【正文】 69 Chapter 6 Base64 Encoding Concept 64進(jìn)制編碼概念 Fig 01010101010101000011000101011111001001… Input bit stream 01010101… 00010101 … 00010101 … Divided into 24bit blocks 010101 010000 111110 001011 Each 24bit divided into four 6bit blocks 01010110 01000011 11111010 00101100 6bit block mapped to 8bit block 70 Chapter 6 Pretty Good Privacy (PGP) 極棒隱私協(xié)議 ? widely used de facto secure 實(shí)際中廣泛使用的安全郵件協(xié)議 ? developed by Phil Zimmermann 由 Phil Zimmermann開(kāi)發(fā) ? selected best available crypto algs to use 采用常用的加密算法實(shí)現(xiàn) 71 Chapter 6 Pretty Good Privacy (PGP) 極棒隱私協(xié)議 ? integrated into a single program 集成為單個(gè)程序 ? available on Unix, PC, Macintosh and Amiga systems 可用于 Unix, PC, Macintosh and Amiga系統(tǒng)中 ? free, now have mercial versions available also 免費(fèi) 72 Chapter 6 Pretty Good Privacy (PGP) 極棒隱私協(xié)議 73 Chapter 6 PGP Security Features PGP的安全特點(diǎn) Fig Pretty Good Privacy (PGP) Encryption Nonrepudiation Message integrity 74 Chapter 6 PGP Operations PGP操作 1. Digital Signature 2. Compression 3. Encryption 4. Enveloping 5. Base 64 encoding 數(shù)字簽名 壓縮 加密 數(shù)字封包 64進(jìn)制編碼 75 Chapter 6 PGP Operations PGP操作 76 Chapter 6 LempelZiv Algorithm (Zip) ZIP Fig What is your name? My name is Atul. Original string 1. A = is 2. B = name Variable creation and assignment What 1 your 2? My 2 1 Atul. Compressed string 77 Chapter 6 78 Chapter 6 Multipurpose Inter Mail Extensions (MIME) 多用途 Inter郵件擴(kuò)充協(xié)議 ? Traditional munication is textonly 傳統(tǒng)的郵件通信僅為文本通信 ? Modern munication demands multimedia (sound, video, pictures, etc) 現(xiàn)代郵件通信要求多媒體 ? Enhancements provided in the form of MIME MIME提供了增強(qiáng)型功能 79 Chapter 6 MIME Extensions to Email 電子郵件的 MIME擴(kuò)展 Fig From: Atul Kahate To: Amit Joshi Subject: Cover image for the book MIMEVersion: ContentType: image/gif Actual image data in the binary form such as R019a0asdjas0 … 80 Chapter 6 S/MIME Content Types S/MIME內(nèi)容類(lèi)型 Type Subtype Description Multipart Signed A clear signed message consisting of the message and the digital signature. Application PKCS7 MIME Signed Data A signed MIME entity. PKCS7 MIME Enveloped Data An enveloped MIME entity. PKCS7 MIME Degenerate Signed Data An entity that contains only digital certificates. PKCS7 Signature The content type of the signature subpart of a multipart/signed message. PKCS10 MIME A certificate registration request. 81 Chapter 6 S/MIME Functionalities S/MIME功能 Fig Functionality Description Enveloped data Consists of encrypted content of any type, and the encryption key encrypted with the receiver’s public key. Signed data Consists of a message digest encrypted with the sender’s private key. The content and the digital signature are both Base64 encoded. Clearsigned data Similar to Signed data. However, only the digital signature is Base64 encoded. Signed and Enveloped data Signedonly and Envelopedonly entities can be bined, so that the Enveloped data can be signed, or the Signed/Clearsigned data can be enveloped. 82 Chapter 6 S/MIME Functionalities S/MIME功能 ? enveloped data – encrypted content and associated keys ? signed data – encoded message + signed digest ? clearsigned data – cleartext message + encoded signed digest ? signed amp。 enveloped data – nesting of signed amp。 encrypted entities 83 Chapter 6 Wireless Security 無(wú)線(xiàn)安全 ? Wireless munication protocols are being popular 無(wú)線(xiàn)通信協(xié)議普及 ? Concerns regarding wireless security are being raised 對(duì)無(wú)線(xiàn)安全的關(guān)注與日俱增 ? How to secure Wireless Application Protocol (WAP)? 如何保證無(wú)線(xiàn)應(yīng)用協(xié)議的安全 84 Chapter 6 Mobile Phone and Inter 移動(dòng)電話(huà)和 Inter Fig Web (Origin) server HTTP Request HTTP Response WAP Request WAP Response WAP Gateway 85 Chapter 6 WAP Security WAP安全 ? Wireless Transport Layer Security (WTLS) 無(wú)線(xiàn)傳輸層安全 ? Similar to SSL in concept 在概念上像 SSL ? Conversions between WTLS and SSL lead to security concerns WTLS與 SSL間的轉(zhuǎn)換導(dǎo)致安全問(wèn)題 86 Chapter 6 WAP Stack WAP堆棧 Fig Application Layer (WAE) Session Layer (WSP) Transaction Layer (WTP) Security Layer (WTLS) Transport Layer (WDP) Physical Layer (Wireless) 87 Chapter 6 WTLS Security WTLS安全 Fig Web (Origin) server WAP Gateway Wireless Operator Network Inter WTLS Security SSL Security WAP Client