Explain the message digest algorithm in detail

Language 2023-04-16 14:57:02 views: null

Message digest algorithm, commonly used in password processing of some medium and large websites

Typical characteristics of a message digest algorithm:

  • same message, same digest
  • Digest length is fixed regardless of message length (same algorithm)
  • different messages, the digest will hardly be the same

Common message digest algorithms are:

  • MD series: MD2 (128bit), MD4 (128bit), MD5 (128bit)
  • SHA family: SHA-1 (160bit), SHA-256 (256bit), SHA-384 (384bit), SHA-512 (512bit)

Taking MD5 as an example, the operation result is composed of 128 binary numbers. Usually, it will be converted into a hexadecimal number to represent, which is a 32-bit hexadecimal number.

Therefore, the types of operation results of the MD5 algorithm are 2 to the 128th power, namely: 340282366920938463463374607431768211456

Since the message algorithm will lose part of the data during the operation, the message algorithm is irreversible!

When using the message digest algorithm to process password encryption, any "cracking" will not be "obtaining the original text calculated from the ciphertext"!

On the Internet, there are some platforms that record simple plaintext and ciphertext correspondence databases to achieve the effect of "querying the original text based on the ciphertext". However, as long as the original text is complex enough (more than 8 bits long), in order to ensure The complexity should use "salt", which will be one of the components of the data being operated, for example: it is impossible for these platforms to include their correspondence!

 

Even though the original password is very simple, for the calculation process, the real original data has already been changed 123456jhfdiu78543hjfdo8. It is impossible for such a corresponding relationship between the original text and the cipher text to be included by various platforms!

Therefore, in order to ensure the security of user passwords, the feasible methods are:

  • Require users to use stronger original passwords

    • require a longer password
    • Require more variety in the types of characters contained in passwords

  • With salt

    • In theory, the more complicated the salt value, the better, but there is no need to overcomplicate it
    • The specific use of the salt value is not stipulated. In principle, as long as it can make the calculated data complicated

  • Cyclic encryption

    • Use the ciphertext obtained by the first operation as the original text, and perform the second operation, and so on for many times

  • Use a message digest algorithm with a longer bit length

  • Combining the above methods

Guess you like

Origin blog.csdn.net/weixin_71583566/article/details/126670206
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com