Shulou(Shulou.com)06/01 Report--

(1) symmetric encryption (Symmetric Cryptography)

Symmetric key encryption, also known as private key encryption, means that the sender and receiver of the message use a key to encrypt and decrypt data. Its biggest advantage is its fast encryption / decryption speed, which is suitable for encrypting a large amount of data. one of the disadvantages of symmetric encryption is the management and distribution of the key. in other words, how to send the key to the person who needs to decrypt your message is a problem. In the process of sending a key, there is a great risk that the key will be intercepted. In reality, the usual practice is to asymmetrically encrypt the symmetrically encrypted key and then transmit it to those who need it.

Symmetric encryption usually uses a relatively small key, usually less than 256 bit. Because the larger the key, the stronger the encryption, but the slower the encryption and decryption process. If you only use 1 bit as the key, you can try to decrypt it with 0 first, and then use 1 if not; but if your key is as large as 1 MB, you may never be able to crack it, but the process of encryption and decryption takes a long time. The size of the key should take into account both security and efficiency, which is a trade-off.

(2) asymmetric encryption (Asymmetric Cryptography)

Asymmetric key encryption system, also known as public key encryption. Asymmetric encryption provides a very secure method for data encryption and decryption, which uses a pair of keys, public key (public key) and private key (private key). The private key can only be kept securely by one party and cannot be leaked, while the public key can be sent to anyone who requests it. Asymmetric encryption uses one of these keys for encryption, while decryption requires another key. For example, if you ask the bank for a public key, and the bank sends you the public key, and you use the public key to encrypt the message, then only the holder of the private key, the bank, can decrypt your message. Unlike symmetric encryption, banks do not need to send private keys over the network, so security is greatly improved. At present, the most commonly used asymmetric encryption algorithm is RSA algorithm. The public key mechanism is flexible, but the encryption and decryption speed is much slower than the symmetric key encryption.

Although asymmetric encryption is very secure, it is very slow compared with symmetric encryption, so we still have to use symmetric encryption to send messages, but the keys used in symmetric encryption can be sent through asymmetric encryption. To explain this process, take a look at the following example:

(1) Alice needs to make a transaction on the bank's website, and her browser first generates a random number as a symmetric key.

(2) the browser of Alice requests the public key from the bank's website.

(3) the bank sends the public key to Alice.

(4) Alice's browser uses the bank's public key to encrypt its own symmetric key.

(5) Alice's browser sends the encrypted symmetric key to the bank.

(6) the bank uses the private key to decrypt the symmetric key of the Alice browser.

(7) Alice and banks can use symmetric keys to encrypt and decrypt the content of communication.

(3) Summary

(1) symmetric encryption uses the same key as decryption, so it is fast, but the security is not high because the key needs to be transmitted over the network.

(2) asymmetric encryption uses a pair of keys, public key and private key, so the security is high, but the speed of encryption and decryption is slow.

(3) the solution is to encrypt the key of symmetric encryption using the public key of asymmetric encryption, and then send it out, and the receiver uses the private key to decrypt it to get the key of symmetric encryption, and then the two parties can use symmetric encryption to communicate.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.