本文共 11003 字,大约阅读时间需要 36 分钟。
隐私专家照片模拟还用调整
As the name suggests, Pretty Good Privacy (or PGP) is an encryption program that actually provides pretty good privacy. The “pretty good” bit is meant to be a bit of an ironic understatement. It has been one of the dominant forms of end-to-end encryption for email communications after its development by Phil Zimmermann in 1991. It became increasingly popular after its use by whistleblower Edward Snowden.
顾名思义,Pretty Good Privacy(PGP)是一个加密程序,实际上提供了很好的隐私。 “相当不错”的意思是有点讽刺的轻描淡写。 自1991年由Phil Zimmermann发明以来,它一直是电子邮件通信端到端加密的主要形式之一。在举报人Edward Snowden的使用下,它变得越来越流行。
PGP provides two things essential for a secured communication:
PGP提供了两点对安全通信至关重要:
Confidentiality: Provided through the use of symmetric block encryption, compression using the ZIP algorithm, and E-Mail compatibility using the radix64 encoding scheme
机密性:通过使用对称块加密,使用ZIP算法的压缩以及使用radix64编码方案的电子邮件兼容性来提供
Authentication: Provided through the use of digital signatures
身份验证:通过使用数字签名提供
Without further ado, let us get to the workings of PGP.
事不宜迟,让我们开始PGP的工作。
I will be explaining the concept of PGP from the point of view of the implementation in the context of Alice (the sender) and Bob (the receiver). We will be using the following algorithms:
我将从Alice(发送方)和Bob(接收方)的上下文中的实现角度解释PGP的概念。 我们将使用以下算法:
You can use other algorithms as well. (I know DES is too old to be used but the goal here is to understand the concept of PGP.)
您也可以使用其他算法。 (我知道DES太旧了,无法使用,但是这里的目标是了解PGP的概念。)
Alice and Bob both generate their pair of keys (Public and Private Keys) using the RSA algorithm. Public keys of Alice and Bob should be known to each other.
Alice和Bob都使用RSA算法生成一对密钥(公共密钥和专用密钥)。 Alice和Bob的公钥应该是彼此已知的。
Alice’s / Sender’s Side:
爱丽丝(Alice)/发件人侧(Sender's Side):
The whole message is sent as an array of strings (String finalmessage[]
) which contains the following at indices:
整个消息以字符串数组( String finalmessage[]
)的形式发送,其中的索引处包含以下内容:
0: Compressed message M which is encrypted with the SecretKey
0:使用SecretKey加密的压缩消息M
1: Digitally signed hash EH which is then compressed and encrypted with the SecretKey
1:经过数字签名的哈希EH,然后使用SecretKey对其进行压缩和加密
2: Output of step 7
2:步骤7的输出
Bob’s / Receiver’s Side:
鲍勃/接收方:
Bob will first decrypt the SecretKey of DES with his Private Keys. The inputs to RSA algorithm for this will be Private Keys of Bob and finalmessage[2]
. The output from RSA will give Bob the SecretKey.
Bob首先将使用其私钥解密DES的SecretKey。 为此,RSA算法的输入将是Bob的finalmessage[2]
和finalmessage[2]
。 RSA的输出将为Bob提供SecretKey。
This SecretKey will now act as one of the inputs to DES decryption algorithm for decryption of finalmessage[0]
and finalmessage[1]
. These two will also act as the inputs to DES decryption algorithm. The output of this step will be decrypted version
of finalmessage[0]
and finalmessage[1]
.
现在,此SecretKey将充当DES解密算法的输入之一,以解密finalmessage[0]
和finalmessage[1]
。 这两个也将充当DES解密算法的输入。 此步骤的输出将是finalmessage[0]
和finalmessage[1]
decrypted version
。
From the output of the above step, we will get the digitally signed hash and the original message M. We will verify whether the hash was signed by Alice. For this, we will calculate the hash of the original message M by using SHA-512 (calculated_hash
). We will also decrypt the digitally signed hash with the public keys of Alice by using RSA.(Inputs to RSA: digitally signed hash and public keys of Alice and Output from RSA: decrypted_hash
).
从以上步骤的输出中,我们将获得经过数字签名的哈希和原始消息M。我们将验证哈希是否由Alice签名。 为此,我们将使用SHA-512( calculated_hash
) calculated_hash
原始消息M的哈希。 我们还将使用RSA使用Alice的公钥来解密数字签名的哈希(RSA的输入:Alice的数字签名的哈希和Alice的公钥以及RSA的输出: decrypted_hash
)。
Compare the decrypted_hash
and calculated_hash
. If they turn out to be the same, then authentication is achieved which means that the message was indeed sent by Alice.
比较decrypted_hash
和calculated_hash
的decrypted_hash
。 如果结果相同,那么将实现身份验证,这意味着该消息确实是由爱丽丝发送的。
The following is the simulation of PGP done in the simplest way using Java.
以下是使用Java以最简单的方式对PGP进行的模拟。
import java.util.*;import java.math.*;import javax.crypto.Cipher;import java.security.*;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import java.io.BufferedReader;import java.io.ByteArrayInputStream;import java.io.ByteArrayOutputStream;import java.io.IOException;import java.io.InputStreamReader;import java.util.zip.GZIPInputStream;import java.util.zip.GZIPOutputStream;import javax.crypto.spec.*;public class PGP{static Cipher ecipher, dcipher;//Required for DESpublic static void main(String args[]) throws Exception{ //Generating sender keys KeyPair senderkeyPair = buildKeyPair(); PublicKey senderpubKey = senderkeyPair.getPublic(); PrivateKey senderprivateKey = senderkeyPair.getPrivate(); //Generating receiver keys KeyPair receiverkeyPair = buildKeyPair(); PublicKey receiverpubKey = receiverkeyPair.getPublic(); PrivateKey receiverprivateKey = receiverkeyPair.getPrivate(); //Sending both public keys and private keys for choice of digital signature or normal assymetric encryption String messagetoreceiver[] = senderside(senderpubKey, senderprivateKey, receiverpubKey, receiverprivateKey); receiverside(messagetoreceiver, senderpubKey, senderprivateKey, receiverpubKey, receiverprivateKey); }public static void receiverside(String messagetoreceiver[], PublicKey senderpubKey, PrivateKey senderprivateKey, PublicKey receiverpubKey, PrivateKey receiverprivateKey) throws Exception { //Receiver receives the message messagetoreceiver[] with messagetoreceiver[2] as secret key encrypted with receiver pub key //Receiver decrypts the messagetoreceiver[2] with his/her privatekey String receiverencodedsecretkey = decrypt(receiverpubKey, receiverprivateKey, messagetoreceiver[2], 1); //Key after decryption is in base64 encoded form byte[] decodedKey = Base64.getDecoder().decode(receiverencodedsecretkey); SecretKey originalKey = new SecretKeySpec(decodedKey, 0, decodedKey.length, "DES"); System.out.println("\nReceiver Side: Receiver SecretKey DES after Decryption with his/her Private Key=\n"+originalKey.toString()); //Decrypt the rest of the message in messagetoreceiver with SecretKey originalKey String receiverdecryptedmessage[] = new String[messagetoreceiver.length-1]; System.out.println("\nReceiver Side: Message After Decryption with SecretKey="); for (int i=0;iDigital Signature String encryptedprivhash = encrypt(senderpubKey, senderprivateKey, hashout, 0); System.out.println("\nSender Side: Hash Encrypted with Sender Private Key (Digital Signature)=\n"+ encryptedprivhash); //Append original message and encrypted hash String beforezipstring[] = {rawinput, encryptedprivhash}; System.out.println("\nSender Side: Message before Compression=\n"+beforezipstring[0]+beforezipstring[1]); //Apply zip to beforezipbytes[][] String afterzipstring[] = new String[beforezipstring.length]; System.out.println("\nSender Side: Message after Compression="); for (int i=0;i encryptwithprivatekey 1->encryptwithpublickeypublic static String encrypt(PublicKey publicKey, PrivateKey privateKey, String message, int ch) throws Exception { Cipher cipher = Cipher.getInstance("RSA"); if (ch == 0) { cipher.init(Cipher.ENCRYPT_MODE, privateKey); byte[] utf8 = cipher.doFinal(message.getBytes("UTF-8")); return new sun.misc.BASE64Encoder().encode(utf8); } else { cipher.init(Cipher.ENCRYPT_MODE, publicKey); byte[] utf8 = cipher.doFinal(message.getBytes("UTF-8")); return new sun.misc.BASE64Encoder().encode(utf8); } }//n: 0->decryptwithpublickey 1->decryptwithprivatekeypublic static String decrypt(PublicKey publicKey,PrivateKey privateKey, String st, int ch) throws Exception { Cipher cipher = Cipher.getInstance("RSA"); byte[] encrypted = new sun.misc.BASE64Decoder().decodeBuffer(st); if (ch == 0) { cipher.init(Cipher.DECRYPT_MODE, publicKey); byte[] utf8 = cipher.doFinal(encrypted); return new String(utf8, "UTF8"); } else { cipher.init(Cipher.DECRYPT_MODE, privateKey); byte[] utf8 = cipher.doFinal(encrypted); return new String(utf8, "UTF8"); } }}
We have used the base64 encoding scheme which is similar to radix64 that is used in PGP.
我们使用了base64编码方案,该方案类似于PGP中使用的radix64。
Note:
注意:
Please follow, clap and share. Comment for any mistakes or improvements or suggestions. You can even follow me on .
请关注,鼓掌和分享。 评论任何错误,改进或建议。 您甚至可以在关注我。
翻译自:
隐私专家照片模拟还用调整
转载地址:http://mbwzd.baihongyu.com/