Sha secure hash algorithm for Android data encryption
preface:
For the Sha secure hash algorithm, I haven't used it much before, but just stayed at the stage of hearing about it. Today, when I looked at the source code of the image caching framework glide, I found that the cached key uses not the MD5 encryption algorithm, but the SHA-256 encryption algorithm, which aroused my curiosity. So I'll learn it while I have nothing to do at night.
Other encryption methods:
• RSA encryption for Android data encryption • AES encryption for Android data encryption • DES encryption for Android data encryption • MD5 encryption for Android data encryption • Base64 encoding algorithm for Android data encryption
Sha encryption algorithm
SHA (secure hash algorithm), an important tool in cryptography applications such as digital signature, is widely used in the field of information security such as e-commerce. Like MD5 encryption algorithm, it is also an irreversible encryption algorithm, but it can also be cracked by exhaustive method. However, the difficulty and cost of Sha decoding are higher than MD5, which is more secure than MD5 It is recognized as one of the most secure hash algorithms and is widely used. It mainly includes SHA-1, sha-224, SHA-256, sha-384 and sha-512. SHA-1, sha-224 and SHA-256 are applicable to messages with a length of no more than 2 ^ 64 binary bits. Sha-384 and sha-512 are applicable to messages with a length of no more than 2 ^ 128 binary bits. The official explanation is as follows:
• it is computationally difficult to deduce the original input message from the message summary. • It is also difficult to find two different sets of messages corresponding to the same message summary in computational theory. There is a high probability that any change to the input message will lead to different message summaries.
Sha encryption principle
SHA-1 is a data encryption algorithm. The idea of the algorithm is to receive a plaintext and convert it into a (usually smaller) ciphertext in an irreversible way. It can also be simply understood as taking a string of input codes (called pre mapping or information) and converting them into an output sequence with short length and fixed bits, that is, hash value (also known as information digest or information authentication code).
The security of one-way hash function lies in its strong one-way operation process of generating hash value. If the password is embedded in the input sequence, no one can produce the correct hash value without knowing the password, so as to ensure its security. Sha blocks the input stream according to 512 bits (64 bytes) per block, and generates 20 bytes of output called information authentication code or information digest.
The length of the input message is unlimited, and the output is a 160 bit message summary. The input is processed in 512 bit packets. SHA-1 is irreversible, anti conflict and has good avalanche effect.
Digital signature can be realized through hash algorithm. The principle of digital signature is to convert the plaintext to be transmitted into message digest (different plaintext corresponds to different message digest) through a function operation (hash). The message digest is encrypted and transmitted to the receiver together with the plaintext, The receiver decrypts and compares the new message summary generated by the accepted plaintext with the message summary sent by the sender. If the comparison result is consistent, it means that the plaintext has not been changed. If it is inconsistent, it means that the plaintext has been tampered.
MAC (information authentication code) is a hash result, in which part of the input information is a password. Only participants who know the password can calculate and verify the legitimacy of the MAC code again.
Sha encryption benefits
Since Sha also evolved from MD4, its advantages are roughly the same as MD5 • compressibility: the length of Sha value calculated for any length of data is fixed. • Easy calculation: it is easy to calculate Sha value from original data. • Modification resistance: the Sha value obtained by any modification of the original data, even if only one byte is modified, will be very different. • Strong anti-collision: given the original data and its Sha value, it is very difficult to find a data with the same Sha value (i.e. forged data).
Sha application scenario
• consistency verification • digital signature • secure access authentication
Simple implementation of Sha encryption
The code demonstration here takes SHA-256 as an example.
Discussion on Sha safety
• SHA-1 is widely used in many security protocols, including TLS and SSL, PGP, SSH, S / MIME and IPSec, and was once regarded as the successor of MD5 (hash function widely used earlier). In 2005, cryptologists proved that the cracking speed of SHA-1 was 2000 times higher than expected. Although cracking is still extremely difficult and expensive, with the computer becoming faster and cheaper, the security of SHA-1 algorithm has been reduced year by year. Cryptologists have seriously questioned it and hope to replace it with SHA-2 with higher security strength.
• sha-224, SHA-256, sha-384, and sha-512 are collectively referred to as SHA-2.
• the new hash functions have not been tested in detail by the public password community like SHA-1, so their password security has not been widely trusted.
• although there is no effective attack on SHA-2, its algorithm is basically similar to SHA-1; Therefore, some people began to develop other alternative hash algorithms.
Deeds of Multinational Corporations: Google's official blog announced that it would gradually reduce the security instructions of SHA-1 Certificate in Chrome browser. Interestingly, google.com currently uses the SHA-1 signed certificate, but the certificate will expire in three months. Google will use the SHA-2 signed certificate from 2015. At present, SHA-1 algorithm has not found serious weaknesses, but the cost of forging certificates is getting lower and lower.
The above is the whole content of this article. I hope it will be helpful to your study, and I hope you can support programming tips.