Recently encountered a lot of encryption algorithm type problems, try to summarize (probably sorted out ~)
1. One-way hash hash algorithm
The MD5, SHA (128, 256) series (information digest algorithms) is a way to create small digital “fingerprints” from any kind of data. A hash function compresses a message or data into a summary, making the amount of data smaller and the format of the data fixed. Unidirectional hash function is an irreversible information summarization algorithm, which cannot be restored to plain text by ciphertext
Application Scenarios:
Used for password storage
Used to generate summaries of information and verify data integrity:
2. Symmetric encryption algorithm
Common symmetric encryption algorithms include DES, 3DES, AES, Blowfish, IDEA, RC5, and RC6. Due to its high efficiency, the algorithm is generally used for real-time data encryption communication that requires efficiency. For example, when VPN or proxy is used to encrypt communication, data confidentiality must be ensured while high latency must be ensured. Therefore, symmetric encryption algorithms are usually used.
3. Asymmetric encryption (RSA algorithm)
It requires two keys, one public key and one private key, one for encryption and one for decryption. If one key is used to encrypt the plaintext, the original plaintext can only be decrypted with the corresponding other key. Even the key originally used to encrypt plaintext cannot be used for decryption. Because encryption and decryption require two different keys, it is called asymmetric encryption.
PS: Generally, public keys are short in length. Therefore, we disclose public keys to others to encrypt data. I use the private key to decrypt the data, but remember that due to the asymmetric nature, we can also use the public private key encryption, and use the public key decryption. The reason for not doing this is simply that private keys are generally longer than public keys and are more expensive to transfer.
Comparison of symmetry and asymmetry:
By analyzing the characteristics of these two algorithms, it can be known that when using symmetric encryption (such as AES) to encrypt the data in transmission, both parties should first know what the secret key is, but the problem is that the transmission of the secret key is a problem, and the direct transmission through the network is extremely insecure. Because once the network is listened to, the secret key has no purpose to exist, and listening to a network is not very difficult, so we can not directly use AES.
The asymmetric encryption algorithm (for example, RSA) is an asymmetric encryption algorithm. The private key is used for decryption and the public key is used for encryption. The public key is “public” because it needs to be made public and does not need to be kept secret. For communication on both sides, so set up after the link first thing in the distribution of their public key to each other, data transmission to the other end of the time, to use the receiver first sending a public key to encrypt data before sending, the receiving party will use its own private key to decrypt the data are clear, and then use each other’s public key to encrypt sensitive response data, Then send it to the other party, who decrypts it with their private key. This completes the data encryption transmission communication.
However, this encryption algorithm is more resource-intensive than AES, and is not recommended for a web service with heavy traffic.
Why is symmetric ENCRYPTION AES faster than asymmetric encryption RSA?
Basically, there are several points:
-
First of all, key generation must be slow, because the RANDOMness requirement of RSA keys also needs to meet mathematical constraints.
-
Secondly, the length of the RSA key is much longer than that of the AES key with the same security strength. In addition, AES operations are essentially displacement and substitution while RSA requires large modular operations.
-
Finally, THE AES method now has hardware acceleration instructions specifically for it, which is much faster than RSA
RSA is based on power modulus arithmetic. Note that c, e, and N are hundreds of bits (128/256/512/…). The large Numbers. Encryption is good, the public key can choose relatively small, the power is not so large. Decryption of the private key is inevitably large, large power causes slow power module. Encryption and decryption must be slow at one end
AES: if the AES is 1024bit, the grouping may be divided into 16 128-bit AES. The basic operation of AES actually has three kinds, Sbox, XOR and shift, the calculation speed is fast.