dllhell 听说过吗?
Elliptic curve methods are now used extensively in cybersecurity, and your connection to this web page probably uses elliptic curve methods for its key exchange. Normally for a secure connection, we will use something like AES for the main encryption, and where the key is negotiated with ECDH (Elliptic Curve Diffie Hellman).
椭圆曲线方法现在已广泛用于网络安全中,与此网页的连接可能使用椭圆曲线方法进行密钥交换。 通常,对于安全连接,我们将使用诸如AES之类的主加密方式,并且与ECDH(椭圆曲线Diffie Hellman)协商密钥。
So you may have heard about Curve 25519 (created by the mighty Dan Bernstein [here]), as it’s used in many applications, including with Tor, and OpenSSL. Overall, it uses a finite field defined with a prime number of:
因此,您可能已经听说过Curve 25519 (由强大的Dan Bernstein 在此处创建),因为它已在许多应用程序中使用,包括与Tor和OpenSSL一起使用。 总体而言,它使用以下列素数定义的有限域:
2²⁵⁵-19
2²⁵⁵-19
All this means is that all of the operations are done (mod 2²⁵⁵-19). With Curve 25519 we use a key exchange method of X25519 (and which basically just uses one of the co-ordinates of the elliptic curve). Here is my implementation of X25519 [demo]:
这意味着所有操作都已完成(mod2²⁵⁵-19)。 对于Curve 25519,我们使用X25519的密钥交换方法(并且基本上只使用椭圆曲线的坐标之一)。 这是我对X25519的实现[ demo ]:
And so while X25519 gives around 128-bit security, we can improve on this with Curve 448, and which implements around 224-bit security, and uses a prime number of:
因此,尽管X25519提供了约128位的安全性 ,但我们可以使用Curve 448对其进行改进,它可以实现约224位的安全性,并使用以下质数:
2⁴⁴⁸-2²²⁴-1
2⁴⁴⁸-2²²⁴-1
This considerably improves the security of the key exchange method, and should be used in applications that need a much higher security level than X25519. The coding for this in Python is [demo]:
这大大提高了密钥交换方法的安全性,应在需要比X25519高得多的安全性级别的应用程序中使用。 Python中对此的编码为[ demo ]:
The coding for these is based RFC 7748 [here]. So here are two demos:
这些的编码基于RFC 7748 [ here ]。 因此,这是两个演示:
dllhell 听说过吗?
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
