The principle of data encryption and data signature

Digital signatures. It mainly goes through the following processes:

The sender of the message uses a one-way hash function to generate a summary of the message;

The sender of the message signs the digest of the message with his or her own private key;

The sender of the message sends the message itself along with the signed summary of the message;

The message close-link receiver generates a new digest of the received message itself by using the same one-way hash cluster function (hash function) used by the message sender, and then uses the message sender's public key.

The summary of the message is validated to confirm the identity of the sender and whether the message has been modified.

Digital encryption mainly goes through the following processes:

When the sender needs to send information, it first generates a symmetric key and uses the symmetric key to encrypt the message to be sent.

The sender of the message encrypts the symmetric key with the public key of the receiver of the message;

The sender of the message combines the results of the first and second steps to pass it to the receiver of the message, called the digital envelope;

The receiver of the message uses his own private key to decrypt the encrypted symmetric key, and then uses this symmetric key to decrypt the ciphertext encrypted by the sender to obtain the true original text.

Although both the process of digital signature and digital encryption use a public key system, the process of implementation is reversed, and the key pairs used are also different. Digital signatures use the sender's key pair, the sender encrypts with its own private key, and the receiver uses the sender's public key to decrypt, which is a one-to-many relationship, and anyone with the sender's public key can verify the correctness of the digital signature. Digital encryption uses the receiver's key pair, which is a many-to-one relationship, and anyone who knows the receiver's public key can send encrypted information to the receiver, and only the only person with the receiver's private key can decrypt the message.

In addition, only asymmetric key cryptography is used for digital signatures.

It can ensure the integrity, identity authentication and non-repudiation of the sent information, while the digital encryption adopts a combination of symmetric key encryption algorithm and asymmetric key encryption algorithm, which can ensure the confidentiality of the sent information.

The differences between digital signature mechanism and simple encryption are:

The digital signature mechanism is:A digital signature is a piece of data attached to a data unit, or a cryptographic transformation of a data unit.

This type of data or transformation allows the recipient of the data unit to confirm the integrity of the data unit and to protect the data from being forged by someone (e.g., the recipient).

Simple encryption is:The basic process of simple encryption is to process a file or data that was originally plaintext according to a certain algorithm to make it unreadable, commonly known as "ciphertext". In this way, the purpose of protecting data from being stolen and read by unincorporated persons is achieved.

There are two types of simple encryption methods:

1. Caesar encryption: When the Caesar cipher is encrypted, each letter in the plaintext will be moved backwards (or forwards) backwards (or forwards) in the order of the alphabet (cyclic movement) as ciphertext.

2. Single table substitution: randomly select letters to replace the original alphabetical order table, so there are a total of 26! - 1 possibility.

3. One secret at a time: The garbled code is a large non-repeating set of true random key letters, which is written on several sheets of paper and glued into a garbled book.

4. Fence encryption method: The fence encryption method divides the plaintext into several columns (lines), and the number of letters in each column is the same as the key, such as meet me after party, first scold us to remove the space.

The text becomes MeetMeAfterParty. There are a total of 16 letters, and the key is 4, then we can divide it into 16 key=4 columns, arranged from top to bottom, and the number of letters in each column is 4.

Summary. If it is the same, it means that the information received is complete and has not been modified during transmission, otherwise the message has been modified, so the digital signature can verify the integrity of the information.

Hello, I am a cooperating lawyer, I have received your question, I need a little time to answer, wait a minute.

Encryption is symmetric and asymmetric. Symmetry commonly uses DES, 3DES, AES

Encryption is bidirectional, meaning that either the public and private keys can be used for encryption, and the other is used for decryption.

Digital signature is the application of asymmetric key cryptography and digital digest technology.

Digital signature technology encrypts the digest information with the sender's private key and transmits it to the receiver along with the original text.

The receiver can only decrypt the encrypted digest information with the sender's public key, and then use the hash function to generate a digest message for the received original text, which is compared with the decrypted digest message.

If it is the same, it means that the information received is complete and has not been modified during transmission, otherwise the message has been modified, so the digital signature can verify the integrity of the information.

Digital signature is an encryption process, and digital signature verification is a decryption process.

The principle of both is to use cryptography to process information, and the difference is mainly due to the different functions and the different types of encryption used.

Digital signatures generally use a public-key cryptography, with a private key to sign and a public key to verify the signature, such as RSA. Encryption generally uses symmetric cryptography, such as DES, AES. In principle, public-key cryptography algorithms such as RSA can also be encrypted, but the encryption speed of symmetric cryptography is fast in comparison, so in practical applications, symmetric cryptography is used for encryption.

So-called"Digital signatures. "It is through a certain cryptographic operation to generate a series of symbols and ** to form an electronic password for signature, to replace the written signature or seal, for this electronic signature can also be technically verified, the accuracy of its verification is the verification of the general manual signature and seal and can not be compared. "Digital signatures. "At present, it is the most widely used, the most mature and the most operable electronic signature method in e-commerce and e-government. It uses standardized procedures and scientific methods for the identification of signatories and the recognition of the content of an electronic data.

It can also verify that the original text of the document has not been changed during transmission, ensuring the integrity, authenticity and non-repudiation of the transmitted electronic document.

Digital signatures are defined in the ISO7498-2 standard as:"Some data attached to a data unit, or a cryptographic transformation of a data unit, that allows the recipient of the data unit to confirm the integrity of the data unit** and the data unit, and to protect the data from being forged by someone (e.g. the recipient)."。The American Electronic Signature Standard (DSS, FIPS186-2) explains digital signatures as follows:

The result of the calculation of the data using a set of rules and a parameter can be used to confirm the identity of the signer and the integrity of the data"。As defined above, PKI (Public Key Infrastructino) provides cryptographic transformations that provide units of data and enable the recipient to judge and verify the data**.

The digital signature adopts the method of double encryption to achieve anti-counterfeiting and anti-reliance. Here's how it works:

1) The sent file is encrypted with SHA encoding to produce a 128-bit digital digest (see section above).

2) The sender re-encrypts the digest with its own private key, which forms a digital signature.

3) Transmit both the original text and the encrypted summary to the other party.

4) The other party decrypts the digest with the sender's public key, and at the same time generates another digest with SHA encoding of the received file.

5) Compare the decrypted digest with the digest generated by the re-encryption of the received file at the receiver. If the two are consistent, it means that the information has not been destroyed or tampered with during transmission. Otherwise, it is not.

The digital signature is only through an irreversible algorithm, and the data after processing the information to be signed can be used as an electronic certificate to ensure the integrity of the electronic document and the non-repudiation of the signer.

An irreversible cryptographic algorithm is used in the digital signature process. After these algorithms have processed the relevant information, it cannot be restored and becomes difficult to understand. The algorithm itself guarantees that it is nearly impossible to encrypt two different pieces of information into the same signature.

This makes it difficult for third parties to decipher, tamper with, or forge signatures.

At present, the most commonly used digital signature algorithms include MD5, SHA and other algorithms.

A digital signature is a hashing algorithm, also known as a hash method. It is to turn some indefinite-length characters into fixed-length characters (called file fingerprints, similar to human fingerprints). Collisions are possible, but only by chance (very unlikely), it is almost impossible to deliberately have two different files encrypt MD5 to produce the same hash value, and to decipher MD5 plaintext, it takes at least a terabyte computer to solve it, and it takes thousands of years to solve it.

But I've recently heard that the latest quantum computers can be solved in a matter of days.

The most well-known is MD5 encryption.

There are also RSA, DES.

You can take a look at the introduction here.