密码理论与技术 crypto-1.pptVIP

* */41 设计安全服务的内容 设计一个算法，执行与安全相关的变换，该算法是攻击者无法攻破的； 产生算法所使用的秘密信息； 设计分配和共享秘密信息的方法； 指定通信双方使用的协议，该协议利用安全算法和秘密信息实现安全服务。 * The requirements of information security within an organization have undergone two major changes in the last several decades. Before the widespread use of data processing equipment,the security of information felt to be valuable to an organization was provided primarily by physical (eg. rugged filing cabinets with locks) and administrative mechanisms (eg. Personnel screening procedures during hiring process). Growing computer use implies a need for automated tools for protecting files and other information stored on it. This is especially the case for a shared system, such as a time-sharing system, and even more so for systems that can be accessed over a public telephone network, data network, or the Internet. The second major change that affected security is the introduction of distributed systems and the use of networks and communications facilities for carrying data between terminal user and computer and between computer and computer. Network security measures are needed to protect data during their transmission. * Detail the focus of this book/course, which is on Internet Security - being measures to deter, prevent, detect, and correct security violations that involve the transmission storage of information. * Discuss observed security trends (Stallings section 1.1 Figure 1.2 above), noting growth in sophistication of attacks contrasting with decrease in skill knowledge needed to mount an attack. * Expand on definition and use of “security attack”, as detailed above. See Stallings Table 1.1 for definitions of threat and attack. * See Table 1.4 for details of the 5 Security Service categories and the 14 specific services. * Now introduce “Security Mechanism” which are the specific means of implementing one or more security services. Note these mechanisms span a wide range of technical components, but one aspect seen in many is the use of cryp