Si chinsinsi kuti chimodzi mwazinthu zothandizira zomwe zimagwiritsidwa ntchito nthawi zambiri, popanda zomwe chitetezo cha data pamaneti otseguka sizingatheke, ndiukadaulo wa satifiketi ya digito. Komabe, sizobisika kuti drawback yaikulu ya teknoloji ndi kudalira kopanda malire m'malo omwe amapereka ziphaso za digito. Director of Technology and Innovation ku ENCRY Andrey Chmora adapereka njira yatsopano yokonzekera makiyi a anthu onse (Public Key Infrastructure, PKI), zomwe zingathandize kuthetsa zofooka zamakono komanso zomwe zimagwiritsa ntchito teknoloji yogawa (blockchain). Koma zinthu zoyamba choyamba.
Ngati mumadziwa momwe makiyi anu apagulu amagwirira ntchito komanso mukudziwa zolephera zake zazikulu, mutha kulumpha kupita ku zomwe tikufuna kusintha pansipa.
Kodi ma signature a digito ndi ziti?Kulumikizana pa intaneti nthawi zonse kumakhudza kusamutsa deta. Tonsefe tili ndi chidwi chowonetsetsa kuti deta imafalitsidwa motetezeka. Koma kodi chitetezo ndi chiyani? Ntchito zachitetezo zomwe zimafunidwa kwambiri ndi chinsinsi, kukhulupirika komanso kutsimikizika. Pachifukwa ichi, njira za asymmetric cryptography, kapena cryptography yokhala ndi kiyi yapagulu, zimagwiritsidwa ntchito.
Tiyeni tiyambe ndi mfundo yakuti kugwiritsa ntchito njirazi, nkhani zoyankhulirana ziyenera kukhala ndi makiyi awiri omwe ali pawiri - pagulu ndi chinsinsi. Ndi chithandizo chawo, ntchito zachitetezo zomwe tazitchula pamwambapa zimaperekedwa.
Kodi chinsinsi cha kusamutsa zidziwitso chimakwaniritsidwa bwanji? Asanatumize deta, wolembetsa amabisa (cryptographically amasintha) deta yotseguka pogwiritsa ntchito kiyi yapagulu ya wolandirayo, ndipo wolandirayo amachotsa mawu olembedwa omwe adalandira pogwiritsa ntchito kiyi yachinsinsi yophatikizidwa.
Kodi kukhulupirika ndi kudalirika kwa uthenga wofalitsidwa zimatheka bwanji? Pofuna kuthetsa vutoli, njira ina inapangidwa. Deta yotseguka sinasinthidwe, koma zotsatira zogwiritsa ntchito cryptographic hash - chithunzi "chopanikizidwa" chamayendedwe olowera - imafalitsidwa munjira yobisika. Zotsatira za hashing zotere zimatchedwa "digest", ndipo zimasungidwa pogwiritsa ntchito kiyi yachinsinsi ya olembetsa ("mboni"). Chifukwa cha encrypting digest, siginecha ya digito imapezedwa. Iwo, pamodzi ndi malemba omveka bwino, amatumizidwa kwa olembetsa olandira ("verifier"). Amachotsa siginecha ya digito pa kiyi yapagulu ya mboniyo ndikuifananitsa ndi zotsatira zakugwiritsa ntchito cryptographic hash, yomwe wotsimikizira amawerengera pawokha potengera zomwe adalandira. Ngati zikugwirizana, izi zikuwonetsa kuti datayo idatumizidwa m'njira yeniyeni komanso yokwanira ndi wolembetsa, ndipo osasinthidwa ndi wowukira.
Zida zambiri zomwe zimagwira ntchito ndi deta yaumwini ndi zidziwitso zolipira (mabanki, makampani a inshuwaransi, ndege, machitidwe olipira, komanso ma portal aboma monga ntchito yamisonkho) amagwiritsa ntchito mwachangu njira za asymmetric cryptography.
Kodi satifiketi ya digito ikukhudzana bwanji ndi izi? Ndi zophweka. Njira zonse zoyamba ndi zachiwiri zimaphatikizapo makiyi a anthu onse, ndipo popeza amatenga gawo lalikulu, ndikofunikira kuwonetsetsa kuti makiyiwo ndi a wotumiza (mboni, ngati siginecha) kapena wolandila, ndipo sali. m'malo ndi makiyi a owukira. Ichi ndichifukwa chake satifiketi za digito zilipo kuti zitsimikizire zowona komanso kukhulupirika kwa kiyi yapagulu.
Zindikirani: kutsimikizika ndi kukhulupirika kwa kiyi yapagulu kumatsimikiziridwa chimodzimodzi monga kutsimikizika ndi kukhulupirika kwa data yapagulu, ndiko kuti, kugwiritsa ntchito siginecha yamagetsi yamagetsi (EDS).
Kodi satifiketi za digito zimachokera kuti?Akuluakulu a certification odalirika, kapena Certification Authorities (CAs), ali ndi udindo wopereka ndi kusunga ziphaso za digito. Wopemphayo apempha kuti apereke satifiketi kuchokera ku CA, amapita ku Registration Center (CR) ndikulandila satifiketi kuchokera ku CA. CA imatsimikizira kuti kiyi yapagulu kuchokera pa satifiketiyo ndi ya kampani yomwe idaperekedwa.
Ngati simukutsimikizira kutsimikizika kwa kiyi yapagulu, ndiye kuti wowukira panthawi yakusamutsa/kusunga kiyiyi atha kuyisintha ndi yake. Ngati kulowetsedwa kwachitika, wowukirayo azitha kutulutsa chilichonse chomwe wolembetsa amatumiza kwa wolembetsa, kapena kusintha zomwe zatsegulidwa mwakufuna kwake.
Satifiketi ya digito imagwiritsidwa ntchito kulikonse komwe asymmetric cryptography ilipo. Chimodzi mwazinthu zodziwika bwino za digito ndi satifiketi ya SSL yolumikizana motetezeka pa protocol ya HTTPS. Mazana amakampani omwe adalembetsedwa m'malo osiyanasiyana akukhudzidwa ndikupereka ziphaso za SSL. Gawo lalikulu limagwera pazigawo zazikulu zisanu mpaka khumi zodalirika: IdenTrust, Comodo, GoDaddy, GlobalSign, DigiCert, CERTUM, Actalis, Secom, Trustwave.
CA ndi CR ndi zigawo za PKI, zomwe zimaphatikizapo:
- Tsegulani chikwatu - nkhokwe yapagulu yomwe imapereka kusungirako kotetezedwa kwa ziphaso za digito.
- Mndandanda wochotsa satifiketi - nkhokwe yapagulu yomwe imapereka malo otetezedwa a ziphaso za digito za makiyi a anthu ochotsedwa (mwachitsanzo, chifukwa chakuphwanya kiyi yachinsinsi yolumikizidwa). Maphunziro a zomangamanga atha kulowa nawo pawokha pankhokweyi, kapena atha kugwiritsa ntchito njira yapadera ya Online Certification Status Protocol (OCSP), yomwe imathandizira kutsimikizira.
- Ogwiritsa ntchito ziphaso - Ophunzira a PKI omwe adachita nawo mgwirizano ndi CA ndikutsimikizira siginecha ya digito ndi/kapena encrypt data kutengera kiyi yapagulu ya satifiketi.
- Zolemba - adapereka maphunziro a PKI omwe ali ndi kiyi yachinsinsi yolumikizidwa ndi kiyi yapagulu kuchokera pa satifiketi, komanso omwe adalowa nawo mgwirizano wolembetsa ndi CA. Wolembetsa akhoza kukhala wogwiritsa ntchito satifiketi nthawi imodzi.
Chifukwa chake, mabungwe odalirika azinthu zazikuluzikulu zapagulu, zomwe zikuphatikiza ma CA, ma CR ndi zolemba zotseguka, ali ndi udindo:
1. Kutsimikizira kutsimikizika kwa chidziwitso cha wopemphayo.
2. Kufotokoza satifiketi ya kiyi wapagulu.
3. Kupereka chiphaso cha makiyi a anthu onse kwa wofunsira yemwe chizindikiritso chake chatsimikiziridwa modalirika.
4. Sinthani mawonekedwe a chiphaso chachinsinsi cha anthu.
5. Kupereka zambiri za momwe satifiketi yachinsinsi ya anthu ilili pano.
Zoyipa za PKI, ndi chiyani?Cholakwika chachikulu cha PKI ndi kupezeka kwa mabungwe odalirika.
Ogwiritsa ntchito ayenera kukhulupirira CA ndi CR mopanda malire. Koma, monga momwe zimasonyezera, kukhulupirirana mopanda malire kuli ndi zotsatirapo zazikulu.
Pazaka khumi zapitazi, pakhala pali zolakwika zingapo zazikulu mderali zokhudzana ndi kuwonongeka kwa zomangamanga.
- mu 2010, pulogalamu yaumbanda ya Stuxnet idayamba kufalikira pa intaneti, yosainidwa pogwiritsa ntchito ziphaso zabedwa za digito kuchokera ku RealTek ndi JMicron.
- Mu 2017, Google idadzudzula Symantec chifukwa chopereka ziphaso zambiri zabodza. Panthawiyo, Symantec inali imodzi mwa ma CA akuluakulu pakupanga mavoliyumu. Mu msakatuli wa Google Chrome 70, chithandizo cha ziphaso zoperekedwa ndi kampaniyi ndi malo ogwirizana nawo GeoTrust ndi Thawte adayimitsidwa pasanafike pa Disembala 1, 2017.
Ma CA adasokonezedwa, ndipo chifukwa chake aliyense adavutika-ma CA okha, komanso ogwiritsa ntchito ndi olembetsa. Chidaliro cha zomangamanga chachepetsedwa. Kuphatikiza apo, ziphaso za digito zitha kutsekedwa pamikangano yandale, zomwe zingakhudzenso magwiridwe antchito ambiri. Izi ndi zomwe zinkawopedwa zaka zingapo zapitazo mu ulamuliro wa pulezidenti wa Russia, kumene mu 2016 adakambirana za kuthekera kopanga malo ovomerezeka a boma omwe angapereke ziphaso za SSL kumalo a RuNet. Zomwe zikuchitika masiku ano ndizoti ngakhale zipata za boma ku Russia ziphaso za digito zoperekedwa ndi makampani aku America Comodo kapena Thawte (wothandizira a Symantec).
Palinso vuto lina - funso kutsimikizika koyambirira (kutsimikizika) kwa ogwiritsa ntchito. Kodi mungadziwe bwanji wogwiritsa ntchito yemwe adalumikizana ndi CA ndi pempho loti apereke satifiketi ya digito popanda kulumikizana mwachindunji? Tsopano izi zimathetsedwa molingana ndi kuthekera kwa zomangamanga. Chinachake chimatengedwa pamakaundula otseguka (mwachitsanzo, zambiri zamabungwe ovomerezeka omwe amapempha ziphaso); pomwe olembetsawo ndi anthu payekhapayekha, maofesi akubanki kapena ma positi angagwiritsidwe ntchito, pomwe zidziwitso zawo zimatsimikiziridwa pogwiritsa ntchito zikalata zozindikiritsa, mwachitsanzo, pasipoti.
Vuto la kunamizira ziyeneretso nβcholinga chongoyerekezera ndi lofunika kwambiri. Tiyeni tiwone kuti palibe yankho lathunthu la vutoli chifukwa chazidziwitso-zidziwitso: popanda kukhala ndi chidziwitso chodalirika a priori, ndizosatheka kutsimikizira kapena kukana kutsimikizika kwa phunziro linalake. Monga lamulo, kuti mutsimikizire ndikofunikira kupereka zolemba zotsimikizira kuti wopemphayo ndi ndani. Pali njira zambiri zotsimikizira, koma palibe imodzi yomwe imapereka chitsimikizo chokwanira cha zolembedwa. Chifukwa chake, kutsimikizika kwa chizindikiritso cha wopemphayo sikungatsimikizidwenso.
Kodi zophophonya zimenezi zingathetsedwe bwanji?Ngati mavuto a PKI pakali pano akhoza kufotokozedwa ndi centralization, ndiye kuti n'zomveka kuganiza kuti decentralization ingathandize pang'ono kuthetsa zolakwa zomwe zadziwika.
Decentralization sikutanthauza kupezeka kwa mabungwe odalirika - ngati mupanga madera akuluakulu aboma (Decentralized Public Key Infrastructure, DPKI), ndiye kuti CA kapena CR sizikufunika. Tiyeni tisiye lingaliro la chiphaso cha digito ndikugwiritsa ntchito registry yogawidwa kuti tisunge zambiri zamakiyi agulu. Kwa ife, timatcha kaundula kuti nkhokwe ya liniya yokhala ndi ma rekodi (ma block) omwe amalumikizidwa ndiukadaulo wa blockchain. M'malo mwa chiphaso cha digito, tidzayambitsa lingaliro la "zidziwitso".
Momwe njira yolandirira, kutsimikizira ndi kuletsa zidziwitso idzawonekere mu DPKI yomwe ikufunsidwa:
1. Wopempha aliyense amatumiza pempho la chidziwitso payekha polemba fomu panthawi yolembetsa, pambuyo pake amapanga malonda omwe amasungidwa mu dziwe lapadera.
2. Chidziwitso chokhudza makiyi a anthu onse, pamodzi ndi tsatanetsatane wa mwiniwake ndi metadata ina, zimasungidwa mu registry yogawidwa, osati mu chiphaso cha digito, kuti aperekedwe mu PKI yapakati yomwe CA ili ndi udindo.
3. Kutsimikizira kutsimikizika kwa wopemphayo kumachitidwa pambuyo poyeserera pamodzi kwa gulu la ogwiritsa ntchito DPKI, osati ndi CR.
4. Ndi mwiniwake wa chidziwitso chotere yekha yemwe angasinthe mawonekedwe a kiyi yapagulu.
5. Aliyense atha kupeza buku logawidwa ndikuwunika momwe kiyi yapagulu ilili.
Zindikirani: Kutsimikizira kuti munthu ndi ndani kungawoneke ngati kosadalirika poyang'ana koyamba. Koma tiyenera kukumbukira kuti masiku ano onse ogwiritsa ntchito digito amasiya njira ya digito, ndipo izi zidzangopitilirabe kukula. Tsegulani zolembera zamagetsi zamabungwe ovomerezeka, mamapu, kuyika zithunzi zamtundu wa digito, malo ochezera a pa Intaneti - zonsezi ndi zida zopezeka pagulu. Amagwiritsidwa ntchito kale bwino pakufufuza ndi atolankhani komanso mabungwe azamalamulo. Mwachitsanzo, ndikwanira kukumbukira zofufuza za Bellingcat kapena gulu lofufuzira limodzi la JIT, lomwe likuphunzira za ngozi ya Boeing ya ku Malaysia.
Ndiye kodi makiyi akuluakulu a boma angagwire ntchito bwanji? Tiyeni tikambirane za teknoloji yokha, yomwe ife patent mu 2018 ndipo moyenerera timalingalira kuti ndi luso lathu.
Tangoganizani kuti pali eni ake omwe ali ndi makiyi ambiri apagulu, pomwe kiyi iliyonse imakhala ndi zochitika zina zomwe zimasungidwa mu registry. Popanda CA, mungamvetse bwanji kuti makiyi onse ndi a mwiniwakeyu? Kuti athetse vutoli, malonda a zero amapangidwa, omwe ali ndi chidziwitso chokhudza mwiniwake ndi chikwama chake (kumene komiti yoyika malondawo mu registry imachotsedwa). The null transaction ndi mtundu wa "nangula" womwe zotsatirazi zokhala ndi deta za makiyi apagulu zidzalumikizidwa. Chilichonse chotere chimakhala ndi mawonekedwe apadera a data, kapena mwa kuyankhula kwina, chidziwitso.
Chidziwitso ndi gulu la data lomwe lili ndi magawo ogwirira ntchito komanso kuphatikiza zambiri za kiyi ya eni ake, kulimbikira kwake komwe kumatsimikiziridwa ndi kuyika mu imodzi mwama rekodi okhudzana ndi kaundula wogawidwa.
Funso lotsatira lomveka ndilakuti ntchito ya zero imapangidwa bwanji? Ntchito yopanda pake - monga yotsatira - ndikuphatikiza magawo asanu ndi limodzi a data. Pakupanga kugulitsa kwa zero, makiyi ofunikira a chikwama amakhudzidwa (makiyi achinsinsi apagulu ndi awiriawiri). Makiyi awiriwa amawoneka panthawi yomwe wogwiritsa ntchito amalembetsa chikwama chake, komwe ntchito yoyika zero mu registry ndipo, pambuyo pake, ntchito ndi zidziwitso zidzachotsedwa.
Monga momwe tawonetsera pachithunzichi, chikwama chachinsinsi cha chikwama chimapangidwa ndikugwiritsa ntchito motsatizana ntchito za SHA256 ndi RIPEMD160 hashi. Apa RIPEMD160 imayang'anira kuyimira kophatikizana kwa data, m'lifupi mwake sikudutsa ma bits 160. Izi ndizofunikira chifukwa registry siwotsika mtengo. Kiyi yapagulu yokha imalowetsedwa mu gawo lachisanu. Munda woyamba uli ndi data yomwe imakhazikitsa kulumikizana ndi zomwe zachitika kale. Pazochitika za zero, gawo ili liribe kanthu, lomwe limasiyanitsa ndi zochitika zotsatila. Gawo lachiwiri ndi data yowunikira kulumikizidwa kwa zochitika. Mwachidule, tidzatcha zomwe zili mu gawo loyamba ndi lachiwiri "ulalo" ndi "cheke", motsatana. Zomwe zili m'magawowa zimapangidwa ndi hashing yobwerezabwereza, monga momwe zasonyezedwera pogwirizanitsa zochitika zachiwiri ndi zachitatu mu chithunzi chomwe chili pansipa.
Deta yochokera m'magawo asanu oyambirira imatsimikiziridwa ndi siginecha yamagetsi, yomwe imapangidwa pogwiritsa ntchito chinsinsi chachinsinsi cha chikwama.
Ndizomwezo, kugulitsako null kumatumizidwa kudziwe ndipo pambuyo potsimikizira bwino ndikulowa mu registry. Tsopano mutha "kulumikiza" zochitika zotsatirazi kwa izo. Tiyeni tiwone momwe mabizinesi ena kupatula ziro amapangidwira.
Chinthu choyamba chomwe chinakuchititsani chidwi ndi kuchuluka kwa magulu awiriwa. Kuphatikiza pa makiyi a chikwama omwe amadziwika kale, makiyi wamba ndi makiyi amagwiritsidwa ntchito.
Kiyi wamba wamba ndiyomwe zonse zidayambitsidwira. Mfunguloyi imakhudzidwa ndi njira ndi njira zosiyanasiyana zomwe zikuchitika kunja (kubanki ndi zochitika zina, kutuluka kwa zolemba, ndi zina zotero). Mwachitsanzo, makiyi achinsinsi ochokera kwa anthu awiri wamba angagwiritsidwe ntchito kupanga siginecha ya digito pazolemba zosiyanasiyana - zolipira zolipira, ndi zina zambiri, ndipo kiyi yapagulu ingagwiritsidwe ntchito kutsimikizira siginecha ya digito ndikutsatiridwa kwa malangizowa, malinga ngati ndizovomerezeka.
Magulu awiriwa amaperekedwa kumutu wolembetsedwa wa DPKI. Dzina la awiriwa limagwirizana ndi cholinga chake. Zindikirani kuti popanga / kuyang'ana zomwe zachitika ziro, makiyi a ntchito sagwiritsidwa ntchito.
Tiyeni tifotokozenso cholinga cha makiyiwo:
- Makiyi a Wallet amagwiritsidwa ntchito kupanga/kutsimikizira zonse zomwe zachitika mwachabechabe komanso zina zilizonse zopanda pake. Kiyi yachinsinsi ya chikwama imadziwika ndi mwiniwake wa chikwamacho, yemwenso ndi mwini wake wa makiyi ambiri wamba wamba.
- Kiyi wamba wamba ndiyofanana ndi kiyi yapagulu yomwe satifiketi imaperekedwa mu PKI yapakati.
- Makiyi a utumiki ndi a DPKI. Kiyi yachinsinsi imaperekedwa kwa mabungwe olembetsedwa ndipo imagwiritsidwa ntchito popanga masiginecha a digito pazochita (kupatulapo zogulitsa ziro). Public imagwiritsidwa ntchito kutsimikizira siginecha yamagetsi yamagetsi yamalonda isanatumizidwe mu registry.
Choncho, pali magulu awiri a makiyi. Yoyamba imaphatikizapo makiyi a utumiki ndi makiyi a chikwama - amangomveka bwino pa nkhani ya DPKI. Gulu lachiwiri limaphatikizapo makiyi wamba - kuchuluka kwawo kumatha kusiyanasiyana ndipo kumatsimikiziridwa ndi ntchito zomwe zimagwiritsidwa ntchito. Nthawi yomweyo, DPKI imatsimikizira kukhulupirika ndi kutsimikizika kwa makiyi wamba wamba.
Chidziwitso: Makiyi awiriwa amatha kudziwika ndi mabungwe osiyanasiyana a DPKI. Mwachitsanzo, zikhoza kukhala zofanana kwa aliyense. Pachifukwa ichi, popanga siginecha ya chinthu chilichonse chopanda ziro, makiyi awiri achinsinsi amagwiritsidwa ntchito, imodzi mwazomwe ndi fungulo lachikwama - limadziwika ndi mwiniwake wa chikwamacho, yemwenso ndi mwiniwake wa ambiri wamba. makiyi apagulu. Makiyi onse ali ndi tanthauzo lake. Mwachitsanzo, nthawi zonse ndizotheka kutsimikizira kuti kugulitsako kudalowetsedwa m'kaundula ndi mutu wolembetsedwa wa DPKI, popeza siginecha idapangidwanso pa kiyi yachinsinsi. Ndipo sipangakhale nkhanza, monga kuukira kwa DOS, chifukwa mwiniwake amalipira chilichonse.
Zochita zonse zomwe zimatsatira zero imodzi zimapangidwira mofananamo: fungulo la anthu onse (osati chikwama, monga momwe zimakhalira ndi zero, koma kuchokera kumagulu achinsinsi) amayendetsedwa ndi ntchito ziwiri za hashi SHA256 ndi RIPEMD160. Umu ndi momwe deta ya gawo lachitatu imapangidwira. Munda wachinayi uli ndi chidziwitso chotsatira (mwachitsanzo, zambiri za momwe zilili panopa, masiku otsiriza ntchito, timestamp, zizindikiro za crypto-algorithms zogwiritsidwa ntchito, etc.). Munda wachisanu uli ndi kiyi yapagulu yochokera ku makiyi a utumiki. Ndi chithandizo chake, siginecha ya digito idzayang'aniridwa, kuti ibwerezedwenso. Tiyeni tizilungamitsa kufunikira kwa njira yoteroyo.
Kumbukirani kuti malonda amalowetsedwa mu dziwe ndikusungidwa pamenepo mpaka atakonzedwa. Kusungira mu dziwe kumagwirizanitsidwa ndi chiopsezo china - deta yogulitsa ikhoza kusokonezedwa. Mwiniwake amatsimikizira zomwe zachitika ndi siginecha yamagetsi yamagetsi. Kiyi yapagulu yotsimikizira siginecha ya digito iyi imawonetsedwa m'modzi mwa magawo amalonda ndipo pambuyo pake imalowetsedwa m'kaundula. Zodziwika bwino zakusinthana ndizomwe zimapangitsa kuti wowukirayo asinthe zomwe akufuna ndikuzitsimikizira pogwiritsa ntchito kiyi yake yachinsinsi, ndikuwonetsa kiyi yapagulu yotsimikizira siginecha ya digito pakugulitsa. Ngati zowona ndi kukhulupirika zimatsimikiziridwa kokha kudzera mu siginecha ya digito, ndiye kuti chinyengo choterocho sichidzazindikirika. Komabe, ngati, kuwonjezera pa siginecha ya digito, pali njira yowonjezera yomwe imatsimikizira kusungitsa ndi kulimbikira kwa chidziwitso chosungidwa, ndiye kuti chinyengocho chikhoza kuzindikirika. Kuti muchite izi, ndikwanira kulowetsa kiyi yeniyeni ya eni ake mu registry. Tiyeni tifotokoze mmene izi zimagwirira ntchito.
Lolani wowukirayo apangire data yamalonda. Kuchokera pakuwona makiyi ndi ma signature a digito, zotsatirazi ndizotheka:
1. Wowukirayo amayika kiyi yake yapagulu pochitapo kanthu pomwe siginecha ya digito ya eni ake imakhalabe yosasinthika.
2. Wowukirayo amapanga siginecha ya digito pa kiyi yake yachinsinsi, koma amasiya makiyi agulu a eni ake osasintha.
3. Wowukirayo amapanga siginecha ya digito pa kiyi yake yachinsinsi ndikuyika kiyi yophatikizika ndi anthu pochita malonda.
Mwachiwonekere, zosankha 1 ndi 2 ndizopanda tanthauzo, chifukwa zidzadziwika nthawi zonse potsimikizira siginecha ya digito. Chosankha 3 chokha ndichomveka, ndipo ngati wowukira apanga siginecha ya digito pa kiyi yake yachinsinsi, ndiye kuti amakakamizika kusunga kiyi yapagulu yophatikizika pochita malonda, mosiyana ndi kiyi yapagulu ya eni ake. Iyi ndi njira yokhayo yoti wowukira agwiritse ntchito data yabodza.
Tiyerekeze kuti mwiniwakeyo ali ndi makiyi okhazikika - achinsinsi komanso agulu. Lolani kuti deta itsimikizidwe ndi siginecha ya digito pogwiritsa ntchito kiyi yachinsinsi kuchokera pawiriyi, ndipo kiyi yapagulu ikuwonetsedwa pakugulitsako. Tiyerekezenso kuti kiyi yapagulu iyi idalowetsedwa kale mu registry ndipo kutsimikizika kwake kwatsimikiziridwa modalirika. Kenako chinyengo chidzawonetsedwa chifukwa chakuti kiyi yapagulu yochokera pakuchitapo sikugwirizana ndi kiyi yapagulu yochokera ku registry.
Fotokozani mwachidule. Mukakonza zoyambira za eni ake, ndikofunikira kutsimikizira kutsimikizika kwa kiyi yapagulu yomwe yalowa mu registry. Kuti muchite izi, werengani kiyi yochokera ku registry ndikuyifananitsa ndi kiyi yeniyeni yapagulu ya eni ake mkati mwachitetezo chozungulira (malo osatetezeka achibale). Ngati kutsimikizika kwa fungulo kumatsimikiziridwa ndipo kulimbikira kwake kumatsimikiziridwa pakuyika, ndiye kutsimikizika kwa kiyi kuchokera pazotsatira zotsatila kumatha kutsimikiziridwa / kutsutsidwa mosavuta poyerekeza ndi fungulo lochokera ku registry. Mwanjira ina, kiyi yochokera ku registry imagwiritsidwa ntchito ngati chitsanzo. Zochita zina zonse za eni ake zimakonzedwa mofanana.
Kugulitsako kumatsimikiziridwa ndi siginecha yamagetsi yamagetsi - apa ndipamene makiyi achinsinsi amafunikira, osati imodzi, koma awiri nthawi imodzi - fungulo lautumiki ndi fungulo lachikwama. Chifukwa cha kugwiritsa ntchito makiyi awiri achinsinsi, mlingo wofunikira wa chitetezo umatsimikiziridwa - pambuyo pake, chinsinsi chachinsinsi chautumiki chikhoza kudziwika kwa ogwiritsa ntchito ena, pamene chinsinsi chachinsinsi cha chikwama chimadziwika ndi mwiniwake wa makiyi wamba. Tidatcha siginecha yamakiyi awiri ngati siginecha ya digito "yophatikizidwa".
Kutsimikizira kwa zinthu zomwe sizinali zopanda pake kumachitika pogwiritsa ntchito makiyi awiri a anthu onse: chikwama ndi kiyi yautumiki. Njira yotsimikizirira imatha kugawidwa m'magawo awiri akulu: woyamba ndikuwunika kugaya kwa kiyi yapagulu ya chikwama, ndipo chachiwiri ndikuwunika siginecha yamagetsi yamagetsi, yophatikizika yomweyi yomwe idapangidwa pogwiritsa ntchito makiyi awiri achinsinsi. chikwama ndi ntchito). Ngati kutsimikizika kwa siginecha ya digito kumatsimikiziridwa, ndiye pambuyo pa kutsimikizira kowonjezerapo ntchitoyo imalowetsedwa mu kaundula.
Funso lomveka likhoza kuwuka: momwe mungayang'anire ngati kugulitsa kuli kwa unyolo wina ndi "muzu" mu mawonekedwe a zero? Pachifukwa ichi, ndondomeko yotsimikizira imawonjezeredwa ndi gawo linanso - kuyang'ana kugwirizanitsa. Apa ndipamene tidzafunika deta kuchokera m'magawo awiri oyambirira, omwe sitinawanyalanyaze.
Tiyerekeze kuti tifunika kuyang'ana ngati kugulitsa No. 3 kumabwera pambuyo pa malonda No. Kuti muchite izi, pogwiritsa ntchito njira yophatikizira ya hashing, mtengo wa ntchito ya hashi umawerengedwa pa data kuchokera ku gawo lachitatu, lachinayi ndi lachisanu la transaction No. Ndiye concatenation wa deta kuchokera kumunda woyamba wa malonda No. 2 ndi kale anapezedwa pamodzi hashi ntchito mtengo kwa deta kuchokera lachitatu, chachinayi ndi chachisanu minda wa kugulitsa No. Zonsezi zimayendetsedwanso ndi ntchito ziwiri za hashi SHA2 ndi RIPEMD3. Ngati mtengo wolandiridwa ukugwirizana ndi deta mu gawo lachiwiri la malonda No. Izi zikuwonetsedwa momveka bwino muzithunzi pansipa.
Mwambiri, ukadaulo wopangira ndikulowetsa zidziwitso mu kaundula umawoneka chimodzimodzi. Chithunzi chowonekera cha njira yopangira zidziwitso zambiri chikuwonetsedwa mu chithunzi chotsatirachi:
M'mawu awa, sitikhala pazambiri, zomwe mosakayikira zilipo, ndikubwereranso kukakambirana lingaliro lomwelo lachitukuko chachikulu cha anthu.
Chifukwa chake, popeza wopemphayo mwiniwakeyo amatumiza pempho la kulembetsa zidziwitso, zomwe sizisungidwa mu database ya CA, koma mu registry, zigawo zazikulu za zomangamanga za DPKI ziyenera kuganiziridwa:
1. Kulembetsa kwa zidziwitso zovomerezeka (RDN).
2. Kulembetsa zidziwitso zochotsedwa (RON).
3. Kulembetsa kwa zidziwitso zoimitsidwa (RPN).
Zambiri za makiyi agulu zimasungidwa mu RDN/RON/RPN monga momwe zimagwirira ntchito. Ndizoyeneranso kudziwa kuti izi zitha kukhala zolembetsa zosiyanasiyana, kapena maunyolo osiyanasiyana, kapena unyolo umodzi ngati gawo limodzi la registry imodzi, pomwe chidziwitso chokhudza makiyi wamba wamba (kuchotsedwa, kuyimitsidwa, etc.) chikulowa mu gawo lachinayi la dongosolo la deta mu mawonekedwe a code yofanana. Pali njira zambiri zopangira mamangidwe a DPKI, ndipo kusankha kwa chimodzi kapena chimzake kumadalira zinthu zingapo, mwachitsanzo, kukhathamiritsa kotere monga mtengo wa kukumbukira kwakanthawi kosungirako makiyi aboma, ndi zina zambiri.
Chifukwa chake, DPKI ikhoza kukhala, ngati sichophweka, ndiye kuti ingafanane ndi yankho lapakati malinga ndi zovuta zomanga.
Funso lalikulu likadali - Ndi registry iti yomwe ili yoyenera kukhazikitsa ukadaulo?
Chofunikira chachikulu pa registry ndikutha kupanga zochitika zamtundu uliwonse. Chitsanzo chodziwika kwambiri cha leja ndi intaneti ya Bitcoin. Koma mukamagwiritsa ntchito ukadaulo womwe wafotokozedwa pamwambapa, pamakhala zovuta zina: kulephera kwa chilankhulo cholembera, kusowa kwa njira zofunikira zosinthira ma data osagwirizana, njira zopangira ma transaction amtundu wokhazikika, ndi zina zambiri.
Ife ku ENCRY tinayesetsa kuthetsa mavuto omwe adapangidwa pamwambapa ndikupanga registry, yomwe, m'malingaliro athu, ili ndi ubwino wambiri, womwe ndi:
- imathandizira mitundu ingapo yamalonda: imatha kusinthanitsa zinthu zonse (ndiko kuti, kuchitapo kanthu pazachuma) ndikupanga mabizinesi mongotengera,
- Madivelopa ali ndi mwayi wogwiritsa ntchito chilankhulo cha PrismLang, chomwe chimapereka kusinthasintha kofunikira pakuthana ndi mavuto osiyanasiyana aukadaulo,
- njira yopangira ma data osagwirizana imaperekedwa.
Ngati titenga njira yosavuta, ndiye kuti zotsatirazi zimachitika:
- Wopemphayo amalembetsa ndi DPKI ndipo amalandira chikwama cha digito. Adilesi ya Wallet ndi mtengo wa hashi wa kiyi yagulu ya chikwama. Kiyi yachinsinsi ya chikwama imadziwika ndi wopempha yekha.
- Mutu wolembetsedwa umapatsidwa mwayi wopeza chinsinsi chachinsinsi chautumiki.
- Nkhaniyi imapanga zero ndikuzitsimikizira ndi siginecha ya digito pogwiritsa ntchito kiyi yachinsinsi ya chikwama.
- Ngati kugulitsa kwina kupatula zero kupangidwa, kumatsimikiziridwa ndi siginecha yamagetsi yamagetsi pogwiritsa ntchito makiyi awiri achinsinsi: chikwama chandalama ndi ntchito imodzi.
- Nkhaniyo imatumiza ku dziwe.
- Node ya network ya ENCRY imawerengera zomwe zikuchitika kuchokera padziwe ndikuyang'ana siginecha ya digito, komanso kulumikizana kwazomwe zikuchitika.
- Ngati siginecha ya digito ndi yovomerezeka ndipo kugwirizanako kwatsimikiziridwa, ndiye kuti imakonzekeretsa malonda kuti alowe mu kaundula.
Apa registry imagwira ntchito ngati nkhokwe yogawidwa yomwe imasunga zidziwitso zovomerezeka, zoletsedwa komanso zoyimitsidwa.
Zoonadi, kugawikana m'madera si njira yothetsera vutoli. Vuto lalikulu la kutsimikizika kwa wogwiritsa ntchito wamkulu silitha paliponse: ngati kutsimikizira kwa wopemphayo kukuchitika ndi CR, ndiye kuti ku DPKI ikufuna kupereka chitsimikiziro kwa anthu ammudzi, ndikugwiritsa ntchito ndalama zothandizira kulimbikitsa ntchito. Ukadaulo wotsimikizira gwero lotseguka umadziwika bwino. Kuchita bwino kwa kutsimikizira koteroko kwatsimikiziridwa muzochita. Tiyeni tikumbukirenso kafukufuku wina wapamwamba kwambiri wofalitsidwa ndi Bellingcat pa intaneti.
Koma kawirikawiri, chithunzi chotsatirachi chikuwonekera: DPKI ndi mwayi wokonza, ngati si onse, ndiye zolakwa zambiri za PKI yapakati.
Lembetsani ku Habrablog yathu, tikukonzekera kupitiliza kubisa kafukufuku wathu ndi chitukuko, ndikutsatira , ngati simukufuna kuphonya nkhani zina za ntchito za ENCRY.
Source: www.habr.com