tcp节点之间数据传输_确保使用节点js进行数据传输时的完整性和不可否认性-CSDN博客

tcp节点之间数据传输

In this article, we will explain a few well known Cryptographic Primitives that ensures integrity, authenticity, and non-repudiation in data transmission using node.js.

在本文中，我们将解释一些众所周知的加密原语，这些原语可确保使用node.js进行数据传输时的完整性，真实性和不可否认性。

信息安全的核心概念 (Core concepts of Information Security)

Integrity: can the recipient be confident that the message has not been modified during its lifecycle?
完整性：收件人能否确定邮件在其生命周期中没有被修改？
Authentication: can the recipient be confident that the message was originated from the sender?
身份验证：收件人可以确定邮件是发件人发出的吗？
Non-repudiation: if the recipient passes the message and the proof to a third party, can the third party be confident that the message was originated from the sender?
不可否认性：如果收件人将消息和证明传递给第三方，那么第三方可以确定消息是发件人发出的吗？
Availability: the information must be available when it is needed. This concept will not be covered by this article.
可用性：信息在需要时必须可用。本文将不涵盖此概念。

These concepts are also called Security Goals when we want to apply them to our systems. We can achieve these goals by using Cryptographic Primitives.

当我们要将这些概念应用于系统时，这些概念也称为安全目标。我们可以通过使用加密基元来实现这些目标。

Cryptographic primitives are well-established, low-level cryptographic algorithms that are frequently used to build cryptographic protocols for computer security systems. These routines include but are not limited to, one-way hash functions and encryption functions.

加密原语是公认的低级加密算法，通常用于为计算机安全系统建立加密协议。这些例程包括但不限于单向哈希函数和加密函数。

In the table below, we can see the Security Goals that some Cryptographic Primitives can provide. In this article, I will be covering examples of HMAC and Digital Signatures.

在下表中，我们可以看到某些加密基元可以提供的安全目标。在本文中，我将介绍HMAC和数字签名的示例。

MAC的定义 (Definition of MAC)

A Message Authentication Code (MAC) is a short piece of information used to authenticate a message. In other words, it’s used to confirm that the message came from an expected sender and has not been changed without your knowledge. The MAC value ensures both the integrity and authenticity of a message, by regenerating it in the recipient using a shared secret key (K).

消息验证码(MAC)是用于验证消息的一小段信息。换句话说，它用于确认邮件来自预期的发件人，并且在您不知情的情况下未被更改。 MAC值通过使用共享密钥(K)在收件人中重新生成消息来确保消息的完整性和真实性 。

HMAC的定义 (Definition of HMAC)

A Keyed-Hash Message Authentication Code (HMAC) is a MAC obtained by running a cryptographic hash function (like MD5, SHA1 or SHA256) over the data and a shared secret key.

密钥哈希消息认证码 (HMAC)是通过对数据和共享密钥运行密码哈希函数(例如MD5，SHA1或SHA256)而获得的MAC。

The main difference between MAC and HMAC is that MAC is a tag or a piece of information that helps to authenticate a message, while HMAC is a special type of MAC with a cryptographic hash function and a secret key.

MAC和HMAC之间的主要区别在于，MAC是有助于身份验证消息的标签或信息，而HMAC是具有加密哈希功能和秘密密钥的特殊类型的MAC。

HMACs are almost similar to digital signat