Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "how is the encryption process of PBE". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Password based password (PBE)

A password-based password (Password Based Encryption,PBE) is a method of generating a key based on a password and encrypting it with that key. The same key is used for encryption and decryption.

Based on the user's own password and salt, let's take a look at the encryption process:

The encryption process can be divided into these steps:

Generate KEK key

Use a pseudorandom number generator to generate salt

Use the one-way hash function algorithm to generate the KEK key for salt and the user's own password

Generate session key and encrypt

Generate session key CEK using pseudorandom number generator

Encrypt the session key CEK using the KEK key generated in step 1 to get the encrypted session key

Save the salt generated by step 1 and the encrypted session key generated by step 2 for later decryption.

Encrypted message

Encrypt the message using the session key CEK generated in step 2 to get the encrypted message.

The KEK generated in step 1 does not need to be saved because it can be refactored according to salt.

Next, let's take a look at the decryption process:

Rebuild KEK

Using the saved salt and the password remembered by the user, the KEK is reconstructed according to the one-way hash algorithm.

Decrypt session key

Decrypt the encrypted session key using the KEK generated in step 1 to get the decrypted session key

Decrypt the message

The encrypted message is decrypted using the decrypted session key to get the original message.

Why use salt?

Salt is mainly to defend against dictionary attacks, because users' own passwords are not random and are easy to be cracked by force. With the addition of salt, it is much more difficult to be cracked by violence.

This is the end of the content of "what is the encryption process of PBE". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.