Shulou(Shulou.com)06/02 Report--

This article mainly explains "what the strength of key encryption mainly depends on". Interested friends might as well take a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "the strength of key encryption mainly depends on what"!

The strength of encryption mainly depends on the encryption method and the complexity of the key. The key is a kind of parameter, which is input in the process of using the cryptographic algorithm, and it is an important parameter to determine whether the ciphertext is secure or not. usually, the longer the key, the more difficult it is to crack.

The operating environment of this tutorial: windows7 system, Dell G3 computer.

The strength of encryption mainly depends on the encryption method and the complexity of the key.

Secret key

A key is a parameter that is entered when using a cryptographic (cipher) algorithm. The same plaintext will produce different ciphertext under the same cryptographic algorithm and different key computation. Many well-known cryptographic algorithms are public, and the key is an important parameter to determine whether the ciphertext is secure or not. usually, the longer the key is, the more difficult it is to crack it. For example, an 8-bit key can be cracked very easily by using exhaustive method. The well-known DES algorithm uses a 56-bit key, which is no longer a secure encryption algorithm, mainly because the 56-bit key is too short. Can be cracked in a matter of hours. Keys are divided into symmetric keys and asymmetric keys.

Plaintext / ciphertext

Plaintext (plaintext) is the original data before encryption, and ciphertext is the result of cipher text (cipher) operation to become ciphertext (ciphertext).

Symmetric key

Symmetric key (Symmetric-key algorithm), also known as shared key encryption, uses the same key in the process of encryption and decryption. Common symmetric encryption algorithms include DES, 3DES, AES, RC5 and RC6. The advantage of a symmetric key is its fast computing speed, but it also has its disadvantages. The key needs to be shared at both ends of the communication to let each other know what the key is before the other party can decrypt it correctly. If all clients share the same key, then this key, like a master key, can be used to crack everyone's ciphertext, if each client and server maintain a separate key. Then the server will need to manage thousands of keys, which will bring nightmares to the server.

Here is a simple symmetric encryption that encrypts plaintext to ASCII.

# encryption method: based on ASCII + key value def encipher (plain_text, key): # encryption cipher_text = [] for c in plain_text:cipher_text.append (str (ord (c) + key)) return''.join (cipher_text) def decipher (cipher_text) Key): # decryption plain_text = [] for c in cipher_text.split (""): plain_text.append (chr (int (c) + key)) return "" .join (plain_text) if _ _ name__ = ='_ main__':print "cipher_text:", encipher ("abcdef", 0) print "plain_text:", decipher ("97 98 99 100 101 102", 0)

Asymmetric key

Asymmetric key (public-key cryptography), also known as public key encryption, the server will generate a pair of keys, one private key stored in the server, only know, the other is the public key, the public key can be freely published for anyone to use.

The plaintext of the client is encrypted by the public key and the ciphertext needs to be decrypted with the private key. The keys used by asymmetric keys in the process of encryption and decryption are different keys, and encryption and decryption are asymmetric, so it is called asymmetric encryption.

Compared with symmetric key encryption, asymmetric encryption does not need to share the key between the client and the server, as long as the private key is not sent to any user, even if the public key is intercepted on the Internet, it can not be decrypted. Only the stolen public key is useless. Common asymmetric encryption is RSA, the process of asymmetric encryption and decryption:

The server generates paired public and private keys

The private key is saved on the server, and the public key is sent to the client.

The client uses the public key to encrypt plaintext transmission to the server.

The server uses the private key to decrypt the ciphertext to get the plaintext

Digital signature

When the data is transferred between the browser and the server, the content may be replaced by a pretending thief in the process of transmission, so how to ensure that the data is sent by the real server without being transferred? at the same time, how to ensure that the transmitted data has not been tampered with? digital signatures must be used to solve these two problems, which are just like signatures in daily life. Once you drop your name on the contract, it is legally certain that it was signed by you, which no one can copy, because it is your proprietary handwriting and no one can create it.

So what about the digital signature in the computer? Digital signature is used to verify whether the transmitted content is the data sent by the real server, and whether the sent data has been tampered with, it does these two things, which is an application scenario of asymmetric encryption. Instead, he encrypts it with a private key and decrypts it with a paired public key.

The first step: the server processes the message after Hash to generate the summary information Digest, and the summary information is encrypted with the private key private-key to generate the signature. The server sends the signature together with the message to the client.

Step 2: after receiving the data, the client extracts the signature and decrypts it with public-key. If it can decrypt the Digest2 normally, it can confirm that it is sent by the other party.

Step 3: the client extracts the message Text to do the same Hash processing, and the summary information Digest1 is compared with the previously decrypted Digist2. If the two are equal, it means that the content has not been tampered with, otherwise the content has been altered. Because even the slightest change in the text will Hash a completely different summary message.

Digital certificate

Digital certificate referred to as CA, it is issued to a website by the authority of a recognized certificate, this certificate is recognized by everyone (browser), why need to use a digital certificate, is it not secure enough with a digital signature?

There is such a situation, that is, browsers cannot determine whether all the real servers are real. To take a simple example: a manufacturer installs locks on your home and gives you the key. As long as the key can open the lock, you can make sure that the key and lock match. If someone changes the key or lock, you can't open the door, and you know it must have been stolen. However, if someone replaces the lock and key with another set that looks similar on the surface, but the quality is much worse, although the key and lock are matched, you are not sure whether this is really given to you by manufacturer A, then at this time, you can find the quality inspection department to check whether this set of lock really comes from manufacturer A, which is an authoritative body, and what he said can be recognized by the public (hehe).

Similarly, because if someone (Zhang San) replaces the public key sent by the real server to the browser with his own public key, then Zhang San performs the same steps for the text Hash and digital signature with his own private key, and the final result is no problem, but in fact what the browser sees is not given by the real server, but is replaced by Zhang San from the inside to the outside (public key to private key).

So how do you make sure that the public key you are using is sent to you by a real server? We use digital certificates to solve this problem. The digital certificate is generally issued by the digital certificate authority (Certificate Authority). The certificate contains the public key of the real server and some other information of the website. The digital certificate authority encrypts it with its own private key and sends it to the browser. The browser uses the public key of the digital certificate authority to decrypt the public key of the real server. This process is based on the public key obtained by a recognized certificate authority, so it is a secure way.

At this point, I believe that everyone has a deeper understanding of "what the strength of key encryption mainly depends on". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.