Software symmetric encryption and asymmetric encryption

Source: Internet
Author: User
Tags asymmetric encryption

(i) Symmetric encryption (symmetric cryptography)

Symmetric encryption is the fastest and simplest way to encrypt encryption (encryption) and decryption (decryption) with the same key (secret key). Symmetric encryption has many algorithms, and because of its high efficiency, it is widely used in the core of many cryptographic protocols.

Symmetric encryption typically uses a relatively small key, typically less than the size of a bit. The greater the key, the stronger the encryption, but the slower the encryption and decryption process. If you use only 1 bit to do this key, the hacker can first try to decrypt with the word, no, then use 1 solution, but if your key is 1 MB large, hackers may never crack, but the encryption and decryption process takes a long time. The size of the key is both to take care of the security, but also to take care of the efficiency, is a trade-off.

October 2, 2000, National Institute of Standards and Technology (nist--American Nation Institute of standards and technology ) selected the Rijndael algorithm as the new Advanced Encryption Standard (aes-- - encryption ). . NET contains the Rijndael algorithm, the class is called RijndaelManaged, and here is an example.

Encryption process:

        private string myData = "Hello";        private string mypassword = "Opensesame";        Private byte[] ciphertext;                    Private byte[] Salt = {0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x5, 0x4, 0x3, 0x2, 0x1, 0x0}; private void Mnusymmetricencryption_click (object sender, RoutedEventArgs e) {var key = new Rfc2898deriv            Ebytes (MyPassword, salt);            Encrypt the data.            var algorithm = new RijndaelManaged (); Algorithm. Key = key.            GetBytes (16); ALGORITHM.IV = key.            GetBytes (16); var sourcebytes = new System.Text.UnicodeEncoding ().            GetBytes (MyData);            using (var sourcestream = new MemoryStream (sourcebytes)) using (var destinationstream = new MemoryStream ()) using (var crypto = new CryptoStream (Sourcestream, algorithm.                CreateEncryptor (), CryptoStreamMode.Read) {movebytes (crypto, destinationstream); ciphertext = destinationstream.toArray (); } MessageBox.Show (String.Format ("Data:{0}{1}encrypted and Encoded:{2}", MyData, Environment.NewLine, Convert.To        Base64string (ciphertext));            } private void Movebytes (stream source, stream dest) {byte[] bytes = new byte[2048]; var count = source. Read (bytes, 0, bytes.            Length); while (0! = count) {dest.                Write (bytes, 0, count); Count = source. Read (bytes, 0, bytes.            Length); }        }

Decryption process:

        private void Mnusymmetricdecryption_click (object sender, RoutedEventArgs e) {if (ciphertext = =                NULL) {MessageBox.Show ("Encrypt Data first!");            Return            } var key = new Rfc2898derivebytes (mypassword, salt);            Try to decrypt, thus showing it can be round-tripped.            var algorithm = new RijndaelManaged (); Algorithm. Key = key.            GetBytes (16); ALGORITHM.IV = key.            GetBytes (16);            using (var sourcestream = new MemoryStream (ciphertext)) using (var destinationstream = new MemoryStream ()) using (var crypto = new CryptoStream (Sourcestream, algorithm.                CreateDecryptor (), CryptoStreamMode.Read) {movebytes (crypto, destinationstream);                var decryptedbytes = Destinationstream.toarray (); var decryptedmessage = new UnicodeEncoding ().                GetString (decryptedbytes); MessaGebox.show (Decryptedmessage); }        }

One of the big drawbacks of symmetric encryption is the management and allocation of keys, in other words, the question of how to send a key to someone who needs to decrypt your message. In the process of sending the key, there is a great risk that the key will be intercepted by hackers. The common practice in reality is to encrypt the symmetric encrypted key in an asymmetric manner and then pass it on to the person who needs it.

(ii) Asymmetric encryption (asymmetric cryptography)

Asymmetric encryption provides a very secure way to encrypt and decrypt data, using a pair of keys, public key, and private key. The private key can only be safely kept by one party and cannot be compromised, while the public key may be sent to any person requesting it. Asymmetric encryption uses one of these keys to encrypt, while decryption requires another key. For example, you ask the bank for the public key, the bank sends you the public key, you encrypt the message using the public key, then only the holder of the private key-the bank can decrypt your message. Unlike symmetric encryption, the bank does not need to send the private key over the network, so security is greatly improved.

The most commonly used asymmetric encryption algorithm is the RSA algorithm, which is Rivest, Shamir, and Adleman invented in 1978, and they were all at MIT. NET also has RSA algorithm, see the following example:

Encryption process:

        Private byte[] Rsaciphertext;        private void Mnuasymmetricencryption_click (object sender, RoutedEventArgs e)        {            var RSA = 1;            Encrypt the data.            var cspparms = new CspParameters (RSA);            Cspparms.flags = Cspproviderflags.usemachinekeystore;            Cspparms.keycontainername = "My Keys";            var algorithm = new RSACryptoServiceProvider (cspparms);            var sourcebytes = new UnicodeEncoding (). GetBytes (myData);            Rsaciphertext = algorithm. Encrypt (Sourcebytes, true);            MessageBox.Show (String.Format ("Data: {0}{1}encrypted and encoded: {2}",                MyData, Environment.NewLine,                Convert.tobase64string (Rsaciphertext)));        }

Decryption process:

        private void Mnuasymmetricdecryption_click (object sender, RoutedEventArgs e)        {            if (rsaciphertext==null)            {                MessageBox.Show ("Encrypt first!");                return;            }            var RSA = 1;            Decrypt the data.            var cspparms = new CspParameters (RSA);            Cspparms.flags = Cspproviderflags.usemachinekeystore;            Cspparms.keycontainername = "My Keys";            var algorithm = new RSACryptoServiceProvider (cspparms);            var unencrypted = algorithm. Decrypt (Rsaciphertext, true);            MessageBox.Show (New UnicodeEncoding (). GetString (unencrypted));        }

Although asymmetric encryption is secure, it is very slow compared to symmetric encryption, so we still use symmetric encryption to deliver the message, but the key we use for symmetric encryption can be sent out by asymmetric encryption. To explain this process, take a look at the following example:

(1) Alice needs to make a deal on the bank's website, and her browser first generates a random number as the symmetric key.

(2) Alice's browser requests the public key from the bank's website.

(3) The bank sends the public key to Alice.

(4) Alice's browser uses the bank's public key to encrypt its own symmetric key.

(5) Alice's browser sends the encrypted symmetric key to the bank.

(6) The bank uses the private key to decrypt the symmetric key from Alice's browser.

(7) Alice and the bank can use the symmetric key to encrypt and decrypt the content of the communication.

(iii) Summary

(1) Symmetric encryption and decryption using the same key, so fast, but because the need to transfer the key in the network, so security is not high.

(2) Asymmetric encryption uses a pair of keys, public and private keys, so security is high, but encryption and decryption slow.

(3) The solution is to encrypt the symmetric encryption key using the asymmetric encryption of the public key, and then send it out, the receiver uses the private key to decrypt the symmetric encryption key, and then the two sides can use symmetric encryption to communicate.

Reprint: http://www.cnblogs.com/jfzhu/p/4020928.html

Software symmetric encryption and asymmetric encryption

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.