A Linux port of the OpenBSD/FreeBSD Cryptographic Framework (OCF). This port aims to bring full asynchronous HW/SW crypto acceleration to the Linux kernel, OpenSwan, OpenSSL and applications using DES, 3DES, AES, MD5, Sha, PublicKey, RNGs and more.
Digital Signature Algorithm (DSA)是Schnorr和ElGamal簽名算法的變種,被美國NIST作為DSS(DigitalSignature Standard)。算法中應用了下述參數:
p:L bits長的素數。L是64的倍數,范圍是512到1024;
q:p - 1的160bits的素因子;
g:g = h^((p-1)/q) mod p,h滿足h < p - 1, h^((p-1)/q) mod p > 1;
x:x < q,x為私鑰 ;
y:y = g^x mod p ,( p, q, g, y )為公鑰;
H( x ):One-Way Hash函數。DSS中選用Sha( Secure Hash Algorithm )。
p, q, g可由一組用戶共享,但在實際應用中,使用公共模數可能會帶來一定的威脅。簽名及驗證協議如下:
1. P產生隨機數k,k < q;
2. P計算 r = ( g^k mod p ) mod q
s = ( k^(-1) (H(m) + xr)) mod q
簽名結果是( m, r, s )。
3. 驗證時計算 w = s^(-1)mod q
u1 = ( H( m ) * w ) mod q
u2 = ( r * w ) mod q
v = (( g^u1 * y^u2 ) mod p ) mod q
若v = r,則認為簽名有效。
DSA是基于整數有限域離散對數難題的,其安全性與RSA相比差不多。DSA的一個重要特點是兩個素數公開,這樣,當使用別人的p和q時,即使不知道私鑰,你也能確認它們是否是隨機產生的,還是作了手腳。RSA算法卻作不到。
This project demonstrates the use of secure hash functions technique
to implement a file encryption / decryption system.
This implemented application can encrypt / decrypt multiple files
on the fly using a password. The password supplied by the user
is used as the source message from which the hash code (key) is
generated using the Sha algorithm. Then this key is used to
enctypted the data in the file(s). This key is stored in the
encrypted file along with the encrypted data.
This project demonstrates the use of secure hash functions technique
to implement a file encryption / decryption system.
This implemented application can encrypt / decrypt multiple files
on the fly using a password. The password supplied by the user
is used as the source message from which the hash code (key) is
generated using the Sha algorithm. Then this key is used to
enctypted the data in the file(s). This key is stored in the
encrypted file along with the encrypted data.
