6.3.9 encryption algorithm introduced
- The HASH
the Hash, generally translated as 'hashing' or 'hash'. Is the input of any length (also called pre-mapping, pre-image), by hash algorithm, a fixed length into an output, the output is the hash value. When this conversion for compressing mapping, which is the space hash value is typically much smaller than the input space, different inputs may be the same output hash city, and unlikely to counter the launch of input values from the hash value. A message is simply an arbitrary length is compressed to a function of a fixed length message digest.- Features:
- Information of any length, converted into a fixed length output
- Different inputs could get the same results
- The results can not be inferred from the input
- Remain unchanged only in the current program
- Features:
The MD5
the MD5 message digest algorithm (MD5 Message-Digest Algorithm), one kind of cryptographic hash function is heteroaryl widely used, can produce a 128-bit hash value (hash value), it is used to ensure complete and consistent information transmission. MD5's predecessor had MD2, MD3 and MD4.- MD5 function:
- The input information of any length, after processing, the output is 128 bits (bit) of information (digital fingerprints)
- Different input different results (uniqueness) (in fact, may be repeated, but the probability is much smaller than the hash)
- Any platform, any language to the same content generated MD5 value will never change (can be used for digital signatures: confirm the consistency of the file)
- MD5 algorithm features:
- Compressibility: arbitrary data length, the calculated values are 128bit MD5
- Easy to calculate: No matter how much raw data to generate MD5 very quickly
- Anti modification of: any change to the original data is changed MD5
Strong anti-collision: a consistent raw data and MD5, with the same MD5 want to find a worthy original data (ie, falsified data) is very difficult
Hash collision: different raw data to produce the same hash value
- MD5 function:
MD5 algorithm whether reversible? MD5 irreversible, because using a hash algorithm (irreversible operation)
+ MD5的用途:
+ 防篡改
+ 防看到明文(保存在服务器上的账号密码其实都是MD5值)
> 但是因为相同的原数据生成的MD5也不会变,也可以用撞库方式来推出结果。。。
+ 防止抵赖(数字签名)
> 这需要一个第三方认证机构。证明这个文件是本人写过的(比如电子欠条什么的)。6.3.10 hashlib module (encryption module)
1. Common file checksum algorithm: MD5
Because the encryption security SHA better, we do not usually MD5 encryption, but used for file verification (is not the same file)
MD5 algorithm is applied:
import hashlib
str1 = 'hello world'
str2 = '欢迎'
m1 = hashlib.md5() # 初始化一个MD5的对象
m1.update(str1.encode(encoding='utf-8')) # 哈希str1,update的参数必须是bytes类型。返回hash类型对象
# print(m.digest()) # 消化(数字化)哈希对象:把哈希对象数字化
print(m1.hexdigest()) # 以16进制消化
m1.update(str2.encode(encoding='utf-8')) # 继续update相当于把str1和str2拼接以后生成的哈希值。
print(m1.hexdigest())
str3 = str1 + str2
m2 = hashlib.md5() # 重新初始化一个MD5的对象
m2.update(str3.encode(encoding='utf-8'))
print(m2.hexdigest()) # 结果应该和m1的最后结果相同Extended:
Hackers often use way to hit the library to crack the code! Hit library: Because MD5 value does not change, you can use brute-force method to find the original data. (By exhaustive Faha Xi string, if the result of this is that you know the original MD5 value data) so we know MD5 value of the database, but also can hit knocked out the library
Off Library: database hacker got
salt: in your password, add something or give you only one operation and then hash. (Hackers do not know the content of salt, it is difficult inverse solution out)
2. Now mainstream encryption algorithms: SHA
Because fewer bits of MD5 hash result, relatively easy to crack. + MD5: 128bit hash value
- SHA: hash value according to the specifications of different lengths, a minimum of 160bit
SHA is the US National Security Agency design, released by the US National Institute of Standards and Technology a series cryptographic hash function.
In 2005, due to the MD5 and SHA-1 was cracked Shandong University professor Wang Xiaoyun, scientists have quit the SHA224, SHA256, SHA384, SHA512, of course, the longer the median, much harder to break, but at the same time generating an encrypted message digest It consumed longer. The most popular is the 256-encryption algorithm SHA (HTTPS is now based on SHA-256, formerly SHA-1) (SSL2 is SHA-256)
MD5 and SHA usage is the same:
import hashlib
str1 = 'hello world'
m1 = hashlib.sha256() # 初始化一个SHA256的对象
m1.update(str1.encode(encoding='utf-8')) # 哈希str1,update的参数必须是bytes类型。返回hash类型对象
print(m1.hexdigest()) # 以16进制消化