Security Article 2: application scenarios of symmetric encryption

MD5 or HASH value is an irreversible algorithm. If you need to restore the ciphertext to plain text, symmetric and asymmetric reversible algorithms are required.

First, we will briefly introduce these two types of algorithms. Figure 9-1 is a symmetric algorithm:

Figure 9-1 symmetric algorithm

In symmetric algorithms, the sender and receiver need to Protocol a key K. K can be a key pair, but it must be calculated between the encryption key and the decryption key. In the simplest and most commonly used symmetric algorithms, encryption and decryption share a key. For the sake of simplicity, we use a key. To prevent being obtained by a third party, the key K can be transmitted by the sender to the receiver through a private channel. Of course, this secret channel can be in any form. If you think you can, you can even send an email to the recipient to tell him the key.

In symmetric encryption, plaintext is encrypted to ciphertext and transmitted in public channels. At this time, even if a third party intercepts data, it cannot decrypt the ciphertext because it does not have a master key.

This section briefly introduces symmetric encryption. Now let's look at asymmetric encryption. Figure 9-2 is an asymmetric encryption:

Figure 9-2 asymmetric algorithms

In asymmetric algorithms, you must first have a key pair, which contains two parts: the Public Key (PK) and the private key (SK). The public key is usually used for encryption, the private key is used for decryption. In symmetric algorithms, two keys are available (encryption and decryption keys ). However, encryption and decryption keys in symmetric algorithms can be converted to each other. In asymmetric algorithms, private keys cannot be obtained from public keys. Therefore, we can make public the public key anywhere.

For example, the sender uses the Public Key PK published by the receiver for encryption. After receiving the ciphertext, the receiver decrypts it with the private key SK corresponding to the public key. Likewise, ciphertext can be intercepted. However, since the attacker only has a public key and no private key, he cannot decrypt the ciphertext.

Symmetric algorithms and asymmetric algorithms have their own advantages and disadvantages. The outstanding advantage of asymmetric encryption is that the key used for decryption (that is, the Private Key) never needs to be transmitted to the other party. However, its disadvantage is also very prominent: asymmetric encryption algorithms are complex, leading to slow encryption and decryption speeds, so it is only suitable for small amounts of data. The encryption and decryption efficiency of symmetric encryption is high, and the system overhead is small. Therefore, it is suitable for encryption and decryption of large data volumes. Because files are generally relatively large, this feature determines that the encryption method suitable for it is symmetric encryption. The following is an implementation of symmetric encryption for files:

View sourceprint? Static void Main ()

{

EncryptFile (@ "c: emp.txt", @ "c: empcm.txt", "123 ");

Console. WriteLine ("encryption successful! ");

DecryptFile (@ "c: empcm.txt", @ "c: empm.txt", "123 ");

Console. WriteLine ("decryption successful! ");

}

// Buffer size

Static int bufferSize = 128*1024;

// Key salt

Static byte [] salt = {134,216, 7, 36, 88,164, 91,227,174, 76,191,197,192,154,200,248 };

// Initialization Vector

Static byte [] iv = {134,216, 7, 36, 88,164, 91,227,174, 76,191,197,192,154,200,248 };

// Initialize and return the symmetric encryption algorithm

Static response ricalgorithm CreateRijndael (string password, byte [] salt)

{

PasswordDeriveBytes pdb = new PasswordDeriveBytes (password, salt, "SHA256", 1000 );

Repeated ricalgorithm sma = Rijndael. Create ();

Sma. Key size = 256;

Sma. Key = pdb. GetBytes (32 );

Sma. Padding = PaddingMode. PKCS7;

Return sma;

}

Static void EncryptFile (string inFile, string outFile, string password)

{

Using (FileStream inFileStream = File. OpenRead (inFile), outFileStream = File. Open (outFile, FileMode. OpenOrCreate ))

Using (Fig = CreateRijndael (password, salt ))

{

Algorithm. IV = iv;

Using (CryptoStream cryptoStream = new CryptoStream (outFileStream, algorithm. CreateEncryptor (), CryptoStreamMode. Write ))

{

Byte [] bytes = new byte [bufferSize];

Int readSize =-1;

While (readSize = inFileStream. Read (bytes, 0, bytes. Length ))! = 0)

{

CryptoStream. Write (bytes, 0, readSize );

}

CryptoStream. Flush ();

}

}

}

Static void DecryptFile (string inFile, string outFile, string password)

{

Using (FileStream inFileStream = File. OpenRead (inFile), outFileStream = File. OpenWrite (outFile ))

Using (Fig = CreateRijndael (password, salt ))

{

Algorithm. IV = iv;

Using (CryptoStream cryptoStream = new CryptoStream (inFileStream, algorithm. CreateDecryptor (), CryptoStreamMode. Read ))

{

Byte [] bytes = new byte [bufferSize];

Int readSize =-1;

Int numReads = (int) (inFileStream. Length/bufferSize );

Int slack = (int) (inFileStream. Length % bufferSize );

For (int I = 0; I <numReads; ++ I)

{

ReadSize = cryptoStream. Read (bytes, 0, bytes. Length );

OutFileStream. Write (bytes, 0, readSize );

}

If (slack> 0)

{

ReadSize = cryptoStream. Read (bytes, 0, (int) slack );

OutFileStream. Write (bytes, 0, readSize );

}

OutFileStream. Flush ();