習(xí)總結(jié)
- 計(jì)算機(jī)java實(shí)習(xí)總結(jié)
- 計(jì)算機(jī)java畢業(yè)論文---人力資源管理—檔案管理
- 【計(jì)算機(jī)科學(xué)與技術(shù)畢業(yè)論文】基于java web 的vbo播客站點(diǎn)畢業(yè)論文定稿 2016
- 畢業(yè)論文中英文翻譯---計(jì)算機(jī)輔助設(shè)計(jì)(cad)
- 計(jì)算機(jī)外文翻譯--java編程語(yǔ)言的介紹
評(píng)論
0/150
提交評(píng)論