Forward looking concept
Before understanding the encryption and decryption process, we first understand some basic concepts
- Plain text: The message before encryption is called "plain text" (plain text)
- Cipher text: The encrypted text is called "cipher text" (cipher text)
- Key: Only someone with a special "key" can decrypt the encrypted text. The "key" here is called the "key"
"Key" is a string, and the unit of measurement is "bit" (bit). For example, the key length is 128, which is a 16-byte binary string.
- According to how the key is used, encryption can be divided into two categories: symmetric encryption and asymmetric encryption
Symmetric encryption
-
Features: There is only one key, and the key must be kept secret. The commonly used AES algorithm is
In addition to AES encryption, there is also a group encryption mode , which is group encryption of plain text. Among them, AEAD_AES_256_GCM is used in WeChat payment.
-
Advantages: fast computing speed
-
Disadvantages: The secret key needs to be shared by both parties in the information exchange. Once stolen, the message will be cracked and secure key exchange cannot be achieved.
asymmetric encryption
-
Features: Use two keys, public key and private key. The public key can be distributed arbitrarily and the private key needs to be kept secret. The common algorithm is RSA encryption.
Tips: After using the public key to encrypt, you can only use the private key to decrypt. Conversely, after using the private key to encrypt, you can only use the public key to decrypt.
-
Advantages: Hackers cannot crack the ciphertext if they obtain the public key, which solves the key exchange problem
-
Disadvantages: The operation speed is very slow
Supplementary note:
In actual scenarios, symmetric encryption and asymmetric encryption are usually used in combination. Because asymmetric encryption operates slowly, symmetric encryption keys are at risk of being stolen. When communicating, you can first transmit the key in symmetric encryption
through asymmetric encryption , so that there is no risk of being stolen; then decrypt the private key to obtain the symmetric encryption key , and finally you can use the symmetric encryption normally. method for data transmission. This greatly improves efficiency and ensures safety.
Authentication
There is a scenario below where Bob and his friends want to communicate by letter. In order to ensure security, they use public key encryption and private key decryption.
Figure 1 shows that Bob keeps his private key and distributes the public key to his friends.
Figure 2 shows that when Susan writes a letter, she uses Bob's public key to encrypt it and then sends it. At this time, after Bob receives the letter, he decrypts it with his private key and obtains the content of the letter.
In the same way, Bob's reply is also encrypted using Susan's public key, and when Susan reads the letter, she uses her own private key to decrypt it.
From the above scenario, it is not difficult to see that the main function of public key encryption and private key decryption is to encrypt information. So if we use private key encryption, what is the role of public key decryption?
In Figure 3, Bob uses his private key to encrypt the letter and then sends it. It is not difficult to see that as long as he has Bob’s public key, anyone can know the content of the letter. Obviously, it does not play the role of encrypting the information.
Figure 4 and Figure 3 are the same scene, but as long as the content of the letter can be decrypted with Bob's public key, it can be determined that the letter was written by Bob. This actually plays a role in identity authentication.
Private key encryption and public key decryption are used for identity authentication.