Download presentation
Presentation is loading. Please wait.
1
Introduction to Computer Security and Cryptography
方贤进
2
(1)Morse Code 谍战剧经常出现的Morse Code. 《风 声》、《麻雀》、《U571》
Morse Code是一种早期的数字化通信形 式,但是它不同于现在的只使用0和1两 种状态的二进制代码,它的代码包括五 种:点、划、点和划之间的停顿、每个 字符间短的停顿。短促的点信号“.”,读 “滴”(dit);保持一定时间的长信号“— ”,读“嗒”(Dash)。
3
(1)Morse Code
4
(1)Morse Code SOS是国际求救信号的Morse Code是 ... --- ...
英文:HELLO EVERYBODY,其Morse Code为:
5
(1)Morse Code You can visit Wikipedia for Morse code:
However, Morse code is a kind of telegraph code(电报码),not belong to Modern Cryptography(现代密码学).
6
Standard ASCII characters
(2)Encoding ASCII Code Standard ASCII characters
7
Extended ASCII characters
(2)Encoding ASCII Code Extended ASCII characters
8
(2)Encoding BASE64 Code Base64 is a group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. The term Base64 originates from a specific MIME content transfer encoding. Each Base64 digit represents exactly 6 bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can therefore be represented by four 6-bit Base64 digits. Index Char A 16 Q 32 g 48 w 1 B 17 R 33 h 49 x 2 C 18 S 34 i 50 y 3 D 19 T 35 j 51 z 4 E 20 U 36 k 52 5 F 21 V 37 l 53 6 G 22 W 38 m 54 7 H 23 X 39 n 55 8 I 24 Y 40 o 56 9 J 25 Z 41 p 57 10 K 26 a 42 q 58 11 L 27 b 43 r 59 12 M 28 c 44 s 60 13 N 29 d 45 t 61 14 O 30 e 46 u 62 + 15 P 31 f 47 v 63 /
9
(2)Encoding For example:
BASE64 Code For example: Source Text (ASCII) M a n Octets 77 (0x4d) 97 (0x61) 110 (0x6e) Bits 1 Base64 encoded Sextets 19 22 5 46 Look up Table… Character T W F u 84 (0x54) 87 (0x57) 70 (0x46) 117 (0x75) In this case, the bits in source text is just a multiple of 6-bits!
10
(2)Encoding BASE64 Code =, padding characters might be added to make the last encoded block contain four Base64 characters. If there are only two significant input octets (e.g., 'Ma'), or when the last input group contains only two octets, all 16 bits will be captured in the first three Base64 digits (18bits); the two least significant bits of the last content-bearing 6-bit block will turn out to be zero, and discarded on decoding (along with the following = padding characters):
11
(2)Encoding BASE64 Code Source Text (ASCII) M a Octets 77 (0x4d)
Bits 1 Base64 encoded Sextets 19 22 4 Padding Look up table… Character T W E = 84 (0x54) 87 (0x57) 69 (0x45) 61 (0x3D)
12
(2)Encoding BASE64 Code If there is only one significant input octet (e.g., 'M'), or when the last input group contains only one octet, all 8 bits will be captured in the first two Base64 digits (12 bits); the four least significant bits of the last content- bearing 6-bit block will turn out to be zero, and discarded on decoding (along with the following = padding characters):
13
(2)Encoding BASE64 Code Source Text (ASCII) M Octets 77 (0x4d) Bits 1 Base64 encoded Sextets 19 16 Padding Look up table… Character T Q = 84 (0x54) 81 (0x51) 61 (0x3D) Note: the final = = sequence indicates that the last group contained two bytes, and = indicates that it contained only one byte!
14
(2)Encoding Unicode Unicode编码把所有语言中的字符都统一到一套编码里,这样就不会再有乱码问题了。Unicode标准也在不断发展,但最常用的是用两个字节表示一个字符(如果要用到非常偏僻的字符,就需要4个字节)。如果统一成Unicode编码,乱码问题从此消失了。但是,如果你写的文本基本上全部是英文的话,用Unicode编码比ASCII编码需要多一倍的存储空间,在存储和传输上就十分不划算。所以,本着节约的精神,又出现了把Unicode编码转化为“可变长编码”的UTF-8编码。UTF-8编码把一个Unicode字符根据不同的数字大小编码成1-6个字节,常用的英文字母被编码成1个字节(ASCII码),汉字通常是2个字节,只有很生僻的字符才会被编码成4-6个字节。如果你要传输的文本包含大量英文字符,用UTF-8编码就能节省空间。 例如汉子“安徽”的Unicode编码为\u5b89\u5fbd Unicode编码转换可参见:
15
(3)Password Unix/Linux OS中的user&password文件 username 加密后的password
16
(3)Password We表单提交数据的传输 利用fiddle web debugger截获到提交到邮件服务器的表单数据
17
(3)Password We表单提交数据的传输 提交到邮件服务器的表单数据不是明文,而是其消息认证码!
18
(3)Password Web表单数据的加密传输 Secure http协议
19
(3)Password Web表单数据的加密传输
20
WannaCry,一种蠕虫(worm)勒索病毒件
(4)Key in encryption/decryption WannaCry,一种蠕虫(worm)勒索病毒件
21
信息安全的目标 国际标准化委员会定义信息安全 (Information Security):“为数 据处理系统而采取的技术的和管理的 安全保护,保护计算机硬件、软件、 数据不因偶然的或恶意的原因而遭到 破坏(可用性)、更改(完整性)、 泄露(机密性)” 。
22
信息安全的目标 (1)机密性(Confidentiality): Prevent unauthorised disclosure of information. 即使非授权用户得到信息也无法知晓信 息内容。可通过访问控制(access control)阻止非授权用户获得机密信息, 通过加密(encryption)阻止非授权用户 知晓信息内容。
23
信息安全的目标 (2)完整性(Integrity): Assurance that data received are exactly as sent by an authorized sender. 通过访问控制(access control)阻止篡 改行为,通过消息摘要(message digest)算法检验信息是否被篡改。
24
信息安全的目标 (3)可用性(Availability): services should be accessible when needed and without delay. 涉及物理、网络、系统、数据、应用和 用户等多方面因素。
25
信息安全的目标 (4)真实性(Authentication):
assurance that the communicating entity is the one it claims to be. peer entity authentication. Data-origin authentication.
26
信息安全的目标 (5)不可抵赖性(Non-Repudiation):
protection against denial by one of the parties in a communication. Origin non-repudiation:proof that the message was sent by the specified party. Destination non-repudiation:proof that the message was received by the specified party. 一般通过数字签名(digital signature)来 提供不可抵赖性服务。
27
信息安全学科的理论体系
28
信息安全学科的知识体系
29
“密码学”是信息安全的核心和基础!
Similar presentations
