先進加密標準
目前大家還熱衷於傳統的DES、3DES、Blowfish等加密演算法,可是我看到的資料表明:在晶片技術和計算技術高速發展的今天,它們越來越不適應安全需求。1997年9月美國標準技術研究機構NIST提出了徵求新的加密標準——AES (Advanced Encryption Standard)的建議,作為一種取代DES的二十世紀加密標準技術。這種演算法執行速度快且易於設計。下面是小編為您收集整理的先進加密標準,供大家參考!
Advanced Encryption Standard
For the past three years,the National Institute of Standards and Technology (NIST) has been working to develop a new encryption standard to keep government information organization is in the final stages of an open process of selecting one or more algorithms,or data-scrambling formulas,for the new Advanced Encryption Standard (AES) and plans to make adecision by late summer or early standard is slated to go into effect next year.
AES is intended to be a stronger,more efficient successor to Triple Data Encryption Standard(3DES),which replaced the aging DES,which was cracked in less than three days in July 1998.
“Until we have the AES,3DES will still offer protection for years to there is no need to immediately switch over,”says Edward Roback, acting chief of the computer security division at NIST and chairman of the AES selection committee.“What AES will offer is a more efficient will be a federal standard,but it will be widely implemented in the IT community.”
According to Roback,efficiency of the proposed algorithms is measured by how fast they can encrypt and decrypt information,how fast they can present an encryption key and how much information they can encrypt.
The AES review committee is also looking at how much space the algorithm takes up on a chip and how much memory it ck says the selection of a more efficient AES will also result in cost savings and better use of resources.
“DES was designed for hardware implementations,and we are now living in a world of much more efficient software,and we have learned an awful lot about the design of algorithms,”says Roback.“When you start multiplying this with the billions of implementations done daily,the saving on overhead on the networks will be enormous.”
The process of selecting the algorithm for AES has been notable for its openness and is a marked departure from the government's past inclination toward secrecy in discussing encryption standards,which led to the public cracking of DES after critics questioned the government's assertion that the standard was still secure.
NIST kicked off the selection process in September erences were held in August 1998 and March 1999; cryptographers from around the world discussed the algorithm candidates and helped narrow the list to 15 and then to five finalists: IBM's MARS; RSA Laboratories* RC6; Joan Daemen and Vincent Rijmen's Rijndael; Ross Andersen,Eli Baham and Lars Knudsen's Serpent; and Counterpane Labs* Twofish.
While most evaluators of the algorithms want to avoid complexity by selecting one to serve as a standard,there's a minority that wants to select more than one.
在過去三年中,(美國)國家標準與技術局(NIST)已在研究開發一種新的加密標準,以確保政府的資訊保安。該組織目前正處於為新的先進加 密標準(AES)選擇一齷蚣父鏊惴ɑ蚴?荽蚵夜?降目?毆?痰淖詈蠼錐危?⒓蘋?諳哪┗蚯鋶踝鞽鼉齠ā4吮曜寄詼?髂曄凳??/p>
AES預定為比三層資料加密標準(3DES)更強、更高效的後續標準,3DES替代了老化的DES加密標準,DES在1998年7月在不到三天的時間內就 被破譯了。
NIST電腦保安部的代理主管兼AES選擇委員會主席Edward Roback說 :“在我們擁有AES之前,3DES還將在今後幾年提供保護。所以沒有必要馬上轉換。AES所提供的是一種更有效的演算法。它將是一項聯邦標準,但它將在IT界 廣泛實施。”
據Roback稱,提議中的演算法的效率是通過對資訊加密和解密有多快、給出加密金鑰有多快以及能對多少資訊加密等幾個方面進行測量的。
AES評價委員會也要看算法佔據晶片上多少空間和需要多少記憶體。Roback說,選擇一個更高效的AES也會帶來成本的節省和資源的更好利用。
Roback說:“DES是為硬體實現而設計的,而我們現在處於軟體更高效的世界,我們對演算法的設計有極多的瞭解。當我們開始大規模使用此演算法,每天實現幾十億次的加密時,(演算法帶來的)網路開銷的節省將是巨大的。”
為AES選擇演算法的過程是以其公開性和透明度稱著。這標誌著政府從以往討論加密標準時傾向於保密的做法一刀兩斷,它導致了政府在斷言DES 標準仍是安全時被公開破譯。
NIST在1997年9月開始這個選擇過程。1998年8月和 1999年3月召開了會議,來自全世界的密碼專家討論了候選的演算法,幫助把演算法縮小到15 個,最後到了5個:IBM的MARS演算法,RSA實驗室的RC6演算法、Joan Daemen和Vincent Rijmen兩人的Rijndael演算法、Eli Baham和Lars Knudsen兩人的Serpent演算法以及Counterpane 實驗室的Twofish演算法。
大多數演算法鑑定者都選擇一個作標準以避免複雜性,但也有一小部分人要選擇多個演算法。
資料通訊系統
Data Communication Systems
There are five basic types of data communication system:
Off-line data transmission is simply the use of a telephone or similar link to transmit data without involving a computer equipment used at both ends of such a link is not part of a computer, or at least does not immediately make the data available for computer process, that is, the data when sent and/or received are 'off-line'. This type of data communication is relatively cheap and simple.
Remote batch is the term used for the way in which data communication technology is used geographically to separate the input and /or output of data from the computer on which they are processed in batch mode.
On-line data collection is the method of using communications technology to provide input data to a computer as such input arises-the data are then stored in the computer(say on a magnetic disk)and processed either at predetermined intervals or as required.
Enquiry-response systems provide, as the term suggests, the facility for a user to extract information from a enquiry facility is passive, that is, does not modify the information interrogation may be simple, for example, 'RETRIEVE THE RECORD FOR EMPLOYEE NUMBER 1234' or systems may use terminals producing hard copy and /or visual displays.
Real-time systems are those in which information is made available to and processed by a computer system in a dynamic manner so that either the computer may cause action to be taken to influence events as they occur(for example as in a process control application)or human operators may be influenced by the accurate and up-to-date information stored in the computer, for example as in reservation systems.
有五種基本的資料通訊系統:
離線資料傳輸是簡單地利用電話或類似的鏈路來傳輸資料,不包括計算機系統。這樣一條鏈路兩端所使用的裝置不是計算機的部件,或至少不是立刻把資料提供給計算機處理,即資料在傳送或接收時是離線的。這種資料通訊相對來說比較便宜和簡單。
遠端批處理一詞適用於這樣一種方法:採用資料通訊技術來使資料的輸入和輸出在地理上遠離按批處理模式處理處理它們的計算機。
聯機資料收集指的是用資料通訊技術來向計算機即時提供剛產生的輸入資料這種方法。資料於是儲存在計算機裡(比如磁碟上),並按預定時間間隔或者根據需要進行處理。
詢問——應答系統,顧名思義,是為使用者提供從計算機提取資訊的功能。詢問功能是被動的。也就是說,它不修改所儲存的資訊。提問可以很簡單,例如:"檢索僱員號碼為1234的記錄"也可以是複雜的。這類系統可能要使用能產生硬拷貝和(或)可視顯示的終端。
實時系統是這樣一類系統,其中計算機系統是在動態情況下取得和處理資訊,以便可使計算機採取動作來影響正在發生的事件(比如在過程控制應用中)或者可通過儲存在計算機裡的準確且不斷更新的資訊來影響人(操作員),比如在預售系統中。
