|
.
.
( , ). , , .
. N , , : "" Ej "" Dj, j . , , , , . , 7, 9, E9 9. , E9 , , , , , . 9, , D9 . , ( 9
SSL
SSL , Netscape. SSL
TCP/IP. , , ( ) TCP/IP. SSL W3 (W3C) Web- .
SSL , . . (, TCP) ( ) . , , , . SSL , . SSL. SSL , :
. . (, DES, RC4 ..).
, (, RSA, DSS ..).
. (MAC). MAC - (, - [SHA], D5 ..).
, SSL, URL (schema) http, , https ( 443), , SSL-.
SSL , SSL .
| , :
1.
(, , ) , , .
2.
. .
:
1. . . . , , . .
2. ( 4-32). .
7. .
( 4 32 ) . () .
, , , .
, Z=EnCrypt(X,Key) X=DeCrypt(Z,Key). .
, , , . .
, , . , , , ,
11. RC4
RC4 (RC Rons Code Rivests Cipher) 1987 . 8 2048 ( 8). RC4 : , 2 ( XOR). (, SSL TLS, WEP, , Microsoft Office, Lotus Notes, Adobe Acrobat .
11.1
RC4.
. , . , . , .
RC4 , . n . , n = 8. . RC4 2n , . S-. 2n . i j.
12.
: k1 - , , k2 - , . : k1 = f(k2).
. , y = f(x) , : x y x, y = f(x).
: N = P*Q. - . ( N ), , . , N 664 P? Q 1023 , y = ax mod p a, p y (
i < Q Yi = AXi mod Q. J j < Q Yj = AXj mod Q. Y . I = (Yj)Xi mod Q, J K = (Yi)Xj mod Q. :
K = (Yj)Xi mod Q = (AXj mod Q)Xi mod Q = (AXj)Xi mod Q = AXj Xi mod Q = (AXj)Xj mod Q = (AXi mod Q)Xj mod Q = (Yi)Xj mod Q , . i j , : Q, A, Yi Yj. , ..
Xj = inda, q (Yj)
, "man-in-the-middle". , .. , , Yi Yj, (X, Y) . , , . , .
15. -
- , " " , .
- . (, ..) n- . , m- -.
- XOR :
i = bi1 bi2 ... bik
i - i- -, 1 i n.
| k - n- .
| bij - i- j- .
| - XOR.
| - n, . .
-. .
7), ( E7, D7).
, ( N 2*N ), , . -, k- Dk: , k, . , , .
.
, . - . "" (, RealSecure Internet Security Systems), .. - . , . - .
(IDS - Intrusion Detection System) (IPS Intrusion Prevention System) .
- . IDS- , / , , (, , ).
:
- (NIDS, . Network intrusion detection system) , .
- (HIDS, . Host-based intrusion detection system) , , , , .
, () .
,
SSH
Secure Shell (SSH) . , TCP/IP XII. SSH , .
SSH :
. , . .
.
, .
IDEA ( DES , DES, RC4-128, Blowfish). RSA, , , ( ). RSA, RSA. () IP ; DNS . , RSA .
, , .
:
(end-to-end) TCP/IP, (API) (WinSock, Berkeley Standard Distribution [BSD] ..);
, Van Jacobson , , TCP/IP;
- , , (MTU) ..;
. , .
| . . . , , () . , , . , .
8.
, , , . , .
, .
:
, , . . Vi , . F . , , (. round) . K 8 32. ,
a p) 1026 . - " " (DLP - Discrete Logarithm Problem), , , .
, , - . , , x = f-1(y), . . " " ( , - ).
RSA.
13. RSA
RSA . .
RSA .
: " ". RSA :
1. (!) p q
2. n(=p*q)
3. e (e<n), , (e,(p-1)(q-1))=1, e (p-1)(q-1).
4. (!) e*d+(p-1)(q-1)*y=1. d y (d,y), .
5. (e,n) .
6. d , , (e,n).
:
1. , k=[log2(n)] , .
2.
n- - .
n- :
o - ;
o XOR -.
"" , .
, . , , -. n- , - , , - .
16.
́ ́ () , ( ) . , ( ).
, . .
:
1. , .
2. .
3. .
, .
2 :
1) : , .. . , .
. . IDS- . . , .
20.
( , -), , . , . , . ( ) ( ) .
. , ( ).
:
- ;
- "" .
OSI, :
- (packet-switched firewalls);
- (circuit-level gateways);
- (application-level gateways);
- (stateful inspection firewalls).
24. IP (IPSec)
IPSec ( IP Security) , IP, / IP-. IPsec . , vpn-.
IP (IPSec) , IP. IPSec , RFC.
IPSec IP , , ( ) .
IPSec :
, (end-to-end);
(VPN) ;
, , TCP (, UDP);
, , ;
, (, TCP SYN).
|
25. (L2F, , L2TP)
(Virtual Private Dialup Networks VPDN) , . : (Layer 2 Forwarding L2F), (Point-to-Point Tunneling Protocol ) (Layer 2 Tunneling Protocol L2TP).
L2F
(Layer 2 Forwarding L2F) Cisco Systems. , , IP. , , , , (SLIP, PPP), . , IP, IPX AppleTalk SLIP/PPP . , .
Point-to-Point Tunneling Protocol () Microsoft. , . /, , NAS, (VPN). (PNS) , , (), . , (PSTN)
28.
( . 9 2000 ., -1895) , , .
:
;
, , - ;
.
.
: - , , .
29.
. , .
MS-DOS Intel, . . , MicroSoft, .
Windows 95, 98, Millenium , . ,
| ISDN . (GRE) , . IPSec.
L2TP , . L2TP , IP, , ATM, X.25 Frame Relay.
, L2TP OSI, UDP- 1701
26. ()
, , .
, , . , . , .
:
;
Web-;
.
Web-, . .
(, ) :
, , , ;
, , , , () .
-
.
Windows NT, 2000 MicroSoft. , Intel.
UNIX , . : LINUX (S.U.S.E.), OpenBSD, FreeBSD, Sun Solaris. , , . .
, . "" , , , , , . , .
| , , . :
( , , , );
, , , .
( , ) : . .
27.
: - ; - (OC); - ; - . : - ; - ; - ; - . ( ), - (-), (link-). (boot-), , (Master Boot Record), boot-. - - . . (, , ) . - OS - DOS, Windows, Win95/NT, OS/2 .. - Word, Excel, Office97. . : - ; - -; - ; -
| . , . - . - OC / .
, .
, OC, , .. : - , .. ( ); - , , . ; - , ; - , , , , , , , , - .
|