Summary: Cryptography is a technical science that studies the compilation of passwords (encryption: encode) and deciphering passwords (decryption: decode. The objective law of password change is studied. it is used to compile passwords to keep communication secrets. it is called encoding. it is used to decrypt passwords to obtain communication intelligence. it is called deciphering. it is called cryptography. In general, people will understand the summary: cryptography is the technical science that studies the compilation of passwords (encryption: encode) and deciphering passwords (we call it decryption: decode. The objective law of password change is studied. it is used to compile passwords to keep communication secrets. it is called encoding. it is used to decrypt passwords to obtain communication intelligence. it is called deciphering. it is called cryptography. Generally, people refer to plain text as plain text, and the incomprehensible text converted into plain text as ciphertext. The process of converting plaintext into a ciphertext is called encryption. the inverse process is that the process of converting ciphertext into a plaintext is called decryption.
What data encryption functions does PHP provide?
PHP provides the crypt () function to complete encryption:
This function is called one-way encryption. that is to say, it can encrypt some plain codes, but cannot convert the passwords to the original plain codes. Once a one-way encryption password falls into the hands of a third party, it is useless because it cannot be restored to plain text. When verifying the password entered by the user, the user's input is also a one-way algorithm. if the input matches the stored encrypted password, the entered password must be correct.
The input_string parameter of this function is the string to be encrypted. The second parameter salt is a single-digit string, which can affect the encrypted password and further eliminate the possibility of a pre-computing attack. By default, PHP uses a two-character DES interference string. if your system uses MD5, it uses a 12-character interference string. We can execute the following command to find the length of the interference string to be used by the system:
Print "the length of the interference string used by the system is:". CRYPT_SALT_LENGTH;
Crypt () supports the following algorithms and the length of the corresponding salt parameter:
[Note: The following table is used]
Algorithm Salt length
CRYPT_STD_DES 2-character (default)
CRYPT_EXT_DES 9-character
CRYPT_MD5 12-character beginning with $1 $
CRYPT_BLOWFISH 16-character beginning with $2 $
How to apply the data encryption function of PHP to user authentication?
We use crypt () for user authentication. For example, we use a PHP program to restrict access to a directory, allowing only registered users to access this directory. We store data in a table (named members) in the MySQL database:
Mysql> create table members (
-> Username CHAR (14) not null,
-> Password CHAR (32) not null,
-> Primary key (username)
-> );
Then, we can enter user data to the table:
Username and password
Tom keloD1C377lKE
John ba1T7vnz9AWgk
Bill paLUvRWsRLZ4U
The encrypted passwords correspond to Tom, John, and Bill. We will create an interference string based on the first two letters of the password:
$ EnteredPassword.
$ Salt = substr ($ enteredPassword, 0, 2 );
$ UserPswd = crypt ($ enteredPassword, $ salt );
// $ UserPswd is stored in MySQL together with the user name
Application of password-response verification system for crypt () and Apache
<? Php
$ Host = "localhost"; // host
$ Username = "Tom"; // User name
$ Passwd = "Hello world"; // password
$ Db = "users"; // database name
// Set whether the verification flag is passed. the default value is No.
$ Authorization = 0;
// Prompt the user to enter the account and password
If (isset ($ PHP_AUTH_USER) & isset ($ PHP_AUTH_PW )){
Mysql_pconnect ($ host, $ username, $ passwd) or die ("cannot connect to the MySQL server! ");
Mysql_select_db ($ db) or die ("You cannot select a database! ");
// Encrypt
$ Salt = substr ($ PHP_AUTH_PW, 0, 2 );
$ Encrypted_pswd = crypt ($ PHP_AUTH_PW, $ salt );
// SQL query statement
$ Query = "SELECT username FROM members WHERE username = \ '$ PHP_AUTH_USER \' AND password = \ '$ encrypted_pswd \'";
The crypt () used by default is not the safest, so if you need higher security performance, you need other better algorithms, such as md5 (), this function uses the MD5 hash algorithm.
How does one encrypt data using MD5?
The MD5 encryption function in PHP has md5 (), and its function is mixed encoding.
A mixed-length function can convert a variable-length information into an output with a fixed length of mixed-length, also known as "information digest", which is very useful, because a fixed-length string can be used to check the integrity of the file and verify the digital signature and user identity. PHP's built-in md5 () mixed encoding function converts a variable-length information to a 128-bit (32 characters) Digest. An interesting feature of mixed encoding is that the original plaintext cannot be obtained by analyzing the information after the mixed encoding, because the result after the mixed encoding is not dependent on the original plaintext content. Even if you change only one character in a string, the MD5 mixed encoding algorithm calculates two completely different results. First, let's look at the content in the table below and the corresponding results:
Use md5 () to mix strings
<Php
$ Input = "Hello, PHP world! ";
$ Output = md5 ($ input );
Print "output: $ output ";
?>
Result:
Output: 7996b5e0804042fd531907a4900f0000e
Note that the result length is 32 characters. Let's change the value of $ input slightly:
Use md5 () to mix a slightly changed string
<? Php
$ Input = "Hello, PHP World! ";
$ Output = md5 ($ input );
Print "output: $ output ";
?>
Result:
Hash2: f0456d48ed06a5c35b1eda-61fa7a016
It can be found that although the length of the two results is 32 characters, a slight change in the text makes a great change in the results, we can use this feature to check small changes in data.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.