Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to use hash encryption method in Python". In daily operation, I believe many people have doubts about how to use hash encryption method in Python. The editor consulted all kinds of data and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts about "how to use hash encryption method in Python". Next, please follow the editor to study!

Introduction to concept

Hash algorithm (Hash Algorithm), also known as hash algorithm, hash algorithm, is a way to create small digital "fingerprints" from arbitrary files. Like fingerprints, the hashing algorithm is a sign that ensures the uniqueness of the file with short information, which is related to every byte of the file, and it is difficult to find the reverse rule. Therefore, when the original file changes, its flag value will also change, thus telling the file user that the current file is no longer the file you need.

To put it simply, Hash is to generate a unique piece of fixed-length data from any piece of data through some algorithm.

You can also think of the hash as a file fingerprint, because it is a symbol of the uniqueness of the file and is related to each byte. When the file changes, the fingerprint value will also change.

If you compare the hash algorithm to a factory

The content passed to the hash algorithm is the raw material.

The generated hash value is the product produced.

Characteristics

Forward fast: given plaintext and Hash algorithm, Hash can be calculated in limited time and limited resources.

As long as the content passed in is the same, the hash value must be the same.

Inverse difficulty: given the Hash value, it is difficult to deduce the plaintext in a limited time.

Input sensitivity: any change in the original input information should result in a significant change in the new Hash value

Conflict avoidance: it is difficult to find two clear texts with different contents so that their Hash values are the same.

Fixed length: as long as we use a fixed hash algorithm, the length of the resulting hash value is fixed no matter how big the content is.

Summary of information: hash is only a summary of information, information fingerprint, is used for data identification

What does hash have?

Common Hash algorithms include MD5 and SHA series. At present, MD5 and SHA1 have been cracked. It is generally recommended to use at least SHA2-256algorithm.

Hash algorithm output length (bit) output length (bytes) MD5128 bit16 bytesRipeMD160160 bits20 bytesSHA-1160 bits20 bytesSHA-256256 bits32 bytesSHA-512512 bits64 bytes algorithm collision

If you think about it a little bit, you can find that since the length of the input data is not fixed, while the hash value of the output is a fixed length, which means that the hash value is a finite set, while the input data can be infinitely many, it is obviously unrealistic to establish an one-to-one relationship. So "collision" is bound to occur, so a mature hash algorithm will have better anti-conflict, and the problem of hash conflict should also be taken into account when implementing the structure of the hash table.

For example, "666" is "fae0b27c451c728867a567e8c1bb4e53" after Hash, and the same Hash algorithm gets the same value. For example, if the WiFi password is a pure 8-digit number, there are at most 99999999 possibilities. What you need to do to crack this password is to generate a Hash value of 0 to 100 million digits in advance, and then do 100 million Boolean operations (that is, Bool value judgment, 0 or 1). Now the ordinary I5 quad-core CPU can reach 20 billion floating-point calculations per second, and do 100 million Boolean operations in seconds.

A password made up of 8-bit uppercase and lowercase letters, numbers and special symbols, if encrypted according to MD5, has a hash value of about 100 trillion, and i9 has a computing power of 100 billion per second. It will take at least 24 hours. This is only in extreme cases, if you add the encryption algorithm uncertainty (e.g. 3), request time (e.g. 3), query time (e.g. 3), it will already take about half a year. If you add the error waiting time (for example, enter 5 errors to wait for 24 hours), it will already take 50 years.

Of course, if 30,000 computers are cracked at the same time, it will still be one day-_-|.

But as virtue rises one foot, vice rises ten. Who would be foolish enough to stand and beat the other and wait for it? Are all relative.

So try not to use pure numbers for passwords because there is no security at all.

Add salt to prevent collision

Perform Hash operation on the digital content, obtain a unique summary value to refer to the original and complete digital content, and use the collision resistance of the Hash function to ensure that the content has not been tampered with.

User names and passwords are often used to ensure the security of user information. In order to prevent attacks, salt is added to the original plaintext with a random number of Hash values. The Hash value and salt are stored in two places, which are difficult to crack as long as they are not leaked at the same time.

Encrypt

If you need to encrypt the password or other content entered by the user in Python, the preferred method is to generate a hash value

There are two modules that can be used in Python:

Crypth

Ashlib

Main methods of hashlib

Use: hashlib.md5 ()

Name description md5 (…) Use md5 algorithm to encrypt sha1 (…) Use sha1 algorithm to encrypt sha224 (…) Use sha224 algorithm to encrypt sha256 (…) Use sha256 algorithm to encrypt sha384 (…) Use sha384 algorithm to encrypt sha512 (…) Using sha512 algorithm to encrypt unique methods

If you generate a Hash object using hashlib, the Hash object will contain the following methods

The name description update (arg) can reuse the Hash object that specifies a special encryption algorithm to encrypt the arg with digest (…) Returns encrypted content hexdigest (…) in character form. Return encrypted content copy (…) in hexadecimal form In order to achieve the purpose of reusing Hash objects, the method of cloning Hash objects

Use the hashlib method directly

Import hashlib hashlib.sha224 ("Nobody inspects the spammish repetition" .encode ("utf-8")) # encrypted hashlib.sha224 ("Nobody inspects the spammish repetition" .encode ("utf-8")) .hexdigest () # returns encrypted content

Use methods in the Hash object directly

Import hashlib # make factory m = hashlib.md5 () # put raw material m.update ("Nobody inspects" .encode ('utf-8')) # output hash value m.digest () m.update ("the spammish repetition" ("utf-8")) m.digest () m.hexdigest () add salt import hashlib # make factory m = hashlib.md5 ("this is salt" .encode ("utf-8") # put raw material m.update ( "Nobody inspects" .encode ('utf-8') # produces a hash value of m.digest () m.update ("the spammish repetition" .encode ("utf-8")) m.digest () m.hexdigest () crypt

Main methods

Name type description crypt (…) Method to encrypt the specified content with hash mksalt (…) Methods generate saltmethodslist according to encryption algorithm and return the list of available encryption algorithms MOTHOD_CRYPT constant encryption algorithm METHOD_MD5 constant md5 encryption algorithm METHOD_SHA256 constant sha256 encryption algorithm METHOD_SHA512 constant sha512 encryption algorithm instructions

Use crypt.crypt (…) When performing hash encryption, you need to provide two parameters:

Encrypted content

Salt

Import crypt salt = crypt.mksalt (crypt.METHOD_SHA512) hash = crypt.crypt ("helloworld", salt) apply password encryption m=hashlib.md5 () m.update ('key'.encode (' utf-8')) # add another element to increase password complexity Not adding salt m.update (password.encode ('utf-8')) print (m.hexdigest ()) to apply consistency check m = hashlib.md5 () with open (rust E:\ 01.mp4mm) as f: for line in f: m.update (line) print (m.hexdigest) at this point, the study on "how to use hash encryption in Python" is over, hoping to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.