Reference Links: https://www.liaoxuefeng.com/wiki/1016959663602400/1017686752491744
Digest algorithm (also called hash algorithm) is used to prevent tampering, because our metadata change even a single byte, given by the digest encryption algorithm will vary widely, so that we can compare two summary file, to give whether out of this file is changed.
Python provides a built-in modules hashlib digest algorithm
MD5
MD5 digest algorithm is a common, fast, the result is to generate a fixed byte 128bit, generally denoted by 32-bit hexadecimal string (as a hexadecimal character can be represented by just 4bit)
Import hashlib >>>
>>> hashlib.md5 = MD5 ()
>>> md5.update ( 'a'.encode (' UTF-. 8 '))
>>> Print (md5.hexdigest ())
0cc175b9c0f1b6a831c399e269772661
# To to compute the digest string is too long, can be divided into multiple summary, the result is the same
>>> md5.update ( 'b'.encode (' UTF-. 8 '))
>>> Print (md5.hexdigest ())
187ef4436122d1cc2f40dc2b92f0eba0
>>> hashlib.md5 ( 'ab'.encode (' utf -8 ')). hexdigest () # another call method
' 187ef4436122d1cc2f40dc2b92f0eba0 '
SHA1
Is another common SHA1 digest algorithm MD5 and his use as a digest is generated 160bit bytes, usually a 40-bit hexadecimal string representation.
SHA256 and SHA512
This is more secure than MD5 and SHA1 digest algorithm, but the slower the more secure digest algorithm
Digest function is a one-way function, it is easy to calculate the summary, but by the content of the document summary anti launched is very difficult, and, 1bit make changes to the original data, the summary will be produced very different. But because all of the digest algorithm is the infinite set is mapped to a limited set of them, so there may be two completely different file calculated as a summary, but it wants to be very, very difficult.
Abstract algorithm
The user's plaintext password to the database summary
The summary of the user's password instead of the user's plaintext password, can greatly improve database leak risks, but also longer database management to ensure that account has access to safe under circumstances, this also may be a certain degree of risk, that hacker the digest can be compared to the database and the generated password used in the summary, the user can get the same plaintext passwords,
Since common password MD5 value can easily be calculated, so make sure to store the user's password has not been calculated MD5 those commonly used passwords, this approach is achieved by the original password plus a complex string, commonly known as "plus salt":
def get_md5(password):
return hashlib.md5(password+'the_salt'.encode('utf-8')).hexdigest()
Thus, even if the user's password is very simple, the hacker can not withdraw from the user's plaintext password according to his grasp of the thrust reverser table
However, if two users use the same password for a simple example 123456, in the database, the two same MD5 value is stored, indicating that the two user's password is the same. Is there a way to let users use the same password to store different MD5 it?
If we assume that the user can not modify the login name, you can put the user login name as part of the Salt to calculate MD5, in order to achieve the same password is also different storage MD5.
Digest algorithm in many places have a wide range of applications. Pay attention to not digest algorithm encryption algorithm, can not be used for encryption (plain text because they can not push through anti-summary), can only be used for tamper-proof, but it's one way to calculate characteristics determine the user's password can be verified without storing passwords in plain text .