Hashing and encryption (i)

Disclaimer: This article derives from the basic principles, differences and the learning and finishing of the application of hashing (hash) and encryption (Encrypt).

1. The difference between hashing and encryption

(1) Hash: Converts the target text to a hash string (or message digest) that has the same length and is not reversible ;

(2) Encryption: The target text is converted to a different length, reversible ciphertext.

In fact, using the same hash algorithm, no matter how long the target text is, the result length is fixed; the encryption algorithm is often proportional to the length of the target text.

2. Mathematical basis for hashing and encryption

(1) Hashing algorithm: R=h (s) is a multiple-to-one mapping , and multiple different S can be obtained by hashing algorithm H with the same R. So there is no inverse mapping, so that an R can get the unique s.

A well-designed hash algorithm is difficult to find the target text collision from the hash result, and the good hashing algorithm is very sensitive to the change of the target text.

What is a collision? For the hash algorithm H, if the S1 is not equal to S2, but H (S1) equals H (S2), then S1 and S2 collide with each other.

(2) The encryption algorithm: R=e (S,ke) is a one-way map , a S combined with the encryption key Ke, only to get the unique cipher R. Conversely, an R-combined decryption key KD can only get the unique S.

A well-designed cryptographic algorithm should be a "one-way trap function", the characteristic of a one-way trap function: even knowing that the function itself is difficult to derive its corresponding independent variable from the value of the function. But once the trap is known, the arguments are easily calculated.

Simply put, a good encryption algorithm should be difficult to obtain clear text from the ciphertext, but if the key is known, it is easy to obtain plaintext by ciphertext.

In the cryptographic algorithm anti-attack this block, it is often assumed that the attacker knows the encryption algorithm and ciphertext, so we should protect the plaintext and the key.

3. Application of hashing and encryption in software

(1) Hashing and encryption the most common application in software development is data protection.

To achieve data protection, choose the basic principle of hashing or encryption:

If the protected data is used only for comparative verification , it is not necessary to revert to plaintext and use the hash;

If the protected data needs to be restored to plaintext , use encryption;

If you forget the password, the Web site lets you enter a new password, you should use a hash;

If you forget the password, the site sent you the original password, it should be encrypted;

(2) Data protection with a simple one-time hash:

For example, mapping a hash algorithm to a password that is registered in, the resulting hash string In the database, the hash algorithm for each login password is mapped, and the resulting hash string is compared with the registered password hash string in the database, and the login succeeds.

The most common hashing algorithms are MD5 and SHA1.

Hashing and encryption (i)