What is MD5? What is MD5 usually used for? Why is MD5 irreversible? It may still be decrypted when used as password encryption?
This is the back-end small class of the monastery. Each article is shared from
[background introduction] [knowledge analysis] [common problems] [solutions] [coding practice] [extended thinking] [more discussion] [References]
Eight aspects of in-depth analysis of back-end knowledge / skills. This article shares:
[what is MD5? What is MD5 usually used for? Why is MD5 irreversible? It may still be decrypted when used as password encryption?]
title:
[Java class of Xiuzhen academy] Introduction to common encryption methods such as MD5
Opening remarks:
Hello, I'm Xu Dongjie, a student of Shanghai Branch of it Xiuzhen Academy. I'm an honest, pure and kind java programmer. Today, I'd like to share with you the knowledge points in deep thinking about Java (profession) task 5 on the official website of Xiuzhen Academy - what is MD5, what is MD5 usually used for, why is MD5 irreversible, and it may still be decrypted when used as password encryption?
(1) Background:
Security has become a more and more important problem. How to encrypt and decrypt important data in the process of data transmission is the main content of this class.
(2) Knowledge analysis:
Types and characteristics of common algorithms in encryption:
1. Hash function: it is used to verify data integrity (not encryption and decryption). It can be used for some verification because the conversion is irreversible. Common hash algorithms: MD5 (message digest, digest length is 128bit by default), Sha and MAC (HMAC). Their overall security is gradually increasing
2. Symmetric encryption algorithm: encryption and decryption through the same key, reversible, used for encryption and decryption. Common symmetric encryption algorithms: DES algorithm, AED algorithm
3. Asymmetric encryption algorithm: the key is divided into public key (public) and private key (saved by yourself). Common asymmetric encryption algorithms: DH, RSA
There are two kinds of data conversion during encryption:
The incoming string -- > byte array -- > encrypted byte array -- > is converted to Base64 binary characters for transmission
For example, a 128 bit digest length string is converted to Base64 binary string: 128 / 8 * (4 / 3) = 22 characters
The incoming string -- > byte array -- > encrypted byte array -- > is converted to hexadecimal string for HTTP transmission
For example, a 128 bit summary length string is converted to a hexadecimal string: (128 / 8) * 2 = 32 characters
(3) Frequently asked questions:
How to use MD5 and how to improve its security
(4) Solution:
Although MD5 is irreversible, it can be cracked through rainbow code, etc
Therefore, in order to solve the problem of low security of MD5, we use salt and hmacmd5 (encryption key)
(5) Coding practice:
MD5 encryption test
public class Md5Util {
/**
*Generate a fixed 32-bit MD5 code according to the input string
*
* @param str
*Input string
*@ return MD5 yards
*/
public final static String getMd5(String str) {
MessageDigest mdInst = null; // Encrypted real column
try {
mdInst = MessageDigest. getInstance("MD5"); // Determination method
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
mdInst. update(str.getBytes());// Updates the summary with the specified bytes
byte[] md = mdInst. digest();// Get ciphertext
return StrConvertUtil. byteArrToHexStr(md);
}
}
MD5 plus random salt test
public static String generate(String password) {
Random r = new Random();
StringBuilder sb = new StringBuilder(16);
sb. append(r.nextInt(99999999)). append(r.nextInt(99999999));
int len = sb. length();
if (len < 16) {
for (int i = 0; i < 16 - len; i++) {
sb. append("0");
}
}
String salt = sb. toString();// Get random number
password = md5Hex(password + salt);// Message summary
char[] cs = new char[48];
for (int i = 0; i < 48; i += 3) {
cs[i] = password. charAt(i / 3 * 2);
char c = salt. charAt(i / 3);
cs[i + 1] = c;
cs[i + 2] = password. charAt(i / 3 * 2 + 1);// Take out the array composed of the first 48 characters of password
}
return new String(cs);// Array to string is the string value after salt MD5 message digest
}
//Random salt has two kinds of salt storage: one is to take out the database and put it directly into the encrypted string through the algorithm
Hmacmd5 test
public static String jdkHmacMD5(String src,String akey) {
try {
KeyGenerator keygenrator = KeyGenerator. getInstance("HmacMD5");
SecretKey secretkey=keygenrator. generateKey();// Generate key
//byte[] key=secretkey. getEncoded();// Get key
byte[] key=akey. getBytes();
SecretKey restore=new SecretKeySpec(key,"HmacMD5"); // Restore key
Mac mac=Mac. getInstance(restore.getAlgorithm());// Instantiate mac
mac. init(restore);// initialization
byte[] hmacmd5byte=mac. doFinal(src.getBytes());// executive summary
//System. out. println(new String(Hex.encodeHex(hmacmd5byte)));
return (new String(Hex.encodeHex(hmacmd5byte)));
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
(6) Expand thinking:
Symmetric encryption algorithm
DES algorithm test
Public static string jdkhmacmd5 (string SRC, string akey) {/ / add a custom key
try {
KeyGenerator keygenrator = KeyGenerator. getInstance("HmacMD5");
SecretKey secretkey=keygenrator. generateKey();// Generate key
//byte[] key=secretkey. getEncoded();// Get key
byte[] key=akey. getBytes();
SecretKey restore=new SecretKeySpec(key,"HmacMD5"); // Restore key
Mac mac=Mac. getInstance(restore.getAlgorithm());// Instantiate mac
mac. init(restore);// initialization
byte[] hmacmd5byte=mac. doFinal(src.getBytes());// executive summary
//System. out. println(new String(Hex.encodeHex(hmacmd5byte)));
return (new String(Hex.encodeHex(hmacmd5byte)));
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
AES algorithm encryption test
public static String encrypt(String content,String password) {
try {
Cipher cipher = Cipher. getInstance(DEFAULT_CIPHER_ALGORITHM);// Create cipher
byte[] byteContent = content. getBytes("utf-8");
cipher. init(Cipher.ENCRYPT_MODE,getSecretKey(password));// Cipher initialized to encryption mode
byte[] result = cipher. doFinal(byteContent);// encryption
return StrConvertUtil. byteArrToHexStr(result);// Returns a hexadecimal string by transcoding
} catch (Exception ex) {
Logger. getLogger(AESUtil.class.getName()). log(Level.SEVERE,null,ex);
}
return null;
}
(7) References:
Baidu, Google
(8) More discussion:
Q1: questioner: why use Base64 algorithm? A1: use 64 printable characters instead of all binary characters to transfer HTTP network data (because only those 64 printable characters can transfer HTTP data)
Q2: what are the application scenarios for encryption A2: the message digest is used to verify the integrity of the message, or some verification (login verification) can be performed to transfer the data. The data can be encrypted and transmitted by sharing the key and algorithm with the other party.
Q3: questioner: what is asymmetric encryption? A3: the key is divided into public key (public) and private key (saved by yourself). Common asymmetric encryption algorithms: DH, RSA
(9) Thanks:
Thanks to elder martial brother Zhu Mingxing. This tutorial is based on their previous technology sharing.
(10) Conclusion:
That's all for today's sharing. You are welcome to like, forward, leave messages and make bricks~
Ppt link video link