Daily Chicken Soup: Every moment you want to learn is your future plea to yourself
Content warning ***** novice content, self-study summary use **** boss please detour
I read the principle of https before, saw symmetric encryption and asymmetric encryption, and various encryption methods, and I was confused. Even if I summarized this article , I forgot it in a few days, so the theory and practice have to be combined. right.
I recently encountered a project with the requirement: [Encrypt and store a piece of data in localstorage, and then take it out and decrypt it when it is used. 】
In fact, whether it is the encryption and decryption in https or the encryption and decryption of other projects, the principle is the same, and a set of algorithms are used. Therefore, several commonly used encryption/decryption algorithms are also consistent, no matter whether you are developing front-end or back-end development.
The commonly used package for front-end development is crypto-js , which contains all our commonly used encryption/decryption algorithms.
In my project, we use a key to encrypt a piece of text to generate a secretText. When decrypting, we also use this key to decrypt the secretText to get text; in this way, we use the same key in the process of encryption and decryption. This is the legendary symmetric encryption, such as the AES algorithm.
The data in the https transmission process is transmitted using symmetric encryption, and the key used for symmetric encryption (that is, the key mentioned above) is transmitted using asymmetric encryption.
Asymmetric encryption, as the name suggests, must not use the same key in the encryption/decryption process. The commonly used asymmetric encryption is RSA, and another package js-crypto-rsa can be used for this . But I haven't used it in actual projects, so just remember that RSA is an asymmetric encryption algorithm, and I will add it when I use it.
In summary, there are actually only two knowledge points
- AES is symmetric encryption
- RSA is asymmetric encryption
but! Here comes the problem, I just always get two letters mixed up, they are all three letters, how do I remember? You can know it by writing it by hand. The encryption we use in the front end is commonly used for symmetric encryption, which is the AES algorithm. The important thing is to say three times that AES is symmetric encryption, AES is symmetric encryption, and AES is symmetric encryption.
There is another question, what is the md5 they often talk about, and it is very commonly used anyway?
md5 is a hash (hash) algorithm, yes, hash algorithm, also called hash algorithm, transforms any Chengdu input into a fixed-length output, common ones are md5, sha1, etc.
Yes, the hash algorithm is also an encryption algorithm, but the difference is that it is
- Irreversible (cannot extrapolate input from output)
- The output lengths are the same.
- The same input produces the same output every time
- Different input and output must be different
So in the process of our development, if there is a file (or text), we can calculate its md5, and then calculate it again after a while. If the results are the same twice, then the file must not have been changed, otherwise the file must be There are changes. It can be seen that the hash algorithm can be used to judge the uniqueness of the data. is an information summarization algorithm
In summary, there are actually only two knowledge points
- md5, sha is the hash algorithm
- Hash algorithm is irreversible
Summary of knowledge points in this article
- Remember 2 sets of words AES/RSA. and md5/sha
- AES/RSA for encryption/decryption
- md5 / sha is used for information digest