Symmetric encryption algorithm

Last Update:2016-01-01 Source: Internet

Author: User

Tags base64 openssl enc

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Symmetric encryption algorithm

Tip: Encrypted content belongs to the topic of advanced programmers! Some content will be very dull! Attention to grasp the idea of encryption and operation steps can be! Code does not require to write, as long as it will be used on the line!

Also known as the traditional encryption algorithm
Encryption and decryption using the same key

Example of symmetric encryption algorithm

Key: X
Cryptographic algorithms: +X per character
PlainText:Hello
Encryption result when key is 1:ifmmp
Encryption result when key is 2:jgnnq

Advantages and Disadvantages

Advantages

The algorithm exposes, the computation is small, the encryption speed is fast, the encryption efficiency is high

Disadvantages

The two sides use the same key, the security is not guaranteed

Precautions

Confidentiality of keys is very important
Key requirements are periodically replaced

Classic Algorithms

algorithm	description
des	Data Encryption Standard (less, because of insufficient strength)
3des	using 3 keys, performing three encryption on the same data, strength enhancement
aes	Advanced Encryption Standard, currently used by the U.S. National Security Service Apple Keychain Access is AES encryption

ECB & CBC

ECB: Electronic code, which means that each block is individually encrypted.
CBC: Cipher block chain, using a key and an initialization vector (IV) to perform a cryptographic conversion on the data

OpenSSL Terminal Test Commands

ECB

# encryption

$ OpenSSL enc-des-ecb-k 616263 -nosalt-in msg1.txt-out msg1.bin

# decryption

$ OpenSSL enc-des-ecb-k 616263 -nosalt-in msg1.bin-out msg1.txt-d

# View binary files after encryption

$ xxd Msg1.bin

Cbc

# encryption

$ OpenSSL enc-des-cbc-k 616263 -iv 0000000000000000 -nosalt-in a.txt-out msg1.bin

# decryption

$ OpenSSL enc-des-cbc-k 616263 -iv 0000000000000000 -nosalt-in msg1.bin-out msg4.txt-d

# View binary files after encryption

$ xxd Msg1.bin

CBC encryption can effectively guarantee the integrity of the ciphertext, that is, if a block is lost during transmission (or changed by the enemy), it will cause all subsequent blocks to be unable to decrypt the feature can be used to prevent some eavesdropping skills

Code Walkthrough

NSString *key = @ "abc";

ECB Encryption & Decryption

NSString *str1 = [Cryptortools aesencryptstring:@ "Hello" Keystring:key IV:nil];

NSLog(@ "AES ECB crypto%@", str1);

NSLog(@ "AES ECB decryption%@", [Cryptortools aesdecryptstring:str1 Keystring:key IV:nil]);

CBC Encryption & Decryption

uint8_t iv[8] = {1, 2, 3, 4, 5, 6, 7, C25>8};

NSData *ivdata = [nsdata datawithbytes:iv Length:sizeof(iv)];

NSString *str2 = [Cryptortools aesencryptstring:@ "Hello" keystring:key iv:ivdata];

NSLog(@ "AES CBC encryption%@", str2);

NSLog(@ "AES CBC decryption%@", [Cryptortools aesdecryptstring:str2 Keystring:key iv:ivdata]);

NSString *key = @ "abc";

ECB Encryption & Decryption

NSString *str1 = [Cryptortools desencryptstring:@ "Hello" Keystring:key IV:nil];

NSLog(@ "DES ECB crypto%@", str1);

NSLog(@ "DES ECB decryption%@", [Cryptortools desdecryptstring:str1 Keystring:key IV:nil]);

CBC Encryption & Decryption

uint8_t iv[8] = {1, 2, 3, 4, 5, 6, 7, 8 };

NSData *ivdata = [nsdata datawithbytes:iv Length:sizeof(iv)];

NSString *str2 = [Cryptortools desencryptstring:@ "Hello" keystring:key iv:ivdata];

NSLog(@ "DES CBC encryption%@", str2);

NSLog(@ "DES CBC decryption%@", [Cryptortools desdecryptstring:str2 Keystring:key iv:ivdata]);

OpenSSL Terminal Test Commands

ECB Encryption/Decryption

# AES (ECB) encryption

$ echo- n "Hello" | OpenSSL enc-aes--ecb-k 616263 -nosalt | base64

# AES (ECB) decryption

$ echo- n "d1qg4t2tivoi0kiu3nemzq==" | base64-d | OpenSSL enc-aes--ecb-k 616263 -nosalt-d

# DES (ECB) encryption

$ echo- n "Hello" | OpenSSL enc-des-ecb-k 616263 -nosalt | base64

# DES (ECB) decryption

$ echo- n "hqr0oij2kbo=" | base64-d | OpenSSL enc-des-ecb-k 616263 -nosalt-d

CBC Encryption/Decryption

# AES (CBC) encryption

$ echo- n "Hello" | OpenSSL enc-aes--cbc-iv 0102030405060708- k 616263 -nosa lt | Base64

AES (CBC) decryption

$ echo- n "u3w/n816uzfpcg6pz+kbdg==" | base64-d | OpenSSL enc-aes--cbc-iv 0102030 405060708- k 616263 -nosalt-d

# DES (CBC) encryption

$ echo- n "Hello" | OpenSSL enc-des-cbc-k 616263 -nosalt-iv 0102030405060708 | base64

# DES (CBC) decryption

$ echo- n "alvrvb3gz88=" | base64-d | OpenSSL enc-des-cbc-k 616263 -nosalt-iv 01020 30405060708- D

Terminal command Description

The encryption process is encrypted first, then Base64 encoded
The decryption process is the first Base64 decoding, and then decryption
| is a terminal pipe command that passes the result of the previous command to the latter command
the key used by-K needs to be the ASCII code of the key

Symmetric encryption algorithm

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More