先進(jìn)加密標(biāo)準(zhǔn)

先進(jìn)加密標(biāo)準(zhǔn)

　　目前大家還熱衷于傳統(tǒng)的DES、3DES、Blowfish等加密算法，可是我看到的資料表明：在芯片技術(shù)和計(jì)算技術(shù)高速發(fā)展的今天，它們?cè)絹?lái)越不適應(yīng)安全需求。1997年9月美國(guó)標(biāo)準(zhǔn)技術(shù)研究機(jī)構(gòu)NIST提出了征求新的加密標(biāo)準(zhǔn)——AES (Advanced Encryption Standard)的建議，作為一種取代DES的二十世紀(jì)加密標(biāo)準(zhǔn)技術(shù)。這種算法執(zhí)行速度快且易于設(shè)計(jì)。下面是小編為您收集整理的先進(jìn)加密標(biāo)準(zhǔn)，供大家參考!

　　先進(jìn)加密標(biāo)準(zhǔn)

　　Advanced Encryption Standard

　　For the past three years,the National Institute of Standards and Technology (NIST) has been working to develop a new encryption standard to keep government information secure.The organization is in the final stages of an open process of selecting one or more algorithms,or data-scrambling formulas,for the new Advanced Encryption Standard (AES) and plans to make adecision by late summer or early fall.The standard is slated to go into effect next year.

　　AES is intended to be a stronger,more efficient successor to Triple Data Encryption Standard(3DES),which replaced the aging DES,which was cracked in less than three days in July 1998.

　　“Until we have the AES,3DES will still offer protection for years to come.So there is no need to immediately switch over,”says Edward Roback, acting chief of the computer security division at NIST and chairman of the AES selection committee.“What AES will offer is a more efficient algorithm.It will be a federal standard,but it will be widely implemented in the IT community.”

　　According to Roback,efficiency of the proposed algorithms is measured by how fast they can encrypt and decrypt information,how fast they can present an encryption key and how much information they can encrypt.

　　The AES review committee is also looking at how much space the algorithm takes up on a chip and how much memory it requires.Roback says the selection of a more efficient AES will also result in cost savings and better use of resources.

　　“DES was designed for hardware implementations,and we are now living in a world of much more efficient software,and we have learned an awful lot about the design of algorithms,”says Roback.“When you start multiplying this with the billions of implementations done daily,the saving on overhead on the networks will be enormous.”

　　The process of selecting the algorithm for AES has been notable for its openness and transparency.This is a marked departure from the government's past inclination toward secrecy in discussing encryption standards,which led to the public cracking of DES after critics questioned the government's assertion that the standard was still secure.

　　NIST kicked off the selection process in September 1997.Conferences were held in August 1998 and March 1999; cryptographers from around the world discussed the algorithm candidates and helped narrow the list to 15 and then to five finalists: IBM's MARS; RSA Laboratories* RC6; Joan Daemen and Vincent Rijmen's Rijndael; Ross Andersen,Eli Baham and Lars Knudsen's Serpent; and Counterpane Labs* Twofish.

　　While most evaluators of the algorithms want to avoid complexity by selecting one to serve as a standard,there's a minority that wants to select more than one.

　　在過(guò)去三年中，(美國(guó))國(guó)家標(biāo)準(zhǔn)與技術(shù)局(NIST)已在研究開(kāi)發(fā)一種新的加密標(biāo)準(zhǔn)，以確保政府的信息安全。該組織目前正處于為新的先進(jìn)加 密標(biāo)準(zhǔn)(AES)選擇一齷蚣父鏊惴ɑ蚴?荽蚵夜?降目?毆?痰淖詈蠼錐危?⒓蘋?諳哪┗蚯锍踝鞒鼉齠ā4吮曜寄詼?髂曄凳??/p>

　　AES預(yù)定為比三層數(shù)據(jù)加密標(biāo)準(zhǔn)(3DES)更強(qiáng)、更高效的后續(xù)標(biāo)準(zhǔn)，3DES替代了老化的DES加密標(biāo)準(zhǔn)，DES在1998年7月在不到三天的時(shí)間內(nèi)就 被破譯了。

　　NIST計(jì)算機(jī)安全部的代理主管兼AES選擇委員會(huì)主席Edward Roback說(shuō) ：“在我們擁有AES之前，3DES還將在今后幾年提供保護(hù)。所以沒(méi)有必要馬上轉(zhuǎn)換。AES所提供的是一種更有效的算法。它將是一項(xiàng)聯(lián)邦標(biāo)準(zhǔn)，但它將在IT界 廣泛實(shí)施。”

　　據(jù)Roback稱，提議中的算法的效率是通過(guò)對(duì)信息加密和解密有多快、給出加密密鑰有多快以及能對(duì)多少信息加密等幾個(gè)方面進(jìn)行測(cè)量的。

　　AES評(píng)價(jià)委員會(huì)也要看算法占據(jù)芯片上多少空間和需要多少內(nèi)存。Roback說(shuō)，選擇一個(gè)更高效的AES也會(huì)帶來(lái)成本的節(jié)省和資源的更好利用。

　　Roback說(shuō)：“DES是為硬件實(shí)現(xiàn)而設(shè)計(jì)的，而我們現(xiàn)在處于軟件更高效的世界，我們對(duì)算法的設(shè)計(jì)有極多的了解。當(dāng)我們開(kāi)始大規(guī)模使用此算法，每天實(shí)現(xiàn)幾十億次的加密時(shí)，(算法帶來(lái)的)網(wǎng)絡(luò)開(kāi)銷的節(jié)省將是巨大的?！?/p>

　　為AES選擇算法的過(guò)程是以其公開(kāi)性和透明度稱著。這標(biāo)志著政府從以往討論加密標(biāo)準(zhǔn)時(shí)傾向于保密的做法一刀兩斷，它導(dǎo)致了政府在斷言DES 標(biāo)準(zhǔn)仍是安全時(shí)被公開(kāi)破譯。

　　NIST在1997年9月開(kāi)始這個(gè)選擇過(guò)程。1998年8月和 1999年3月召開(kāi)了會(huì)議，來(lái)自全世界的密碼專家討論了候選的算法，幫助把算法縮小到15 個(gè)，最后到了5個(gè)：IBM的MARS算法，RSA實(shí)驗(yàn)室的RC6算法、Joan Daemen和Vincent Rijmen兩人的Rijndael算法、Eli Baham和Lars Knudsen兩人的Serpent算法以及Counterpane 實(shí)驗(yàn)室的Twofish算法。

　　大多數(shù)算法鑒定者都選擇一個(gè)作標(biāo)準(zhǔn)以避免復(fù)雜性，但也有一小部分人要選擇多個(gè)算法。

　　數(shù)據(jù)通信系統(tǒng)

　　Data Communication Systems

　　There are five basic types of data communication system:

　　Off-line data transmission is simply the use of a telephone or similar link to transmit data without involving a computer system.The equipment used at both ends of such a link is not part of a computer, or at least does not immediately make the data available for computer process, that is, the data when sent and/or received are 'off-line'. This type of data communication is relatively cheap and simple.

　　Remote batch is the term used for the way in which data communication technology is used geographically to separate the input and /or output of data from the computer on which they are processed in batch mode.

　　On-line data collection is the method of using communications technology to provide input data to a computer as such input arises-the data are then stored in the computer(say on a magnetic disk)and processed either at predetermined intervals or as required.

　　Enquiry-response systems provide, as the term suggests, the facility for a user to extract information from a computer.The enquiry facility is passive, that is, does not modify the information stored.The interrogation may be simple, for example, 'RETRIEVE THE RECORD FOR EMPLOYEE NUMBER 1234' or complex.Such systems may use terminals producing hard copy and /or visual displays.

　　Real-time systems are those in which information is made available to and processed by a computer system in a dynamic manner so that either the computer may cause action to be taken to influence events as they occur(for example as in a process control application)or human operators may be influenced by the accurate and up-to-date information stored in the computer, for example as in reservation systems.

　　有五種基本的數(shù)據(jù)通信系統(tǒng)：

　　脫機(jī)數(shù)據(jù)傳輸是簡(jiǎn)單地利用電話或類似的鏈路來(lái)傳輸數(shù)據(jù)，不包括計(jì)算機(jī)系統(tǒng)。這樣一條鏈路兩端所使用的設(shè)備不是計(jì)算機(jī)的部件，或至少不是立刻把數(shù)據(jù)提供給計(jì)算機(jī)處理，即數(shù)據(jù)在發(fā)送或接收時(shí)是脫機(jī)的。這種數(shù)據(jù)通信相對(duì)來(lái)說(shuō)比較便宜和簡(jiǎn)單。

　　遠(yuǎn)程批處理一詞適用于這樣一種方法：采用數(shù)據(jù)通信技術(shù)來(lái)使數(shù)據(jù)的輸入和輸出在地理上遠(yuǎn)離按批處理模式處理處理它們的計(jì)算機(jī)。

　　聯(lián)機(jī)數(shù)據(jù)收集指的是用數(shù)據(jù)通信技術(shù)來(lái)向計(jì)算機(jī)即時(shí)提供剛產(chǎn)生的輸入數(shù)據(jù)這種方法。數(shù)據(jù)于是存儲(chǔ)在計(jì)算機(jī)里(比如磁盤上)，并按預(yù)定時(shí)間間隔或者根據(jù)需要進(jìn)行處理。

　　詢問(wèn)——應(yīng)答系統(tǒng)，顧名思義，是為用戶提供從計(jì)算機(jī)提取信息的功能。詢問(wèn)功能是被動(dòng)的。也就是說(shuō)，它不修改所存儲(chǔ)的信息。提問(wèn)可以很簡(jiǎn)單，例如："檢索雇員號(hào)碼為1234的記錄"也可以是復(fù)雜的。這類系統(tǒng)可能要使用能產(chǎn)生硬拷貝和(或)可視顯示的終端。

　　實(shí)時(shí)系統(tǒng)是這樣一類系統(tǒng)，其中計(jì)算機(jī)系統(tǒng)是在動(dòng)態(tài)情況下取得和處理信息，以便可使計(jì)算機(jī)采取動(dòng)作來(lái)影響正在發(fā)生的事件(比如在過(guò)程控制應(yīng)用中)或者可通過(guò)存儲(chǔ)在計(jì)算機(jī)里的準(zhǔn)確且不斷更新的信息來(lái)影響人(操作員)，比如在預(yù)售系統(tǒng)中。