Abstract algorithm is called the hash algorithm, which represents the input of arbitrary length of data, output fixed-length data, the same input data always get the same output, different input data as far as possible to obtain a different output.
The method in Java Object.hashCode()
is a digest algorithm, it can enter arbitrary data, its output is an int type, that is, 4 bytes of fixed-length data, while the same input will get the same output, this is the overriding Equals method must override the Hashcode method reason.
Since the length of the output is fixed and the length of the output is not fixed, it means that two different inputs may get the same output, which is the collision problem . This requires in the design of the hash algorithm, as far as possible to make the collision rate is low, and can not guess the output , such as: hash ("java1") = "123456", Hash ("java2") = "123457", then we can guess the hash (" Java3 ") =" 123458 ", that is, a secure hash algorithm is difficult to push input from the output, can only rely on violent poor lift.
Summary algorithms that are commonly used today:
algorithm |
Output Length |
MD5 |
128bit |
SHA-1 |
160bit |
SHA-256 |
256bit |
MD5
Use of MD5
- Verifying file Integrity
- Store user passwords
The system does not store the user's original password, but instead stores the MD5 of the user's original password, the system calculates the MD5 of the user's original password and compares it with the MD5 of the data store, if the same, the password is correct, and vice versa indicates the password error. When using MD5 we need to pay attention to the Rainbow table attack , Rainbow table is pre-stored common password and corresponding MD5 value, then the hacker can be based on the Rainbow table MD5 corresponding password, so in order to resist the Rainbow table attack we can not simply record the original password MD5 value, Instead, add a random salt, MD5 (Salt+password), to each password. The Java code is as follows:
// MD5的输入是字节数组 public static byte[] toMD5(byte[] input) { MessageDigest md = null; try { md = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } md.update(input); return md.digest(); } public static void main(String[] args) throws UnsupportedEncodingException { String str = "MD5摘要算法测试"; byte[] r = toMD5(str.getBytes()); // %x表示返回的是16进制,而32表示16个字节 System.out.println(String.format("%32x", new BigInteger(1, r))); String salt = "random"; byte[] digest = toMD5((str + salt).getBytes("UTF-8")); System.out.println(String.format("%32x", new BigInteger(1, digest))); }
SHA-1
The SHA-1 algorithm is also a hashing algorithm, output 160bit, its similar algorithm has SHA-256 and SHA-512, the output length is 256bit and 512bit respectively. SHA-1 used in Java similar to MD5:
public static byte[] sha(byte[] input) { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA-1"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } md.update(input); return md.digest(); } public static void main(String[] args) throws UnsupportedEncodingException { String str = "SHA-1摘要算法测试"; byte[] r = sha(str.getBytes()); System.out.println(String.format("%040x", new BigInteger(1, r))); }
Welcome to the public number: wood can be greatly, all articles will be synchronized in the public number.
Three-minute reading digest algorithm