原创力文档- 1、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。。
- 2、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 3、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
* 现代密码学理论与实践-13 */47 若A为B签署m,0= m = p-1, A随机选择k∈[0, p-1],gcd(k, p-1) = 1 计算r =αk mod p 计算αm = YArrs mod p, YA=αxA mod p 即αm =αxA rαk s mod p 则 m = (xAr + ks) mod p-1 根据此式求s,则对于m的数字签名即为(r, s), 0≤ r, sp-1. ElGamal的数字签名方法 * 现代密码学理论与实践-13 */47 验证:给定m, r, 和s,容易计算 αm mod p = YArrs mod p, 看其是否一致, k不能重复使用。 (p287) 例:p = 17, α = 3, xA= 2, xB= 5, m = 11, k = 5, 求签名及验证。 ElGamal数字签名的验证 * 现代密码学理论与实践-13 */47 验证:给定m, r, 和s,容易计算 αm mod p = YArrs mod p, 看其是否一致, k不能重复使用。 例:p = 17, α = 3, xA= 2, xB= 5, m = 11, k = 5, 求签名及验证。 签名:r = αk mod p = 35 mod 17 = 5, 11 = (2x5 + 5s) mod 16 = (10 + 5s) mod 16 5s mod 16 = 1, s = 13. 所以,签名为(5, 13)。 验证: αm mod p = 311 mod 17 = 102x10x9 mod 17 = 7 YArrs mod p = (32)5 x 513 mod 17 = 7 ElGamal数字签名的验证 * 现代密码学理论与实践-14 */40 网络信息安全
Chapter 14 Authentication Applications * 现代密码学理论与实践-14 */40 ①IDC, IDtgs, TS1 ②EKC[KC,tgs, IDtgs, TS2, Lifetime1, Tickettgs] Tickettgs = EKtgs[KC,tgs,IDC, ADC, IDtgs, TS2, Lifetime2] ③IDV, Tickettgs, AuthenticatorC (用户身份证明文件) AuthenticatorC = Ekc,tgs[IDC, ADC, TS3] ④Ekc,tgs[KC,V,IDV, TS4, TicketV] TicketV = Ekv[KC,V,IDC, ADC, IDV, TS4, Lifetime4] ⑤TicketV, AuthenticatorC AuthenticatorC = Ekc,v[IDC, ADC, TS5] ⑥Ekc,v[TS5+1] 认证会话交互过程的信息细节 ① ② ③ ④ ⑤ ⑥ 中央识别服务器 AS 通行票产生服务器TGS 用户C 服务器V 网络信息安全内容整理. 谢谢 * Expand on definition and use of “security attack”, as detailed above. See Stallings Table 1.1 for definitions of threat and attack. * The simplest form of multiple encryption has two encryption stages and two keys - Double-DES. Have concern that there might be a single key that is equivalent to using 2 keys as above, not likely but only finally proved in 1992. More seriously have the “meet-in-the-middle” attack, first described by Diffie in 1977. It is a known plaintext attack (ie have know pair (P,C), and attempts to find by trial-and-error a value X in the “middle” of the double-DES encryption of this pair, and chances of this are much better at O(2^56) th
文档评论(0)