Cryptographic algorithms and Hashlib modules

Encryption Algorithm Introduction Hash

• Hash, the general translation to do "hash", there is a direct transliteration of "hash" , is the arbitrary length of the input (also known as pre-mapping, pre-image), through the hash algorithm, transformed into a fixed-length output, the output is the hash value. This conversion is a compression map, that is, the space of the hash value is usually much smaller than the input space, the different inputs may be hashed to the same output, but not from the hash value to uniquely determine the input value.
• Simply, a function that compresses messages of any length to a message digest of a fixed length.
• Hash is mainly used in the field of information security encryption algorithm, he has a number of different lengths of information into a cluttered 128-bit encoding, called the hash value. It can also be said that the hash is to find a data content and data storage address mapping between

MD5 What is the MD5 algorithm?

• MD5 Message digest Algorithm (English: MD5 message-digest algorithm), a widely used cryptographic hash function, can produce a 128-bit hash value (hash value), Used to ensure complete consistency of information transmission. MD5 's predecessor was MD2, MD3 and MD4.

MD5 function

• Input any length of information, processed, output is 128 bits of information (digital fingerprint);
• Different inputs get different results (uniqueness);

Features of the MD5 algorithm

• Compressibility: Any length of data, the length of the calculated MD5 value is fixed
• Easy to calculate: It is easy to calculate the MD5 value from the original data
• Anti-modification: Make any changes to the original data, change the MD5 value generated by one byte will be very different.
• Strong anti-collision: Known raw data and MD5, it is very difficult to find a data with the same MD5 value (that is, falsification of data).

is the MD5 algorithm reversible?

• The reason why MD5 is not reversible is that it is a hash function, which uses the hash algorithm, and the part of the original information is lost during the calculation.

MD5 use

• Prevent tampering:

  • For example, send an electronic document, before sending, I get MD5 output result a. After receiving the electronic document, the other party also gets a MD5 output B. If A and B are the same, the middle is not tampered with.
  • For example, I provide file download, in order to prevent the illegal elements in the installation program to add Trojan, I can publish on the website by the installation files obtained by the MD5 output results.
  • SVN detects whether the file has been modified after checkout, and also uses MD5.

• Prevent direct text from being seen:

  • Many websites now store user passwords in the database as MD5 values for the user's password. This way even if the criminals get the MD5 value of the user password of the database, they cannot know the user's password. (for example, a user's password in a UNIX system is encrypted with MD5 (or other similar algorithms) and stored in the file system. When the user logs in, the system calculates the password entered by the user as a MD5 value, and then compares the MD5 value stored in the file system to determine if the password entered is correct. Through such steps, the system can determine the legality of the user login system without knowing the user's password. This will not only prevent users ' passwords from being known to users with system administrator privileges, but also increase the difficulty of password cracking to a certain extent. ）

• Prevent repudiation (digital signature):

  • This requires a third-party certification body. For example a wrote a file, the certification authority for this file using the MD5 algorithm to generate summary information and make a good record. If later a says that the document was not written by him, the authority simply re-generates the summary information for the document, and then compared it with the summary information in the record, the same, it proves that A is written. This is called a "digital signature".

SHA-1

• Secure Hash algorithm is primarily applicable to digital signature algorithms (digitally Signature standard DSS) defined in digital Signature Algorithm DSA). For messages that are less than 2^64 bits in length, SHA1 produces a 160-bit message digest. When a message is received, this message digest can be used to verify the integrity of the data.
• Sha is a series of cryptographic hashing functions, designed by the National Security Agency, issued by the National Institute of Standards and Technology of the United States.
• As MD5 and SHA-1 in 2005 by the Shandong University Professor Xiao cracked, the scientists launched the SHA224, SHA256, SHA384, SHA512, of course, the longer the number of bits, the more difficult to crack, but also generate encrypted message digest takes longer. The most popular is the encryption algorithm is SHA-256.

Comparison of MD5 and SHA-1

• Since both MD5 and SHA-1 are developed from MD4, their structure and strength have many similarities, and the biggest difference between SHA-1 and MD5 is that the digest is 32 bits longer than the MD5 digest. For a brute force attack, any message that produces a digest equals the difficulty of a given digest: MD5 is a 2128 order of magnitude operation, and SHA-1 is a 2160 order of magnitude. The difficulty of generating two messages with the same digest: MD5 is 264 is an order of magnitude, and SHA-1 is 280 orders of magnitude operation. As a result, SHA-1 has a greater intensity of brute force attacks. However, because the SHA-1 cycle step is more than MD5 80:64 and the cache to be processed is 160 bits larger: 128 bits, SHA-1 runs slower than MD5.

Hashlib Module

• Hashlib is used to replace the MD5 and SHA modules after python3.x , and to make their APIs consistent.
• It is supported by OpenSSL and supports the following algorithms: MD5,SHA1, sha224, sha256, sha384, sha512

import hashlibm = hashlib.md5()m.update(b"Hello")m.update(b"It‘s me")print(m.digest())m.update(b"It‘s been a long time since last time we ...")print(m.digest()) #2进制格式hashprint(len(m.hexdigest())) #16进制格式hashimport hashlib# ######## md5 ########hash = hashlib.md5()hash.update(‘admin‘)print(hash.hexdigest())# ######## sha1 ########hash = hashlib.sha1()hash.update(‘admin‘)print(hash.hexdigest())# ######## sha256 ########hash = hashlib.sha256()hash.update(‘admin‘)print(hash.hexdigest())# ######## sha384 ########hash = hashlib.sha384()hash.update(‘admin‘)print(hash.hexdigest())# ######## sha512 ########hash = hashlib.sha512()hash.update(‘admin‘)print(hash.hexdigest())

Cryptographic algorithms and Hashlib modules