先进加密标准
目前大家还热衷于传统的DES、3DES、Blowfish等加密算法,可是我看到的资料表明:在芯片技术和计算技术高速发展的今天,它们越来越不适应安全需求。1997年9月美国标准技术研究机构NIST提出了征求新的加密标准——AES (Advanced Encryption Standard)的建议,作为一种取代DES的二十世纪加密标准技术。这种算法执行速度快且易于设计。下面是小编为您收集整理的先进加密标准,供大家参考!
先进加密标准
Advanced Encryption Standard
For the past three years,the National Institute of Standards and Technology (NIST) has been working to develop a new encryption standard to keep government information secure.The organization is in the final stages of an open process of selecting one or more algorithms,or data-scrambling formulas,for the new Advanced Encryption Standard (AES) and plans to make adecision by late summer or early fall.The standard is slated to go into effect next year.
AES is intended to be a stronger,more efficient successor to Triple Data Encryption Standard(3DES),which replaced the aging DES,which was cracked in less than three days in July 1998.
“Until we have the AES,3DES will still offer protection for years to come.So there is no need to immediately switch over,”says Edward Roback, acting chief of the computer security division at NIST and chairman of the AES selection committee.“What AES will offer is a more efficient algorithm.It will be a federal standard,but it will be widely implemented in the IT community.”
According to Roback,efficiency of the proposed algorithms is measured by how fast they can encrypt and decrypt information,how fast they can present an encryption key and how much information they can encrypt.
The AES review committee is also looking at how much space the algorithm takes up on a chip and how much memory it requires.Roback says the selection of a more efficient AES will also result in cost savings and better use of resources.
“DES was designed for hardware implementations,and we are now living in a world of much more efficient software,and we have learned an awful lot about the design of algorithms,”says Roback.“When you start multiplying this with the billions of implementations done daily,the saving on overhead on the networks will be enormous.”
The process of selecting the algorithm for AES has been notable for its openness and transparency.This is a marked departure from the government's past inclination toward secrecy in discussing encryption standards,which led to the public cracking of DES after critics questioned the government's assertion that the standard was still secure.
NIST kicked off the selection process in September 1997.Conferences were held in August 1998 and March 1999; cryptographers from around the world discussed the algorithm candidates and helped narrow the list to 15 and then to five finalists: IBM's MARS; RSA Laboratories* RC6; Joan Daemen and Vincent Rijmen's Rijndael; Ross Andersen,Eli Baham and Lars Knudsen's Serpent; and Counterpane Labs* Twofish.
While most evaluators of the algorithms want to avoid complexity by selecting one to serve as a standard,there's a minority that wants to select more than one.
在过去三年中,(美国)国家标准与技术局(NIST)已在研究开发一种新的加密标准,以确保政府的信息安全。该组织目前正处于为新的先进加 密标准(AES)选择一龌蚣父鏊惴ɑ蚴?荽蚵夜?降目?殴?痰淖詈蠼锥危?⒓苹?谙哪┗蚯锍踝鞒鼍龆ā4吮曜寄诙?髂晔凳??/p>
AES预定为比三层数据加密标准(3DES)更强、更高效的后续标准,3DES替代了老化的DES加密标准,DES在1998年7月在不到三天的时间内就 被破译了。
NIST计算机安全部的代理主管兼AES选择委员会主席Edward Roback说 :“在我们拥有AES之前,3DES还将在今后几年提供保护。所以没有必要马上转换。AES所提供的是一种更有效的算法。它将是一项联邦标准,但它将在IT界 广泛实施。”
据Roback称,提议中的算法的效率是通过对信息加密和解密有多快、给出加密密钥有多快以及能对多少信息加密等几个方面进行测量的。
AES评价委员会也要看算法占据芯片上多少空间和需要多少内存。Roback说,选择一个更高效的AES也会带来成本的节省和资源的更好利用。
Roback说:“DES是为硬件实现而设计的,而我们现在处于软件更高效的世界,我们对算法的设计有极多的了解。当我们开始大规模使用此算法,每天实现几十亿次的加密时,(算法带来的)网络开销的节省将是巨大的。”
为AES选择算法的过程是以其公开性和透明度称著。这标志着政府从以往讨论加密标准时倾向于保密的做法一刀两断,它导致了政府在断言DES 标准仍是安全时被公开破译。
NIST在1997年9月开始这个选择过程。1998年8月和 1999年3月召开了会议,来自全世界的密码专家讨论了候选的算法,帮助把算法缩小到15 个,最后到了5个:IBM的MARS算法,RSA实验室的RC6算法、Joan Daemen和Vincent Rijmen两人的Rijndael算法、Eli Baham和Lars Knudsen两人的Serpent算法以及Counterpane 实验室的Twofish算法。
大多数算法鉴定者都选择一个作标准以避免复杂性,但也有一小部分人要选择多个算法。
数据通信系统
Data Communication Systems
There are five basic types of data communication system:
Off-line data transmission is simply the use of a telephone or similar link to transmit data without involving a computer system.The equipment used at both ends of such a link is not part of a computer, or at least does not immediately make the data available for computer process, that is, the data when sent and/or received are 'off-line'. This type of data communication is relatively cheap and simple.
Remote batch is the term used for the way in which data communication technology is used geographically to separate the input and /or output of data from the computer on which they are processed in batch mode.
On-line data collection is the method of using communications technology to provide input data to a computer as such input arises-the data are then stored in the computer(say on a magnetic disk)and processed either at predetermined intervals or as required.
Enquiry-response systems provide, as the term suggests, the facility for a user to extract information from a computer.The enquiry facility is passive, that is, does not modify the information stored.The interrogation may be simple, for example, 'RETRIEVE THE RECORD FOR EMPLOYEE NUMBER 1234' or complex.Such systems may use terminals producing hard copy and /or visual displays.
Real-time systems are those in which information is made available to and processed by a computer system in a dynamic manner so that either the computer may cause action to be taken to influence events as they occur(for example as in a process control application)or human operators may be influenced by the accurate and up-to-date information stored in the computer, for example as in reservation systems.
有五种基本的数据通信系统:
脱机数据传输是简单地利用电话或类似的链路来传输数据,不包括计算机系统。这样一条链路两端所使用的设备不是计算机的部件,或至少不是立刻把数据提供给计算机处理,即数据在发送或接收时是脱机的。这种数据通信相对来说比较便宜和简单。
远程批处理一词适用于这样一种方法:采用数据通信技术来使数据的输入和输出在地理上远离按批处理模式处理处理它们的计算机。
联机数据收集指的是用数据通信技术来向计算机即时提供刚产生的输入数据这种方法。数据于是存储在计算机里(比如磁盘上),并按预定时间间隔或者根据需要进行处理。
询问——应答系统,顾名思义,是为用户提供从计算机提取信息的功能。询问功能是被动的。也就是说,它不修改所存储的信息。提问可以很简单,例如:"检索雇员号码为1234的记录"也可以是复杂的。这类系统可能要使用能产生硬拷贝和(或)可视显示的终端。
实时系统是这样一类系统,其中计算机系统是在动态情况下取得和处理信息,以便可使计算机采取动作来影响正在发生的事件(比如在过程控制应用中)或者可通过存储在计算机里的准确且不断更新的信息来影响人(操作员),比如在预售系统中。