introduce

Based on daily life, students' understanding of passwords may only come from passwords of social accounts and bank cards intuitively. If you mention the computer again, it may be the power-on password. Strictly speaking, the passwords mentioned above are not passwords in cryptography, they are just passwords. Cryptography is a technical science that studies cryptographic encoding and decoding. Studying the objective law of password change and applying it to compiling passwords to keep communication secrets is called coding; The act of obtaining communication information by deciphering passwords is called deciphering and cryptography. It is easy to understand here that we can refer to the technical mechanism of "door lock" because it can reflect the technical thought of cryptography to a certain extent.

First of all, the role of cryptography

So what is the function of cryptography? It is a subject used to study how to transmit information in secret. In modern times, especially the mathematical research on information and its transmission is often regarded as a branch of mathematics and computer science, and it is also closely related to information theory. Ron Rivest, a famous cryptographer, explained: "Cryptography is about how to communicate in the presence of enemies". From the perspective of self-engineering, this is equivalent to the similarities and differences between cryptography and pure mathematics. Cryptography is the core of information security and other related issues, such as authentication and access control. The main purpose of cryptography is to hide the meaning of information, not the existence of information. It can be seen that password is an important secret means for communication parties to convert special information according to the agreed rules, so that the exchanged information can be safely protected from being obtained by others. Generally speaking, it is to disguise information so that unauthorized people can't get the true meaning of information.

Second, some related concepts of cryptography

The first thing to mention is the encryption key. Because encryption and decryption are under its control. Secondly, encryption algorithm is a cluster of mathematical transformations used for encryption, and correspondingly, a cluster of mathematical transformations used for decryption is called decryption algorithm, which is the inverse operation of encryption algorithm. Only those who have mastered the encryption key and algorithm are considered as authorizers. According to these laws, changing plaintext into ciphertext (called encryption transformation) and ciphertext into plaintext (called decryption transformation) can make legal communication parties exchange information.

Third, the three attributes of the password.

Confidentiality, loyalty and integrity. Therefore, cryptography is gradually developed in the practice of the struggle between encoding and decoding, and with the application of advanced science and technology, it has become a comprehensive frontier technology science. It is closely related to linguistics, mathematics, electronics, acoustics, information theory and computer science. Its actual research results, especially the encryption and decoding methods used by governments all over the world, are highly confidential.

Fourthly, the relationship between the origin of passwords and information security.

About 1900 BC, some strange symbols appeared in the epitaph of a slave owner in ancient Egypt. Western cryptographers believe that this is the earliest appearance of passwords. Generally speaking, epitaphs do not need to be kept secret, probably out of respect for the owner of the tomb and the pursuit of artistic expression. With the rapid development of Internet, the security of network information has become a major issue. In the early days, passwords only changed the encryption and decryption of characters or numbers. With the development of communication technology, encryption and decryption of voice, image and data can be realized. Now, especially in computer and network security technologies, such as access control and information confidentiality. So cryptography and computer science promote each other. Now cryptography has been widely used in daily life, including chip cards of ATMs, access passwords of computer users, e-commerce and so on.

When it comes to the relationship between password and information security, it is not difficult to understand that password is the key technology or core technology of information security. So internationally, passwords belong to the sovereignty of a country. Is that any country has its own choice. Because of the confidentiality of information, almost all fields of information security need to apply cryptography, so cryptography is also a * * * technology of information security. Then the importance of passwords to information security can also be seen.

Verb (abbreviation of verb) professional definition of information security

Information security refers to the protection of information systems (including hardware, software, data, personnel, physical environment and its infrastructure) from being damaged, changed or leaked by accidents or malicious reasons, the system runs continuously and reliably, and the information service is uninterrupted, so as to finally realize business continuity. Information security mainly includes the following five aspects: the need to ensure confidentiality, authenticity, integrity, unauthorized copying and the security of parasitic systems. Its fundamental purpose is to protect internal information from threats from internal, external and natural factors. In order to ensure information security, it is necessary to carry out information source authentication and access control, and there must be no illegal software resident or unauthorized operation. Since someone wants to encrypt information, there are enemies who want to crack the password and intercept the information.

Sixth, the relationship between the development of password cracking and information security.

14 12, an encyclopedia compiled by Kalekashandi, Persia, contains methods to decipher simple codes instead of passwords. By the end of16th century, some European countries had full-time decipherers to decipher the intercepted secret information. Cryptographic decoding technology has made great progress. Cryptography and Decoding Technology written by Prussian Kasinski and Military Cryptography written by Frenchman Kerckhoff both discussed and discussed the theory and methods of cryptography.

It must be said that the two world wars were the "invincible period" for the development of cryptography and information security. Cryptography in the First World War. The United States has cracked the codes of other countries. After the end of World War I, MI8 was dissolved. Yardley led more than 50 people left behind to set up the American Black Room, dedicated to deciphering the diplomatic secrets of various countries. 19 17- 1929, the "American Black Room" team led by Yadley deciphered more than 45,000 secret messages, including more than 20 countries including China, Germany, Britain, France and Russia. 1927. 10 the "American black room" that Yardley operated for more than ten years was closed by the Secretary of State on the grounds that "gentlemen don't peek at letters". This sentence has become a famous saying in the history of American cryptography. Later, Yardley wrote this experience into a book, American Dark Room. Cryptography in World War II. During the Second World War, cryptography developed greatly.

The encryption technology of World War I mainly relied on manual encryption and decryption, and the complexity, security and encryption and decryption speed of passwords were not high enough. Cryptography experts are mainly composed of language experts, guessing experts and chess champions. The encryption technology in wartime has been electromechanical, and the encryption and decryption by electromechanical equipment greatly improves the complexity, security and encryption and decryption speed of passwords. Cryptography experts also have math experts to join, playing a leading role. Military experts commented: "The success of the allied forces in cryptography made the Second World War end ten years earlier."

China War of Resistance against Japanese Aggression was an important part of the Second World War. What we are proud of is that China people cracked some Japanese passwords and made important contributions to the victory of the Anti-Japanese War. At the end of 1938, Yardley came to Chongqing as a consultant to decipher codes for military systems, trained more than 200 cryptographers for military systems, and returned to China on 1940.7. Later, China deciphered the Chongqing meteorological secret message of the Japanese spy and captured it. He also cracked a spy code in Wang Fei and captured the spy. It also deciphered the password of the Japanese Air Force, reducing the loss of air combat in Chongqing; He also cracked some passwords of the Japanese Ministry of Foreign Affairs and obtained some information before the Pearl Harbor incident.

By 1949, Shannon, an American, published the article Communication Theory of Secret Systems, and analyzed some basic problems in cryptography by applying the principle of information theory. /kloc-since the 0/9th century, the widespread use of telegrams, especially wireless telegrams, has provided extremely favorable conditions for cryptographic communication and third-party interception. Communication secrecy and detection and decoding have formed a hidden front with fierce struggle. At present, the governments of major countries in the world attach great importance to cryptography. Some of them have established huge institutions, allocated huge funds, concentrated tens of thousands of experts and scientific and technological personnel, and invested a lot of high-speed computers and other advanced equipment in their work. At the same time, private enterprises and academic circles pay more and more attention to cryptography, and many mathematicians, computer scientists and experts in other related disciplines have also devoted themselves to the research of cryptography, which has accelerated the development of cryptography. Finally, cryptography has become an independent discipline.

Seven, the relationship between cryptography and information security

Cryptography is an interdisciplinary subject, which comes from many fields: it can be regarded as information theory, but it uses tools in many mathematical fields, such as number theory and finite mathematics. Information security is also a comprehensive discipline, involving computer science, network technology, communication technology, cryptography technology, information security technology, applied mathematics, number theory, information theory and other disciplines.

As a resource, information is of great significance to human beings because of its universality, enjoyment, value-added, treatability and versatility. China's reform and opening up has brought about a sharp increase in all aspects of information, which requires large-capacity and efficient transmission. There are many ways to transmit information, including local computer network, Internet and distributed database, cellular wireless, packet-switched wireless, satellite video conference, email and other transmission technologies. In the process of information storage, processing and exchange, there is the possibility of leakage, interception, eavesdropping, tampering and forgery, so security is highly valued.

No matter organizations or individuals, more and more things are entrusted to computers, sensitive information is transmitted between computer systems through fragile communication lines, special information is stored in or transmitted between computers, electronic banking enables financial accounts to be queried through communication lines, law enforcement agencies learn criminal records from computers, and doctors use computers to manage medical records. Above all, the most important problem is that information cannot be transmitted without taking measures to prevent illegal (unauthorized) access. Therefore, we put forward the term security policy. Information security policy refers to the rules that must be followed to ensure a certain degree of security protection. Realizing information security depends not only on advanced technology, but also on strict security management, legal constraints and security education.

Eight, cryptography and information security have developed rapidly.

China's information security industry started late. Since the beginning of this century, it has experienced three important stages of development: germination, outbreak and popularization, and the industrial scale has gradually expanded. It has driven the sustained growth of the market demand for information security products and services; In addition, the government's attention and policy support have also continuously promoted the rapid development of China's information security industry. According to the data of "Analysis Report on the Development Prospect and Investment Strategic Planning of China Information Security Industry in 20 13-20 17", the market scale of information security products in China reached165438+74 million yuan in 20 17, with a year-on-year increase of 20.23%. Avantgarde. Com believes that the information security industry has great development potential, but the current information security situation in the domestic Internet industry is not optimistic. With the increasing penetration of the network into all aspects of social life, it is particularly urgent to enhance the awareness of network information security and strengthen information security prevention measures.

In 20 12 years, the information security industry will enter a stage of rapid development, and the requirements of the entire internet users for security products will also turn to "active security defense". With the enhancement of users' security awareness, active security products will be more concerned, and active security defense will become the mainstream of future security applications.

In the information security market, the mainstream e-commerce takes encryption technology as the basic security measure. Encryption technology is divided into two categories, namely symmetric encryption and asymmetric encryption. 1. Symmetric encryption is also called private key encryption, that is, the sender and receiver of information use the same key to encrypt and decrypt data. Its biggest advantage is its fast encryption/decryption speed, which is suitable for encrypting a large number of data, but the key management is difficult. If both parties can ensure that the private key is not leaked in the key exchange stage, then the confidentiality and message integrity can be realized by encrypting the confidential information by this encryption method and sending the message digest or message hash value with the message. Second,

Asymmetric encryption, also known as public key encryption, uses a pair of keys to complete the encryption and decryption operations respectively, one of which is publicly released (that is, the public key) and the other is kept by the user himself in secret (that is, the private key). The process of information exchange is as follows: Party A generates a pair of keys and discloses one of them to other parties as a public key. Party B who obtained the public key encrypts the information and sends it to Party A, and Party A decrypts the encrypted information with its own private key.

Because on the Internet, every computer has more or less security problems. Security problems will inevitably lead to serious consequences. Such as system destruction, data loss, secret theft and direct and indirect economic losses, can not be ignored. When it comes to security, we often talk about using firewalls, antivirus software and so on. One disadvantage of cryptographic technology is that passwords are not good at solving the security problems of information processing forms. This is the root cause of virus flooding at present, and we have no good solution. So please remember: "No matter how good the password is, it can't kill the virus, and no matter how good the anti-virus software is, it can't be used as a password." Both are important!

Having said that, cryptography and information security complement each other. Cryptography develops faster because of information security, and information can be exchanged safely under the protection of cryptography.

References:

Xie Xiren. Computer Network (4th Edition) [M]. Beijing: Electronic Industry Press, 2003.

[2] Sharla Cheung, Xu Yuejin. Network Security Experiment Course, Tsinghua University Publishing House, June 2007.

[3] Xu Zhikun, Wang Wei et al. Network Infiltration Technology, Electronic Industry Press, 2005-5- 1 1.

[4] Wu Xinhua, Zhai, etc. , the hacker's attack and defense secrets were exposed, Tsinghua University Press, 2006.

. . I wrote this by hand before, and it can also be related to cryptography. If you think it can be used, take it.