Applications of symmetric encryption and asymmetric encryption

Enterprise 2023-09-30 21:11:02 views: null

Original text from: Potter’s personal blog

Summary content

  • What is symmetric encryption
  • Symmetric encryption demo
  • What is asymmetric encryption
  • Asymmetric encryption demo
  • Used in combination with symmetric encryption and asymmetric encryption
  • Introduce a feasible hybrid encryption scheme and how to apply it to interface data encryption
  • Demo source code project

What is symmetric encryption

  • Definition:> Symmetric-key algorithm (English: Symmetric-key algorithm), also known as symmetric encryption, private key encryption, and shared key encryption, is a type of encryption algorithm in cryptography. This type of algorithm uses the same key for encryption and decryption, or uses two keys that can be easily deduced from each other* Advantages: > The algorithm is public, the amount of calculation is small, the encryption speed is fast, the encryption efficiency is high, and it is suitable for large amounts of data Encrypted scenarios. For example, in HLS (HTTP Live Streaming) ordinary encryption scenarios, the AES-128 symmetric encryption algorithm is generally used to encrypt TS slices to ensure the security of multimedia resources* Disadvantages: > The security is not high, as long as the secret key is obtained, the data can be Unlock* The process of symmetric encryption: > The sender uses a key to encrypt the plaintext data into ciphertext, and then sends it out. After the receiver receives the ciphertext, it uses the same key to decrypt the ciphertext into plaintext and read it.

Symmetric encryption demo

this.key = CryptoJS.enc.Utf8.parse("0123456789abcdef");
this.iv = CryptoJS.enc.Utf8.parse("abcdef0123456789");
/**
* AES 加密
* @param iv
* @param key
* @param content 加密数据
* @returns {string}
* @private
*/
__aesEncrypt(iv, key, content) {let text = CryptoJS.enc.Utf8.parse(JSON.stringify(content));let encrypted = CryptoJS.AES.encrypt(text, key,{iv: iv,mode: CryptoJS.mode.CBC,padding: CryptoJS.pad.Pkcs7,});return encrypted.toString();
},

/**
* AES 解密
* @param iv
* @param key
* @param content解密数据
* @returns {string}
* @private
*/
__aesDecrypt(iv, key, content) {let decrypt = CryptoJS.AES.decrypt(content, key, {iv: iv,mode: CryptoJS.mode.CBC,padding: CryptoJS.pad.Pkcs7,});let decryptText = decrypt.toString(CryptoJS.enc.Utf8);return decryptText.replace(/\"/g, "");
},

What is asymmetric encryption

  • Definition: > The asymmetric encryption algorithm requires two keys: public key (publickey: referred to as public key) and private key (privatekey: referred to as private key). The public key and the private key are a pair. If the public key is used to encrypt data, it can only be decrypted with the corresponding private key. Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm* Advantages:> Higher security, the public key is public, and the private key is kept by itself. There is no need to transfer the private key to the public key. Provide the key to others* Disadvantages> Slow encryption and decryption speed, only suitable for small data encryption and decryption* Symmetric encryption process:
    this.rsaEncryptor = new JSEncrypt();
    this.rsaEncryptor.setPublicKey(this.rsa_pub_key);
    this.rsaDecryptor = new JSEncrypt();
    this.rsaDecryptor.setPrivateKey(this.rsa_pri_key);

/**

  • RSA encryption
  • @param content
  • @returns {CipherParams|PromiseLike}
  • @private
    /
    __rsaEncrypt(content) {return this.rsaEncryptor.encrypt(content);
    },
    /    *
  • RSA decryption
  • @param content
  • @returns {WordArray|PromiseLike}
  • @private
    */
    __rsaDecrypt(content) {return this.rsaDecryptor.decrypt(content);
    },

* * *

### 对称加密与非对称加密组合使用

> 现在对称加密和非对称加密的缺点我们都知道了,那就结合对称加密和非对称加密的优点来个demo,思路:针对小数据对称加密的iv和key,采用非对称加密;针对大数据data采用对称加密。

/**

  • hybrid encryption
  • @param iv
  • @param key
  • @param content
  • @returns { {data: string, iv: (CipherParams|PromiseLike), key: (CipherParams|PromiseLike)}}
  • @private
    */
    __hybirdEncrypt(iv, key, content) {const aesEncryptData = this.__aesEncrypt(iv, key, content);const rsaEncryptIv = this.__rsaEncrypt(iv);const rsaEncryptKey = this.__rsaEncrypt(key);return {iv: rsaEncryptIv,key: rsaEncryptKey,data: aesEncryptData,};
    },

/**

  • Hybrid decryption
  • @param encryptInfo
  • @returns {string}
  • @private
    */
    __hybirdDecrypt(encryptInfo) {const iv = this.rsaDecryptor.decrypt(encryptInfo.iv);const key = this.rsaDecryptor.decrypt(encryptInfo.key);const data = encryptInfo.data;return this.__aesDecrypt(iv, key, data);
    }

* * *

### 介绍一套可行混合加密方案,怎么应用到接口数据加密中。流程图如下:

* 思路如下:* 第1步:创建一套RSA 公私钥,公钥前端拿着,私钥服务端拿着* 第2步:前端为每一个网络请求生成RequestID* 第3步:客户端生成AES Key,然后将RequestID 作为Key,AES Key 作为Value 存内存* 第4步:客户端用生成的AES Key 加密请求数据Request Data,用RSA公钥对AES Key进行加密,同时把requestID、加密数据、加密AES Key 发送给服务端* 第5步:服务端用RSA私钥解密被加密的AES Key,然后再用解开的AES Key 对RequestData数据进行解密* 第6步:服务端用AES Key对响应数据ResposneData加密+RequestID、返回给前端* 第7步:前端根据服务端返回的RequestID 取出内存的AES key, 用AES key 解密Resposne Data数据,用完后删除内存RequestID 的AES key 数据。* 最后:前端每次发送请求都创建AES Key 去加密数据,收到服务端响应数据解密用完后,就删除掉内存中的AES Key数据,如此循环就用一套RSA公私钥解决混合加密问题
* 流程图: <img src="https://p3-juejin.byteimg.com/tos-cn-i-k3u1fbpfcp/408e5162d6d74824ae9f5e0c1b48ee81~tplv-k3u1fbpfcp-zoom-in-crop-mark:4536:0:0:0.image" style="margin: auto" />

* * *

### Demo源码工程:

* 访问地址:[github.com/aa4790139/e…](https://link.juejin.cn/?target=https%3A%2F%2Fgithub.com%2Faa4790139%2Fencrypt_decrypt_sample "https://github.com/aa4790139/encrypt_decrypt_sample")

### 最后:

> 由于对称加密DES安全性已不太强,所以就选择了替代品AES。非常感谢阿宝哥提供的[玩转混合加密](https://link.juejin.cn/?target=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2Fi_Clg5kmTBwcFoSUNO-naQ "https://mp.weixin.qq.com/s/i_Clg5kmTBwcFoSUNO-naQ")文章,讲得通俗易懂,让我受益匪浅。最后阿宝哥提到把AES key 存放内存容易让他人搞到AES Key。所以我就去了解Web如何防调试、代码怎么混淆等,下一篇:[Web如何防调试](https://link.juejin.cn/?target=https%3A%2F%2Fyanxuewen.cn%2F2020%2F12%2F27%2FWeb01%2F "https://yanxuewen.cn/2020/12/27/Web01/")

* * *

### 参考文献:

* [阿宝哥-玩转混合加密](https://link.juejin.cn/?target=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2Fi_Clg5kmTBwcFoSUNO-naQ "https://mp.weixin.qq.com/s/i_Clg5kmTBwcFoSUNO-naQ")

* * *

### 更多相关资料:

* [DES加密算法原理](https://link.juejin.cn/?target=https%3A%2F%2Fwww.jianshu.com%2Fp%2Fc44a8a1b7c38 "https://www.jianshu.com/p/c44a8a1b7c38")
* [算法科普:神秘的 DES 加密算法](https://link.juejin.cn/?target=https%3A%2F%2Fwww.cxyxiaowu.com%2F1478.html "https://www.cxyxiaowu.com/1478.html")

* * *

> 以上: 如发现有问题,欢迎留言指出,我及时更正
< img src="https://hnxx.oss-cn-shanghai.aliyuncs.com/official/1678694737820.png?t=0.6334725112165747" />

Guess you like

Origin blog.csdn.net/javagty6778/article/details/129649625
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com