Small Introduction to cryptography algorithms

1) Md5/sha

MessageDigest is a digital fingerprint of data. That is, an arbitrary length of data is computed, resulting in a unique fingerprint number.

Features of the MessageDigest:

A) Two different data, difficult to generate the same fingerprint number

B) It is difficult to calculate the original data backwards for the specified fingerprint number

Representative: Md5/sha

2) DES

Single key algorithm is the sender of the information using key A for data encryption, the receiver of the information uses the same key A for data decryption .

The single key algorithm is a symmetric algorithm.

Disadvantage: Because the same key is used for encryption and decryption, the security of key storage is a problem in multi-user situation.

Rep: DES

3) RSA

RSA is an asymmetric encryption and decryption algorithm.

RSA is named from the initials of the authors, Ron Rivest, Adi Shamir, and

Leonard adleman,who first published the algorithm.

Both RSA and DSA are non-symmetric encryption algorithms. The security of RSA is based on the decomposition of a very difficult large integer (the product of two primes); the security of DSA

is based on the problem of discrete logarithm of integer finite field. Basically, the RSA algorithm with the same key length can be considered to be equal to the DSA algorithm security.

The public key is used for encryption, it is made public to everyone, the private key is used for decryption, only the recipient of the cipher holds it.

The following commands apply to OpenSSL for RSA:

Generate a key (private key)

[email protected] ~]# OpenSSL genrsa-out private.key 1024

Note: It is important to note that this file contains both the public key and the key, which means that the file can be used for encryption or decryption, and the following 1024 is the generation

The length of the key.

Extracting the public key from the key file Private.key

[email protected] ~]# OpenSSL rsa-in private.key-pubout-out pub.key

Encrypting information with public keys

[Email protected] ~]# echo-n "123456" | OpenSSL Rsautl-encrypt-inkey pub.key-pubin> Encode.result

Decrypting information with the private key

[[Email protected] ~] #cat Encode.result | OpenSSL Rsautl-decrypt-inkey Private.key
123456

4) DSA (Digital Signature algorithm)

DSA is typically used for digital signatures and authentication .

DSA is a variant of the Schnorr and ElGamal signature algorithms, and is used by NIST as the DSS (DigitalSignature standard).

DSA is based on the problem of discrete logarithm of integer finite field, and its security is similar to that of RSA.

In DSA digital signature and authentication, the sender uses his or her private key to sign a file or message, and the recipient receives the message and uses the sender's public key

To verify the authenticity of the signature. DSA is just an algorithm that differs from RSA in that it cannot be used for encryption and decryption or for key exchange.

For signing only, it is much faster than RSA.

Generate a key (private key)

[email protected] ~]# OpenSSL dsaparam-out Dsaparam.pem 1024

[email protected] ~]# OpenSSL gendsa-out Privkey.pem Dsaparam.pem

Generate Public key

[email protected] ~]# OpenSSL dsa-in privkey.pem-out pubkey.pem-pubout

[Email protected] ~]# RM-FR DSAPARAM.PEM

Signing with a private key

[Email protected] ~]# echo-n "123456" | OpenSSL dgst-dss1-sign Privkey.pem > Sign.result

Using Public key authentication

[Email protected] ~]# echo-n "123456" | OpenSSL dgst-dss1-verify pubkey.pem-signature Sign.result

5) Other options: ECC

RSA and DSA have advantages and disadvantages, there is not a better choice? The answer is yes,ECC (Elliptic Curves Cryptography): Elliptical

circular curve algorithm .

ECC has the following advantages over RSA:
(1) Under the same key length, security can be higher, such as 160-bit ECC has the same security strength as 1024-bit RSA, DSA.
(2) Low computational capacity, fast processing speed, the processing speed of the private key (decryption and signature), ECC far faster than RSA, DSA.
(3) The key size and system parameters of small ECC in storage space are much smaller than RSA and DSA, so they occupy much less storage space.
(4) The low bandwidth requirement makes ECC have a wide application prospect.

This makes it possible for ECC to be replaced by RSA.

Small Introduction to cryptography algorithms