Symmetric encryption algorithm
Tip: Encrypted content belongs to the topic of advanced programmers! Some content will be very dull! Attention to grasp the idea of encryption and operation steps can be! Code does not require to write, as long as it will be used on the line!
- Also known as the traditional encryption algorithm
- Encryption and decryption using the same key
Example of symmetric encryption algorithm
- Key: X
- Cryptographic algorithms: +X per character
- PlainText:Hello
- Encryption result when key is 1:ifmmp
- Encryption result when key is 2:jgnnq
Advantages and Disadvantages
- Advantages
- The algorithm exposes, the computation is small, the encryption speed is fast, the encryption efficiency is high
- Disadvantages
- The two sides use the same key, the security is not guaranteed
Precautions
- Confidentiality of keys is very important
- Key requirements are periodically replaced
Classic Algorithms
algorithm |
description |
des |
Data Encryption Standard (less, because of insufficient strength) |
3des |
using 3 keys, performing three encryption on the same data, strength enhancement |
aes |
Advanced Encryption Standard, currently used by the U.S. National Security Service Apple Keychain Access is AES encryption |
ECB & CBC
- ECB: Electronic code, which means that each block is individually encrypted.
- CBC: Cipher block chain, using a key and an initialization vector (IV) to perform a cryptographic conversion on the data
OpenSSL Terminal Test Commands
ECB
# encryption
$ OpenSSL enc-des-ecb-k 616263 -nosalt-in msg1.txt-out msg1.bin
# decryption
$ OpenSSL enc-des-ecb-k 616263 -nosalt-in msg1.bin-out msg1.txt-d
# View binary files after encryption
$ xxd Msg1.bin
Cbc
# encryption
$ OpenSSL enc-des-cbc-k 616263 -iv 0000000000000000 -nosalt-in a.txt-out msg1.bin
# decryption
$ OpenSSL enc-des-cbc-k 616263 -iv 0000000000000000 -nosalt-in msg1.bin-out msg4.txt-d
# View binary files after encryption
$ xxd Msg1.bin
CBC encryption can effectively guarantee the integrity of the ciphertext, that is, if a block is lost during transmission (or changed by the enemy), it will cause all subsequent blocks to be unable to decrypt the feature can be used to prevent some eavesdropping skills
Code Walkthrough
NSString *key = @ "abc";
ECB Encryption & Decryption
NSString *str1 = [Cryptortools aesencryptstring:@ "Hello" Keystring:key IV:nil];
NSLog(@ "AES ECB crypto%@", str1);
NSLog(@ "AES ECB decryption%@", [Cryptortools aesdecryptstring:str1 Keystring:key IV:nil]);
CBC Encryption & Decryption
uint8_t iv[8] = {1, 2, 3, 4, 5, 6, 7, C25>8};
NSData *ivdata = [nsdata datawithbytes:iv Length:sizeof(iv)];
NSString *str2 = [Cryptortools aesencryptstring:@ "Hello" keystring:key iv:ivdata];
NSLog(@ "AES CBC encryption%@", str2);
NSLog(@ "AES CBC decryption%@", [Cryptortools aesdecryptstring:str2 Keystring:key iv:ivdata]);
NSString *key = @ "abc";
ECB Encryption & Decryption
NSString *str1 = [Cryptortools desencryptstring:@ "Hello" Keystring:key IV:nil];
NSLog(@ "DES ECB crypto%@", str1);
NSLog(@ "DES ECB decryption%@", [Cryptortools desdecryptstring:str1 Keystring:key IV:nil]);
CBC Encryption & Decryption
uint8_t iv[8] = {1, 2, 3, 4, 5, 6, 7, 8 };
NSData *ivdata = [nsdata datawithbytes:iv Length:sizeof(iv)];
NSString *str2 = [Cryptortools desencryptstring:@ "Hello" keystring:key iv:ivdata];
NSLog(@ "DES CBC encryption%@", str2);
NSLog(@ "DES CBC decryption%@", [Cryptortools desdecryptstring:str2 Keystring:key iv:ivdata]);
OpenSSL Terminal Test Commands
ECB Encryption/Decryption
# AES (ECB) encryption
$ echo- n "Hello" | OpenSSL enc-aes--ecb-k 616263 -nosalt | base64
# AES (ECB) decryption
$ echo- n "d1qg4t2tivoi0kiu3nemzq==" | base64-d | OpenSSL enc-aes--ecb-k 616263 -nosalt-d
# DES (ECB) encryption
$ echo- n "Hello" | OpenSSL enc-des-ecb-k 616263 -nosalt | base64
# DES (ECB) decryption
$ echo- n "hqr0oij2kbo=" | base64-d | OpenSSL enc-des-ecb-k 616263 -nosalt-d
CBC Encryption/Decryption
# AES (CBC) encryption
$ echo- n "Hello" | OpenSSL enc-aes--cbc-iv 0102030405060708- k 616263 -nosa lt | Base64
AES (CBC) decryption
$ echo- n "u3w/n816uzfpcg6pz+kbdg==" | base64-d | OpenSSL enc-aes--cbc-iv 0102030 405060708- k 616263 -nosalt-d
# DES (CBC) encryption
$ echo- n "Hello" | OpenSSL enc-des-cbc-k 616263 -nosalt-iv 0102030405060708 | base64
# DES (CBC) decryption
$ echo- n "alvrvb3gz88=" | base64-d | OpenSSL enc-des-cbc-k 616263 -nosalt-iv 01020 30405060708- D
Terminal command Description
- The encryption process is encrypted first, then Base64 encoded
- The decryption process is the first Base64 decoding, and then decryption
- | is a terminal pipe command that passes the result of the previous command to the latter command
- the key used by-K needs to be the ASCII code of the key
Symmetric encryption algorithm