JAVA generated MD5 Summary and SHA1 summary and MD5 's Rainbow table hack

MD5 and SHA1 These two digest algorithms, the use is very common, almost every project we will use these two algorithms to deceive themselves and deceive users, see Ah, we save the user password is encrypted. Yes, the deposit is not clear text, is a cipher. But is MD5 really safe?

On dry Goods

Java generates the code for the MD5 digest:

MessageDigest md5 =MessageDigest.getInstance("MD5");
        String messageStr="123456";
        md5.update(messageStr.getBytes());
        byte[] summery= md5.digest();
        StringBuffer md5StrBuff = new StringBuffer();
        for (int i = 0; i < summery.length; i++) {  
                if (Integer.toHexString(0xFF & summery[i]).length() == 1){  
                    md5StrBuff.append("0").append(  
                            Integer.toHexString(0xFF & summery[i]));  
                }else{  
                    md5StrBuff.append(Integer.toHexString(0xFF & summery[i]));  
                }  
            } 
        
        System.out.println(md5StrBuff.toString());

Output Result:

e10adc3949ba59abbe56e057f20f883e

But is MD5 really safe?

Here we can grow old talk about, MD5 is a one-way function, can not reverse the solution, MD5 is anti-collision. There are no two different texts to generate the same abstract, but you can use a rainbow table to look up, through the poor name and generate the corresponding digest in the form of key-value pairs into the database we got a rainbow table, and then we just need to take the cipher to the database.

Results 650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M01/84/74/wKiom1eQxMmTscofAABDUGWUnls878.png-wh_500x0-wm _3-wmp_4-s_226715762.png "title=" Qq20160721204313.png "alt=" Wkiom1eqxmmtscofaabdugwunls878.png-wh_50 "/>

Let's take a look at Sha 1

Java generates the code for the SHA1 digest:

MessageDigest md5 =MessageDigest.getInstance("SHA");
        String messageStr="123456";
        md5.update(messageStr.getBytes());
        byte[] summery= md5.digest();
        StringBuffer md5StrBuff = new StringBuffer();
        for (int i = 0; i < summery.length; i++) {  
                if (Integer.toHexString(0xFF & summery[i]).length() == 1){  
                    md5StrBuff.append("0").append(  
                            Integer.toHexString(0xFF & summery[i]));  
                }else{  
                    md5StrBuff.append(Integer.toHexString(0xFF & summery[i]));  
                }  
            } 
        
        System.out.println(md5StrBuff.toString());

Is it really safe to SHA1 the same question?

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M01/84/74/wKiom1eQxW-B69FwAAAk2nCLvKE585.png-wh_500x0-wm_3 -wmp_4-s_2088791883.png "title=" 123.png "alt=" Wkiom1eqxw-b69fwaaak2nclvke585.png-wh_50 "/>

SHA1 and MD5 are now widely recognized by users of the Security digest algorithm, often used to encrypt user passwords such sensitive information, as a conscientious programmer I think this matter must be understood. MD5 and SHA1 in front of the rainbow surface fragile vulnerable.

Add:

1. Here is a small detail, MD5 and SHA1 Digest algorithm generated is a byte array, each bit is a hexadecimal number, want to output can not be directly tostring because you can not map a 16 binary number to the UTF-8 or GBK character set, So if you want to output as a character, you need to convert it to a 16 binary string before outputting it.

This article is from "Your father's shawl Hair" blog, please be sure to keep this source http://nimalegebi.blog.51cto.com/5614287/1828590

JAVA generated MD5 Summary and SHA1 summary and MD5 's Rainbow table hack