Python common encryption module --hashlib

Python common encryption module --hashlib

One, HASH

Hash, generally translated as a "hash", also has a direct transliteration of "hash", that is, the arbitrary length input (also called pre-mapping, pre-image), through a hash algorithm, to output the converted fixed length, the output is the hash value. This conversion is a compression map, i.e., the space hash value is typically much smaller than the input space, different inputs may be the same hashed output drive is not possible to uniquely determine the value of the input from the hash value.

Simply means that the message of any length A to the compression function of the message digest of a fixed length.

HASH mainly used in the field of information security encryption algorithms, some of the information he converted to different lengths of 128-bit code in messy called HASH value. It can be said, hash is to find a mapping relationship between data content and data storage address.

Two, MD5

1. What is the MD5 algorithm

MD5 message digest algorithm (English: MD5 Message-Digest Algorithm), a widely heteroaryl password hash function used, can produce a 128-bit hash value (hash value), information transmission to ensure complete and consistent. MD5's predecessor had MD2, MD3 and MD4.

2, MD5 function

The input information of any length, after processing, the output 128 of the information (digital fingerprints);

Different results (Uniqueness) different input obtained;

3 features MD5 algorithm

1, compressibility: arbitrary data length, the length of the MD5 value is calculated are fixed.

2, easily calculated: MD5 value is calculated from the original data easily.

3, anti modifications: the original data to make any changes, modify the value of the difference between a byte MD5 generation will be great.

4, strong anti-collision: the original data and the known MD5, want to find data (ie, falsified data) is very difficult with the same MD5 values.

4, MD5 algorithm whether reversible?

MD5 irreversible, because it is a hash function, using a hash algorithm, part of the original information is lost during the calculation of the.

5, MD5 uses

1, prevent tampering

比如发送一个电子文档，发送前，我先得到MD5的输出结果a。然后在对方收到电子文档后，对方也得到一个MD5的输出结果b。如果a与b一样就代表中途未被篡改。

比如我提供文件下载，为了防止不法分子在安装程序中添加木马，我可以在网站上公布由安装文件得到的MD5输出结果。

SVN在检测文件是否在CheckOut后被修改过，也是用到了MD5.

2, to prevent direct view plain text

现在很多网站在数据库存储用户的密码的时候都是存储用户密码的MD5值。这样就算不法分子得到数据库的用户密码的MD5值，也无法知道用户的密码。（比如在UNIX系统中用户的密码就是以MD5（或其它类似的算法）经加密后存储在文件系统中。当用户登录的时候，系统把用户输入的密码计算成MD5值，然后再去和保存在文件系统中的MD5值进行比较，进而确定输入的密码是否正确。通过这样的步骤，系统在并不知道用户密码的明码的情况下就可以确定用户登录系统的合法性。这不但可以避免用户的密码被具有系统管理员权限的用户知道，而且还在一定程度上增加了密码被破解的难度。）

3, non-repudiation (digital signature)

这需要一个第三方认证机构。例如A写了一个文件，认证机构对此文件用MD5算法产生摘要信息并做好记录。若以后A说这文件不是他写的，权威机构只需对此文件重新产生摘要信息，然后跟记录在册的摘要信息进行比对，相同的话，就证明是A写的了。这就是所谓的“数字签名”。

Three, SHA-1

Secure Hash Algorithm (Secure Hash Algorithm) is mainly applied to Digital Signature Standard (Digital Signature Standard DSS) which defines the Digital Signature Algorithm (Digital Signature Algorithm DSA). For the message length is less than 2 ^ 64-bit, SHA1 produces a 160-bit message digest. When receiving the message, the message digest can be used to verify data integrity.

SHA is designed for the US National Security Agency, published by the US National Institute of Standards and Technology series of cryptographic hash functions.

As the MD5 and SHA-1 in 2005 to crack the Shandong University professor Wang Xiaoyun, scientists have launched a SHA224, SHA256, SHA384, SHA512, of course, the longer the median, much harder to break, but at the same time generating an encrypted message digest time spent longer. The most popular is the encryption algorithm is SHA-256.

Four, MD5 and SHA-1 compared

As the MD5 and SHA-1 are developed from MD4, their structure and properties of strength have many similarities, the maximum difference between the MD5 and SHA-1 digest in that it is longer than 32 bits of the MD5 digest. For a brute force attack, any packet so that a given message digest is equal to the difficulty digest: MD5 is the magnitude of the operation 2128, SHA-1 is the order of 2160 operations. The difficulty of generating two packets having the same digest: MD5 is of the order of operation 264, SHA-1 is the order of 280 operations. Thus, greater SHA-1 provides a pair of force attack. However, since the cache SHA-1 loop of steps than 80:64 and MD5 to process multiple large 160 bits: 128-bit, SHA-1 operation speed slower than MD5.

Five, Python provided the relevant module

For operating the associated encrypted, 3.x was replaced with hashlib md5 sha modules and modules, providing the main SHA1, SHA224, SHA256, SHA384, SHA512, MD5 algorithm.

import hashlib

# md5
m = hashlib.md5()
m.update(b"Hello")
m.update(b"It's me")
print(m.digest())  # 返回2进制格式的hash值
m.update(b"It's been a long time since last time we ...")
print(m.hexdigest()) # 返回16进制格式的hash值

# sha1
s1 = hashlib.sha1()
s1.update("小猿圈".encode("utf-8"))
s1.hexdigest()

# sha256
s256 = hashlib.sha256()
s256.update("小猿圈".encode("utf-8"))
s256.hexdigest()

# sha512
s512 = hashlib.sha256()
s512.update("小猿圈".encode("utf-8"))
s512.hexdigest()