Symmetric encryption
OF THE
The DES encryption algorithm is a block cipher that encrypts data in groups of 64 bits. Its key length is 56 bits. The same algorithm is used for encryption and decryption. The encryption speed is fast, but it is easy to crack and has low security.
3DES(Triple DES)
It is a symmetric algorithm based on DES, which encrypts a piece of data three times with three different keys, which has higher strength and is an enhanced version of DES.
(DES algorithm is relatively simple, easy to crack and is not recommended)
AES (WeChat is the encryption method)
The longest secret key length is 256bit, and the encryption and decryption speed is fast. The AES standard is used to replace the original DES
Advantages: The advantage of symmetric encryption is that the encryption and decryption speed is fast
Disadvantages: Both the sender and the receiver need to know the unique secret key, which is easy to leak
asymmetric encryption
RSA (most common)
Symmetric encryption, private key encryption, public key decryption or vice versa, the private key can deduce the public key and vice versa
RSA encryption and decryption are slow and not suitable for frequent and large data encryption and decryption
There are also asymmetric encryption commonly used in other scenarios
ECC elliptic curve encryption (most commonly used in blockchain wallets)
DSA
Algorithms with digital signatures
Advantages: No need to disclose the private key, high security
Disadvantages: the amount of encryption and decryption calculations increases, and the speed is slow
When using symmetric encryption, the secret key needs to be announced to the other party, which poses a security risk. However, using asymmetric encryption consumes a lot of performance, is slow, and is not suitable for scenarios with frequent requests and large amounts of data.
How to combine the advantages of both?
We can use it in combination with AES and RSA. When it is necessary to publish the AES secret key, use the public key of the requester to encrypt the AES secret key. When decrypting the message, use the decrypted AES secret key to decrypt it, so that the two encryption methods can be combined. Advantage.
B needs to ensure that A is the one who obtains the AES password, so the encryption must be the public key of A, so that only A can decrypt and obtain the AES password, even if other people obtain the ciphertext with the AES key, there is no way because of the lack of the private key got the password
Hash algorithm (hash algorithm)
md5 (most commonly used)
sha1, sha256 (different versions of sha algorithm)
SHA主要适用于数字签名标准里面定义的数字签名算法。是一种比MD5的安全性强的算法
hash算法因为其具有不可逆性,且输出长度固定。所以主要用于做摘要场景,也就是数字签名。
虽然都已经被破解
https://zh.wikipedia.org/wiki/SHA-1
但是我们可以采用多遍无规则hash一样很难破解
或者在保存登陆密码的场景可以加盐值再hash
其它
base64
只是一种编码格式,主要用于编码http无法传输的数据格式。将无法传输的数据格式编码为base64格式的字符串传输。比如使用文本传输图片
aes+rsa使用
非对称加密