Location>code7788 >text

public and private keys

Popularity:650 ℃/2024-11-13 20:57:30

I. Purpose of the experiment

Knowledge of programming methods for generating public key pairs

Knowledge of programming methods for generating public key encryption/decryption

II. Experimental scenarios

The simulation implements the encrypted communication process for 128-bit messages.

The experimental subject contains three parties: A, B, and C.

In this case, a 128-bit message is securely exchanged between A and B. Such an exchange of information is realized by means of a public key cryptographic algorithm.

The third party C is responsible for generating a pair of public-private key pairs for each of A and B, and passes the corresponding private keys to A and B respectively, and makes their public keys public.

When A sends a message to B, A encrypts it with B's public key, and after the encrypted message is sent to B, B decrypts it with its own private key, thus obtaining the message that A sends to B.

III. Experimental steps

0 Implement functions owned by A, B, and C respectively; define the public key system environment configuration;

1 Write a program to generate a pair of public keys;

2 Generate 128-bit information for the experiment;

3 Design the program that generates the public key encryption/decryption of the above information;

IV. Exploratory Steps for Messaging and Public Key Distribution

Design a client-server program that implements 128-bit message delivery and the distribution of public and private keys.

V. Experimental reflections

1 What are the applications of public key cryptographic algorithms?

2 In practice, how are public keys transmitted and how is the identity of the public key owner determined?

Description:

1 Programming language arbitrary

2 You can use existing public key cryptography libraries.

Experimental content

1、For this experiment I used socket programming to realize the interaction between the server side and the client side.

C, as the server, is responsible for generating public-private key pairs, publicizing the client's public key, and passing the private key to clients A and B. Although the public key is publicized here, I have still carried out the passing of the public key here to facilitate the interaction between A and B at a later stage.

C binds the port of localhost, uses the listen function to start listening, and applies the accept function to receive the message transmitted by the client, and establishes contact with clients A and B respectively.

Server C generates public and private keys.

After that, the send function is used to transmit the public and private keys.

In this experiment, the transmission process of the public key was directly adopted at the beginning, str(publickey).encode(encoding="utf-8"), but in this case, the public key after the transmission was not used for encryption, and in this process, a bug has been appearing The

Later I used pickle serialization, still can't encrypt it with public key, still hot like below:

I ended up using pickle plus a hash function, in which case the public key could finally be encrypted successfully. I looked up a lot of information on why this problem occurs and never had a definitive answer. But the use of a hash function ensured the integrity of the data.

2、B is responsible for receiving the public-private key pair generated by C for B. Considering that B has to transmit the public key to A, as well as receive messages from A, B should be a client of C and a server of A.

So when designing, I designed B as two threads in parallel, and I divided B into two parts: RecvData and Recvmsg.

RecvData is used as a tool to receive the public and private keys when C transmits them, and to ensure that the public key can be transmitted to A, as well as to decrypt the message, it is necessary to set the public and private keys as global variables.

Recvmsg re-calls the socket program, binds the port, and treats it as a server waiting for A to connect, and when A establishes a connection, B passes its public key to A, waits for A to transmit the message encrypted with the public key, and then B decrypts the message with its private key. (The red box is the decryption process)

3、Client A is responsible for receiving the public-private key pair it owns from C, sending a message to B, receiving B's public key, and using it for encryption. Along these lines, A is also two threads in parallel, with two functions set up, Recvmsg(), Sendmsg().

Recvmsg(), A acts as a client of C for receiving public-private key pairs. (The idea here is the same as for B)

Sendmsg(), this function is responsible for the interaction between A and B. A, as the client of B, receives the public key from B, encrypts it using B's public key, and sends the encrypted message to B. (The second red box shows the encryption process. (The second red box is the encryption process)

Here the 128 bit message is generated, the os library is utilized to generate a 16byte message, which is 128 bits.

4. Run the screenshot:

 

After running the C program and then running the programs for b and a, C generates the public and private keys, respectively, and transmits them.

After B receives the public and private keys:

 

After A receives the public and private keys:

 

B starts listening, establishes a connection with A, and communicates:

Communication between A and B:

5. Experimentation and reflection

(1) Application of public key cryptographic algorithms:

① Encryption/Decryption: the sender encrypts the message with the public key of the receiver.

② Digital Signature: the sender signs the message with his private key. The signature can be generated either by encrypting the whole message or by encrypting a small block of data of the message, where the small block is a function of the whole message.

(iii) Key exchange: the exchange of session keys between two communicating parties. There are several different methods of key exchange, all of which use the private keys of one or both of the communicating parties.

(2) A public key system requires a trusted and independent third-party organization to act as a Certification Authority (CA) to confirm the true identity of the person claiming to have the public key.

To confirm a public key, the CA first produces a "digital certificate", which contains part of the user's identity and the public key held by the user, and then the CA uses its own private key to digitally sign the digital certificate.

Any user who wants to issue his own public key can go to the certification center (CA) to apply for his own certificate.CA center in the authentication of the person's real identity, issued by the digital certificate containing the user's public key, which contains the user's real identity, and confirms the validity of the user's public key and the scope of the role of the user (for the exchange of keys or digital signatures). Other users can confirm the user's public key as long as they can verify that the certificate is authentic and trust the CA that issued the certificate.

<Previous