A brief explanation of the related use of MD5 encryption in IOS application development _ios

One, simple explanation

1. Notes

In the development of applications, the security of the data is critical, and only the POST request to submit the user's privacy data, or can not completely solve the security problem.

Such as: You can use software (such as Charles) to set up proxy server to intercept the phone to check the request data

"Blue and white porcelain" software

Therefore: When submitting the user's privacy data, must not be expressly submitted, to encrypt the processing before submitting

2. Common encryption algorithms

MD5 \ SHA \ DES \ 3DES \ RC2 and RC4 \ RSA \ idea \ DSA \ AES

3. The choice of encryption algorithm

General companies will have their own encryption scheme, according to the company's interface documents to encrypt

Second, MD5

1. Simple description

MD5: The full name is message Digest algorithm 5, translated as "Digest algorithm 5th Edition"

Effects: Generates a unique 128-bit hash value for input information (32 characters)

Characteristics of 2.MD5

(1) input two different plaintext will not get the same output value

(2) According to the output value, can not get the original plaintext, that is, the process is not reversible

The application of 3.MD5

Because the MD5 encryption algorithm has good security, and free, so the encryption algorithm is widely used

Mainly used in digital signature, file integrity verification and password encryption, etc.

4.MD5 cracked

MD5 Decryption Website: http://www.cmd5.com

5.MD5 Improvement

Now the MD5 is no longer absolute security, for this, can be slightly improved to MD5, to increase the difficulty of decryption

Salt: Inserts a random string in a fixed position in clear text and then MD5

First encrypt, then disorderly: first to clear text for MD5, and then to encrypt the MD5 string of characters to disorderly order

In short, the purpose is: Hackers even breached the database, can not decrypt the correct plaintext

code example:

Copy Code code as follows:

#import "HMViewController.h"
#import "NSSTRING+HASH.H"

#define Salt @ "fsdhjkfhjksdhjkfjhkd546783765"

@interface Hmviewcontroller ()

@end

@implementation Hmviewcontroller

-(void) viewdidload
{
[Super Viewdidload];

[Self digest:@ "123"]; //
[Self digest:@ "abc"];
[Self digest:@ "456"];
}

/**
* Directly with MD5 encryption
*/
-(NSString *) Digest: (NSString *) str
{
NSString *anwen = [str md5string];
NSLog (@ "%@-%@", str, Anwen);
return Anwen;
}

/**
* Add salt
*/
-(NSString *) Digest2: (NSString *) str
{
str = [STR stringbyappendingstring:salt];

NSString *anwen = [str md5string];
NSLog (@ "%@-%@", str, Anwen);
return Anwen;
}

/**
 *  multiple MD5
 */
-(NSString *) Digest3: (NSString *) str
{
    NSString *anwen = [str md5string];
   
    Anwen = [Anwen md5string];
   
     NSLog (@ "%@-%@", str, Anwen);
    return Anwen;
}

/**
* First encryption, after the chaos sequence
*/
-(NSString *) Digest4: (NSString *) str
{
NSString *anwen = [str md5string];

Registration: 123----2cb962ac59075b964b07152d234b7020

Login: 123---202cb962ac59075b964b07152d234b70

NSString *header = [Anwen substringtoindex:2];
NSString *footer = [Anwen substringfromindex:2];
Anwen = [Footer Stringbyappendingstring:header];

NSLog (@ "%@-%@", str, Anwen);
return Anwen;
}
@end

(1) Direct use of MD5 encryption (to MD5 decryption site can be cracked)

(2) Use of salt (after decryption through the MD5, it is easy to find the law)

(3) Multiple MD5 encryption (after using MD5 decryption, found or ciphertext, then MD5 decryption)

(4) First encryption, after the chaos sequence (crack difficulty increase)

III. registration and validation of the data processing process

1. Security process for submitting privacy data – Registration

2. Security process for submitting privacy data – Login