🐛
When implementing a cipher, it's useful to have a test vector with the cipher intermediate states (if you get it right the first time, you don't need it; if you get a detail wrong, it makes finding that detail a lot easier).
Julius Caesar is credited with perhaps the oldest known symmetric cipher algorithm. The so-called Caesar cipher — a variant of which you can probably find as a diversion in your local newspaper — assigns each letter, at random, to a number. This mapping of letters to numbers is the key in this simple algorithm.
思路:第一步,从Caesar cipher开始,引入symmetric cipher algorithm这个概念
Modern cipher algorithms must be much more sophisticated than Caesar’s in order to withstand automated attacks by computers. Although the basic premise remains — substituting one letter or symbol for another, and keeping track of that substitution for later — further elements of confusion and diffusion were added over the centuries to create modern cryptography algorithms. One such hardening technique is to operate on several characters at a time, rather than just one.
思路:第二步,随着时间的流逝,symmetric cipher algorithm也在不断的进行演变。
By far the most common category of symmetric encryption algorithm is the block cipher algorithm, which operates on a fixed range of bytes rather than on a single character at a time.
思路:第三步,在当代,symmetric cipher algorithm中最常使用的是block cipher algorithm。
Algorithm --> Language --> implementation
使用哪一个算法(Algorithm)是一回事,而使用哪一种编程语言(Language)编写这个算法是另一回事。那么,即使说确定了使用Java语言,那么,由谁去实现又是另外一回事,它可能是由JDK自己提供的实现,也可能是由BouncyCastle提供的实现,也可能是由我们自己来编写代码实现。
Standard: 强调标准
- NIST: National Institute of Standards and Technology 可以查询DES和AES的文档
Examples: 在写算法的过程中,这些示例可以帮助自己查看自己的程序是否正确
- Cryptographic Standards and Guidelines 这里是NIST网站提供的算法示例,包括Encryption-Block Ciphers(AES、TDES、Skipjack)、Block Cipher Modes(ECB、CBC、CFB、OFB、CTR)、Digital Signatures(DSA、RSA)、Secure Hashing(SHA1/SHA256)、Key Management(ECC)、Random Number Generation、Message Authentication。
Tutorial: Standard可能更专注于“专业术语”,而Tutorial能够帮助人们快速熟悉一些概念、原理
-
Cryptography Tutorials - Herong's Tutorial Examples 这个网站包含的内容很多,我学习过程中的一个好助手
-
Technology 这个网站对加密、数字签名、摘要做一个简要描述,对于整体上把握这些要素还是有帮助的
-
Journey into cryptography 我感觉,这个很有用,只是现在没有办法全部理解
EBook
- Java Security Solutions 这本书虽然是2001年写的,但是我想对于我探究这些安全算法是有帮助的。
- The Handbook of Applied Cryptography
javascript
- Crypto Academy: 这是用javascript来实现各种算法
- MD5/SHA-1 Hash Generator (with steps) 这个显示详细步骤