The SHA secure hashing algorithm for Android data encryption

Objective:

For the SHA Secure Hash algorithm, not used before, just stay in the heard of the stage, today in the picture cache frame Glide source found that its cache key is not MD5 encryption algorithm, but SHA-256 encryption algorithm, this just hook up my curiosity, so while the night nothing, To learn a bit.

Several other encryption methods:

• RSA encryption of Android data encryption

• AES encryption of Android data encryption

• Des encryption of Android Data encryption

• MD5 encryption of Android data encryption

• BASE64 encoding algorithm of Android data encryption

SHA Encryption algorithm

SHA (Secure Hash algorithm, secure Hash Algorithm), digital signature and other cryptographic applications of important tools, is widely used in e-commerce and other information security fields. and MD5 encryption algorithm, is also an irreversible encryption algorithm, but can also be broken through the poor lifting method, but Sha's deciphering difficulty and cost is higher than MD5, relative to MD5 more secure, now has become recognized as one of the most secure hashing algorithm, and is widely used. Mainly includes sha-1,sha-224,sha-256,sha-384, and SHA-512 these one-way hashing algorithm. sha-1,sha-224 and SHA-256 are suitable for messages that do not exceed 2^64 bits in length. SHA-384 and SHA-512 are suitable for messages that do not exceed 2^128 bits in length. The official commentary is as follows:

• It is difficult to calculate the original input message from the message digest.

• Trying to find two different sets of messages corresponding to the same message digest is also difficult to calculate theoretically. Any change to the input message has a high probability that it will produce a different message digest.

SHA encryption principle SHA-1 is a data encryption algorithm, the idea of the algorithm is to receive a piece of plaintext, and then in an irreversible way to convert it to a paragraph (usually smaller) ciphertext, can also be easily understood as a string of input code (called Pre-mapping or information), and convert them to a shorter length,     A fixed number of bits of output sequence is the process of hashing values (also known as information digests or information authentication codes). The security of one-way hash function is that its operation process of generating hash value has a strong unidirectional nature. If the password is embedded in the input sequence, then no one can produce the correct hash value without knowing the password, thus guaranteeing its security.    Sha blocks the input stream by 512 bits per block (64 bytes) and produces 20 bytes of output called the Information authentication Code or information digest. The input message length of the algorithm is unlimited, the output is a 160-bit message digest. The input is processed in 512-bit groupings. SHA-1 is irreversible, conflict-proof and has a good avalanche effect. The digital signature is realized by hashing algorithm, the principle of the digital signature is to transfer the plaintext through a function operation (Hash) to the report digest (different clear text corresponding to different message digest), the digest to be encrypted and sent to the receiver with the clear text,    The receiving party will accept the clear text generated by the new digest to be decrypted with the sender of the digest to decrypt the comparison, the comparison results uniformly indicate that the plaintext has not been altered, if inconsistent, indicating that the plaintext has been tampered with. Mac (information authentication code) is a hash result, some of the input information is a password, only the participants who know the password can again calculate and verify the legitimacy of MAC code. SHA Encryption Advantages

Since SHA is also MD4 evolved, its advantages are roughly the same as that of MD5.

• Compressibility: Data of any length, the length of SHA value calculated is fixed.

• Easy to calculate: It is easy to calculate the SHA value from the original data.

• Anti-modification: Any changes to the original data, even if only 1 bytes are modified, the resulting SHA value is very different.

• Strong anti-collision: known raw data and its SHA value, it is very difficult to find a data with the same SHA value (that is, forged data).

SHA Application Scenario

• Conformance verification

• Digital signatures

• Secure access authentication

Simple implementation of SHA encryption

The code here shows an example of SHA-256.

 public static String sha(String string) { if (TextUtils.isEmpty(string)) { return "";
        }
        MessageDigest md5 = null; try {
            md5 = MessageDigest.getInstance("sha-256"); byte[] bytes = md5.digest((string ).getBytes());
            String result = ""; for (byte b : bytes) {
                String temp = Integer.toHexString(b & 0xff); if (temp.length() == 1) {
                    temp = "0" + temp;
                }
                result += temp;
            } return result;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } return "";
    }

Discussion on safety of SHA

• SHA-1 is widely used in many security protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPSec, which were once considered successors to the MD5 (previously widely used hash function). In 2005, the cryptology proved that SHA-1 's crack speed was 2000 times times higher than expected, although the crack is still extremely difficult and expensive, but as computers become faster and cheaper, the security of the SHA-1 algorithm has been reduced year in, has been seriously questioned by Cryptology, Want to replace it with a higher security SHA-2.

• SHA-224, SHA-256, SHA-384, and SHA-512 are called SHA-2.

• The new hash function does not accept the public password community like SHA-1 to do detailed testing, so their password security is not widely trusted by everyone.

• Although there has not yet been an effective attack on SHA-2, its algorithms are basically still similar to SHA-1, so some people are starting to develop alternative hashing algorithms.

The Deeds of MNC:

Google's official blog has announced that it will gradually reduce the security instructions for the SHA-1 certificate in the Chrome browser. But the interesting thing is that Google.com is currently using a SHA-1 signed certificate, but the certificate will expire within 3 months, and Google will use the SHA-2 signed certificate from 2015 onwards. The SHA-1 algorithm has not yet found serious weaknesses, but the cost of forging certificates is getting lower.

The SHA secure hashing algorithm for Android data encryption