Detailed explanation of encryption principle: symmetric encryption vs asymmetric encryption


1、 Foreword

Before we understand the principle of encryption, let’s take a look at such a story.

Xiaohong and Xiaoming are lovers. One day, Xiaohong sent a text message to Xiaoming and said, “honey, I have no money on my bank card. Please transfer 10000 yuan to me.” People who have been cheated know that it may be the thief who stole Xiaohong’s handbag and sent a text message with his mobile phone. However, we Xiaoming learned the principle of encryption, so he replied, “you can swipe my bank card directly. The password plus the date of our first date is 663156.” Obviously, only Xiao Ming and Xiao Hong know when their first date is. Assuming April 1, 2008, Xiao Hong can get the bank card password according to the calculation of 663156-200841 = 462315, and then she can spend.

This is the essence of encryption. The encrypted information is obtained by adding the information and the key. Only people who know the key can decrypt it.

2、 What is the secret key

Since encryption requires a key, what is the key?

The key is a string of passwords used for encryption. The information is encrypted and transmitted through the key to reach the receiver and listener. Since the receiver also has a key, the receiver can decrypt according to the key. So as to prevent the leakage of communication information.

3、 What is symmetric encryption

The story in the preface is a symmetric encryption. Both Xiao Ming and Xiao Hong know the date of their first date. Therefore, the traditional symmetric encryption requires both sides of the communication to save the same key, which can be used for encryption and decryption. Therefore, asymmetric encryption is also called single key encryption.

The advantage of symmetric encryption is that the encryption and decryption speed is fast, but the security is low. Once the key is leaked, all encrypted information will be cracked. At the same time, the transmission and confidentiality of key have become difficult problems. In order to solve the problem of key transmission, the technology of establishing shared key through key exchange appears. How to establish a shared key? Let’s look down.

3.1 creating shared keys

In the world of Xiao Ming, Xiao Hong and the thief, Xiao Ming has learned the principle of encryption and knows the Diffie Hellman key exchange, so he knows how to establish a shared key.

3.1.1   Pigment mixing trick:

Next, let’s look at how to establish a shared key through the paint mixing trick.

Suppose there are three people in the room, Xiao Ming, Xiao Hong and the thief, each of whom has the same color of paint. There are also these paints in the middle of the room. Next, Xiao Ming will establish a shared key with Xiao Hong. At this time, Xiao Ming said to everyone, “I want to use blue.” Then Xiao Ming chooses yellow from his own paint. This yellow is Xiao Ming’s private key. Xiao Hong and the thief don’t know. After Xiaoming mixes his private key yellow with his public key blue, he gets a color that cannot be decomposed. Let’s call it “Xiaoming blue” (although we all know that Yellow + blue turns green, here we still call it by name and public key color in order to know whose mixed color it is), and then Xiaoming publishes “Xiaoming blue”. Similarly, after hearing that Xiaoming said to use blue, Xiaohong also chose to mix her private key red with public key blue to get “Xiaohong blue” and publish it.

At this time, Xiao Ming, Xiao Hong and the thief in the room all know some information.

1. They all use blue

2. Xiao Ming announced “Xiao Ming – Blue” (Xiao Hong and the thief don’t know what pigment is mixed with blue)

3. Xiaohong announced “Xiaohong blue” (Xiaohong and the thief don’t know what pigment is mixed with blue)

Next, it’s time to witness the miracle. Xiao Ming gets the “little red blue” mixed with his private key “yellow” to get the new pigment of “little red blue Xiao Ming”. Similarly, Xiaohong gets “Xiaoming blue” and mixes it with her private key “red” to get “Xiaoming blue Xiaohong”. Did you find out“ As like as two peas, the other is the same color. The thief didn’t know the color of Xiao Ming and Xiao Hong and couldn’t mix the same color with them.

At this point, the shared key is established. After understanding the establishment process of shared key, we will bid farewell to entity pigment and adopt digital method to establish shared key.

Note:You may have thought that thieves can mix their own pigments with “blue” and try to get “Xiaoming blue” and “Xiaohong blue”. This method is called exhaustive method, that is to try all the possibilities and crack the information. Therefore, encryption algorithms can be cracked by exhaustive method in theory, but in fact, supercomputers need to calculate trillions of years to enumerate all the possibilities.

3.1.2   Multiplication trick:

First, let’s assume that multiplication, like pigment mixing, cannot be decomposed. Let’s see how to use multiplication to establish a shared key with numbers.

Xiaoming discloses a number 5, then Xiaoming selects a private number 4, and then uses multiplication to mix the two to get “xiaoming-5” (20). Next, Xiaohong also selects a private number 7 to get “xiaohong-5” (35). Xiaoming gets 35 * 4 = 140 and Xiaohong gets 20 * 7 = 140. Shared key establishment completed.

We also found that after the thief knew the three numbers 20, 35 and 5, he could calculate the private keys of Xiao Ming and Xiao Hong by division. So next, we’ll learn how to use multiplication tricks to prevent the private key from being calculated.

three point two   Diffi Herman key exchange algorithm

We all know power operation, but it is difficult for computers to calculate. Therefore, we will use power operation as a multiplication trick to establish a shared key. At the same time, we also need to understand the principle of clock calculation. The clock here can be understood as the clock we often see. The maximum of our common clock is 12. If it is 10 o’clock at present, it will become 2 o’clock in the afternoon after 4 hours. That is, (10 + 4) mod12 = 2. After understanding the clock calculation and power operation, let’s get to the point.

It is also the room of Xiao Ming, Xiao Hong and the thief. Xiao Ming declares that the clock is 11 and the bottom of the power operation is 2. Next, Xiao Ming and Xiao Hong choose their own private keys 4 and 7 respectively.

First step, Xiao Ming gets by mixing his “Xiao ming-11,2” and Xiao Hong gets by mixing his “Xiao hong-11,2”.

Step 2, Xiaoming gets “xiaohong-11,2” (7) for calculation, and Xiaohong gets “xiaoming-11,2” (5) for calculation.

Have you noticed that Xiaoming and Xiaohong have established a shared key 3, and the thief cannot calculate the key or Xiaoming Xiaohong’s private key according to the known numbers 11, 2, 5 and 7. With the shared key, Xiao Ming and Xiao Hong can carry out encrypted transmission safely.

Detailed explanation of encryption principle: symmetric encryption vs asymmetric encryption

three point three   AES symmetric encryption process

The full name of AES is advanced encryption standard. It is the most popular symmetric encryption algorithm with fast encryption and decryption speed. AES supports 128 bit, 192 bit and 256 bit keys. The longer the key, the higher the security. AES encryption will cut the plaintext into many small blocks of plaintext, then encrypt each plaintext separately, transmit the encrypted ciphertext, and then the receiver will cut and decrypt the ciphertext to obtain the plaintext.

As shown in the figure below:

Detailed explanation of encryption principle: symmetric encryption vs asymmetric encryption

In the previous step, Xiaoming and Xiaohong have negotiated key 3. Then you can communicate through symmetric encryption.

In Xiaoming, Xiaohong and the thief’s room, Xiaoming wants to tell Xiaohong the password “462315”, so:

Step 1: divide the password according to the length of one bit (in practice, it is usually divided according to 128 bits); It becomes “4”, “6”, “2”, “3”, “1” and “5”;

Step 2: encrypt each piece of plaintext through key 3. The result is “795648”. Then Xiaoming tells Xiaohong and the thief: “my password is 795648”;

Step 3: after Xiaohong gets the ciphertext, she cuts the ciphertext into pieces, decrypts each piece through key 3, and gets the correct password “462315”. Because the thief doesn’t know the key, he can’t decrypt the correct information.

4、 What is asymmetric encryption

In symmetric encryption, the same key is used for encryption and decryption. Therefore, in asymmetric encryption, encryption and decryption use different keys. The key in asymmetric encryption is divided into public key and private key. As the name suggests, the public key is public. Anyone can encrypt information through the public key, but only the person who uses the user’s private key can decrypt the information. Asymmetric encryption brings a benefit and avoids the pain that symmetric encryption needs to transmit and save the same key.

Now the most popular asymmetric encryption algorithm is RSA encryption algorithm. How to do it? Let’s continue to look.

four point one   AES symmetric encryption process

Wikipedia explains this: RSA encryption algorithm is aAsymmetric encryption algorithm, inPublic key encryptionandElectronic commerceIs widely used in. RSA is byRon Rivest (Ron Rivest)、ADI Samore(ADI Shamir) andLeonard Adleman (Leonard Adleman) in 1977. All three of them were thereMITWork. RSA is made up of the first letters of their surnames.

Previously, we talked about how to establish an irreversible shared key through clock calculation and power function (the computer can calculate the private key through exhaustive method, and even the supercomputer has to calculate for trillions of years in the actual scene). Because Xiaohong is Xiaoming’s girlfriend, Xiaoming tells her the principle of RSA encryption algorithm in front of Xiaohong every day, so Xiaohong also knows how to get her public key and private key. Next, let’s follow Xiaohong’s footsteps and see how the RSA encrypted public key and private key are calculated.

Step 1: Xiao Hong selects two large prime numbers P and Q. here, for ease of calculation, select 2 and 11;

Step 2: calculate the product of P and Q, n = P * q = 2 * 11 = 22;

Part III: calculate the Euler function of n φ( n)=(p-1)*(q-1)=10;

Step 4: select a less than φ( n) And with φ( n) Coprime integer e, {1,3,7,9}, here e = 7;

Step 5: calculate e for φ( n) Modular inverse element (ED mode) φ( n) = 1)d,d=3

Here, Xiao Hong gets his own public key (n, e) and private key (n, d). Where n is the size of the clock and E and D are powers of the power function. Next, encrypt and decrypt the data through the calculated public key and private key.

Xiao Ming, Xiao Hong and the thief are still three people. Xiao Hong told everyone that my public key is (22,7). After Xiao Ming knew Xiao Hong’s public key, he wanted to tell Xiao Hong his information “14”, so he encrypted it with Xiao Hong’s public key.

The specific steps are as follows:

Step 1: Xiao Ming calculates according to the information 14 to be encrypted, obtains the encrypted information 20, and then tells Xiao Hong and the thief 20;

Step 2: Xiaohong has her own private key, decrypts the encrypted information 20, and obtains the information Xiaoming wants to pass to Xiaohong. The thief knows 22,7,20, but doesn’t know Xiaohong’s key (22,3), so he can’t decrypt the correct information.

RSA encryption algorithm also plays a great role in digital signature. Suppose the thief can fake Xiaohong and say that Xiaohong’s public key is (22,9), but Xiaoming doesn’t know that it is the thief. After encrypting according to the thief’s public key, the result is decrypted by the thief. The function of digital signature is to prevent information from being tampered with. Xiaohong says that her public key is (22,7). At the same time, she uses the private key to add a signature to this information (usually using the MD5 value to calculate the signature). Xiaoming obtains the public key (22,7) and signature 13. After receiving the signature, Xiaoming uses the public key to calculate whether the information has been tampered with.

Detailed explanation of encryption principle: symmetric encryption vs asymmetric encryption

5、 Practical role of encryption

This paper uses a small number to explain the encryption principle, so that readers can calculate conveniently. In practical use, (n, e) is a particularly large number, in which the length of n is more than 768, and the length of 1024 is considered to be basically safe.


6、 Summary

Finally, first of all, through an example of fraudulent SMS, we lead to the principle of encryption is information + key, and the key is a string of numbers for encrypting and decrypting information. Then it demonstrates how to establish a shared key through the image of pigment mixing trick. In the process of using multiplication to establish the shared key, we learned the clock operation and power operation. Then we understood the process of RSA encryption algorithm, and generated the public key and private key through two prime numbers. Finally, we encrypted the information according to the public key, and then decrypted the information through the private key.

7、 Write at the end

Perhaps seeing here, we still have many doubts in our hearts. Why can Xiao Ming and Xiao Hong get the same shared key through several power operations and clock calculations when they establish a shared key? Why does RSA encryption algorithm use two prime numbers? Why can information encrypted by public key be unlocked by private key?

Behind the encryption algorithm, there are fascinating mathematical problems. The reason why RSA encryption algorithm is widely used is that it is an ancient mathematical problem called Integer Decomposition. You can easily find two large prime numbers to multiply to get a result n, but it becomes extremely difficult to decompose the result n back to two prime numbers. Although this so-called “integer decomposition” problem has been studied for centuries, no one can find a sufficiently efficient general method to solve it and endanger the standard RSA clock size.

The history of mathematics is full of unsolved problems. Although these charming problems lack any practical application, their aesthetic characteristics alone attract mathematicians to explore deeply. Surprisingly, many of these fascinating but apparently useless problems later have great practical value, which can only be solved after centuries of research. The problem of integer decomposition has a long history. The earliest serious research on it seems to have been carried out by mathematicians Fermat and Mersenne in the 17th century. Euler and Gauss also contributed to this problem in the next century. However, until the invention of public key encryption in the 1970s, the difficulty of decomposing large numbers became the key to practical application.

8、 References

1.RSA algorithm principle

2.RSA encryption

3.RSA encryption algorithm

4. Nine algorithms to change the future

Author: vivo Internet server team – Deng Qian

Recommended Today

The selector returned by ngrx store createselector performs one-step debugging of fetching logic

Test source code: import { Component } from ‘@angular/core’; import { createSelector } from ‘@ngrx/store’; export interface State { counter1: number; counter2: number; } export const selectCounter1 = (state: State) => state.counter1; export const selectCounter2 = (state: State) => state.counter2; export const selectTotal = createSelector( selectCounter1, selectCounter2, (counter1, counter2) => counter1 + counter2 ); // […]