Order
The basic one-way encryption algorithm--MD5 is introduced in the previous article, and the principle of its realization is also roughly stated. This article continues the one-way encryption mentioned earlier, mainly on Sha, like MD5, Sha is also a series, which includes several algorithms such as sha-1,sha-224,sha-256,sha-384, and SHA-512. Among them, sha-1,sha-224 and SHA-256 apply to messages that do not exceed 2^64 bits in length. SHA-384 and SHA-512 are suitable for messages that do not exceed 2^128 bits in length.
Background
Before starting the text, simply say the background. At first blush you may not know, but when it comes to hashing and hashing algorithms, you will know, that is, the usual meaning of the hash. So, first look at what a hash is. Hashing, is the refinement of information, usually its length is much smaller than the information, and is a fixed length. A cryptographically strong hash must be irreversible, which means that no part of the original information can be rolled out by hashing the result. It is clear that the result of the hash is irreversible, and the original information cannot be released according to the hash result.
Body
Having understood the background, we began to introduce SHA.
SHA, all known as "secure Hash Algorithm", the Chinese name "Secure Hash Algorithm", is mainly applicable to the digital Signature Algorithm (digital Signature standard DSS), which is defined in the digitally Signature Algorithm DSA). For messages that are less than 2^64 bits in length, SHA1 produces a 160-bit message digest.
The idea of the algorithm is to receive a clear text, and then in an irreversible way to convert it into a paragraph (usually smaller) ciphertext, can also be easily understood as a string of input code (called Pre-mapping or information), and convert them to a short length, fixed number of bits of the output sequence is the process of hashing values.
Also mentioned above, SHA stipulates a number of algorithms, including sha-1,sha-224,sha-256, and many other kinds. Here I take SHA-1 as an example, tell me how SHA-1 works.
There are two characteristics of SHA-1:
- You cannot restore information from a message digest
- Two different messages that do not produce the same message digest
SHA-1 is a data encryption algorithm, mainly to receive a piece of plaintext, and then convert it into a cipher in an irreversible way, or simply to take a string of input code, and convert them to a short length, fixed number of bits of output sequence is the process of hashing values.
The security of one-way hash function is that its operation process of generating hash value has a strong unidirectional nature. If the password is embedded in the input sequence, then no one can produce the correct hash value without knowing the password, thus guaranteeing its security. SHA blocks the input stream by 512 bits per block (64 bytes) and produces 20 bytes of output called the Information authentication Code or information digest.
The input message length of the algorithm is unlimited, the output is a 160-bit message digest. The input is processed in 512-bit groupings. SHA-1 is irreversible, conflict-proof and has a good avalanche effect.
The digital signature is realized by hashing algorithm, the principle of the digital signature is to transfer the plaintext through a function operation (Hash) to the report digest (different clear text corresponding to different message digest), the digest to be encrypted and sent to the receiver with the clear text, The receiving party will accept the clear text generated by the new digest to be decrypted with the sender of the digest to decrypt the comparison, the comparison results uniformly indicate that the plaintext has not been altered, if inconsistent, indicating that the plaintext has been tampered with.
Comparison of SHA-1 and MD5
Because both are exported by MD4, SHA-1 and MD5 are very similar to each other. Correspondingly, their strength and other characteristics are similar, but there are several differences:
- Security for brute force attacks
The most significant and important difference is that the SHA-1 digest is 32 bits longer than the MD5 digest. Using the brute force technique, generating any message to make its digest equal to the difficulty of a given report digest is a 2^128 order of magnitude, while for SHA-1 it is a 2^160 order of magnitude of operation. MD5 In this way, the SHA-1 has greater strength for brute force attacks.
- Security for password analysis
Because of the MD5 design, vulnerable to password analysis attacks, SHA-1 appears to be vulnerable to such attacks.
On the same hardware, the SHA-1 runs slower than MD5.
Code implementation
<span style= "Font-family:comic Sans ms;font-size:12px;" >package com.sica.sha;import com.google.common.base.strings;import java.security.messagedigest;/** * Created by Xiang.li on 2015/2/11. */public class SHA {/** * defines the encryption method */Private final static String Key_sha = "SHA"; Private final static String KEY_SHA1 = "SHA-1"; /** * Global Array */private final static string[] hexdigits = {"0", "1", "2", "3", "4", "5", "6", "7", "8 "," 9 "," a "," B "," C "," D "," E "," F "}; /** * constructor */public SHA () {}/** * SHA encryption * @param data requires an encrypted byte array * @return encrypted byte array * @throws Exception */public static byte[] Encryptsha (byte[] data) throws Exception {//Create a summary of information with the specified algorithm name// MessageDigest sha = Messagedigest.getinstance (Key_sha); MessageDigest sha = Messagedigest.getinstance (KEY_SHA1); The digest is last updated with the specified byte array sha.update (data); Completes the summary calculation and returns return Sha.digest (); } /** * SHA encryption * @param data requires an encrypted string * @return the string after encryption * @throws Exception */public static string Encryptsh A (String data) throws Exception {//Verify the passed-in string if (Strings.isnullorempty (data)) {return ""; }//Create a summary of the information with the specified algorithm name MessageDigest sha = Messagedigest.getinstance (Key_sha); The summary is last updated with the specified byte array sha.update (Data.getbytes ()); Complete summary calculation byte[] bytes = Sha.digest (); Converts the resulting byte array into a string returning return bytearraytohexstring (bytes); }/** * Converts a byte into a 16-binary string * @param B-byte array * @return String */private static string Bytetohexstring (by Te b) {int ret = b; System.out.println ("ret =" + ret); if (Ret < 0) {ret + = 256; } int m = RET/16; int n = ret% 16; return hexdigits[m] + hexdigits[n]; }/** * Convert byte array to hexadecimal String * @param bytes byte array * @return Hexadecimal string * * * private static string Bytearraytohex String (byte[] bytes) {stringbuffer sb = new StringBuffer (); for (int i = 0; i < bytes.length; i++) {Sb.append (bytetohexstring (bytes[i])); } return sb.tostring (); }/** * Test method * @param args */public static void main (string[] args) throws Exception {String ke y = "123"; System.out.println (Encryptsha (key)); }}</span>
Conclusion
See this, I think SHA-1 simple principle you should be aware of, and, for the application is not difficult, you can refer to the above Java code. Back to think MD5, through the above article, you can know, in fact, SHA-1 and MD5 is expatiating, but their respective implementation of different ways, SHA-1 in the number of operations is more complex than MD5, therefore, for security considerations, SHA-1 is relatively reliable.
As to when it will be used, it is necessary to consider the characteristics of SHA-1. Very clear, irreversible, and unique. Well, I think that the encryption applied to MD5 also applies to SHA-1. Moreover, in terms of security, SHA-1 more than MD5, if the speed is strict, then, or priority to consider MD5 it.
The Java encryption and decryption technology series SHA