Three-minute reading digest algorithm

Source: Internet
Author: User

Abstract algorithm is called the hash algorithm, which represents the input of arbitrary length of data, output fixed-length data, the same input data always get the same output, different input data as far as possible to obtain a different output.

The method in Java Object.hashCode() is a digest algorithm, it can enter arbitrary data, its output is an int type, that is, 4 bytes of fixed-length data, while the same input will get the same output, this is the overriding Equals method must override the Hashcode method reason.

Since the length of the output is fixed and the length of the output is not fixed, it means that two different inputs may get the same output, which is the collision problem . This requires in the design of the hash algorithm, as far as possible to make the collision rate is low, and can not guess the output , such as: hash ("java1") = "123456", Hash ("java2") = "123457", then we can guess the hash (" Java3 ") =" 123458 ", that is, a secure hash algorithm is difficult to push input from the output, can only rely on violent poor lift.

Summary algorithms that are commonly used today:

algorithm Output Length
MD5 128bit
SHA-1 160bit
SHA-256 256bit
MD5

Use of MD5

    • Verifying file Integrity
    • Store user passwords

The system does not store the user's original password, but instead stores the MD5 of the user's original password, the system calculates the MD5 of the user's original password and compares it with the MD5 of the data store, if the same, the password is correct, and vice versa indicates the password error. When using MD5 we need to pay attention to the Rainbow table attack , Rainbow table is pre-stored common password and corresponding MD5 value, then the hacker can be based on the Rainbow table MD5 corresponding password, so in order to resist the Rainbow table attack we can not simply record the original password MD5 value, Instead, add a random salt, MD5 (Salt+password), to each password. The Java code is as follows:

// MD5的输入是字节数组  public static byte[] toMD5(byte[] input) {        MessageDigest md = null;        try {            md = MessageDigest.getInstance("MD5");        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        md.update(input);        return md.digest();    }    public static void main(String[] args) throws UnsupportedEncodingException {        String str = "MD5摘要算法测试";        byte[] r = toMD5(str.getBytes());        // %x表示返回的是16进制,而32表示16个字节        System.out.println(String.format("%32x", new BigInteger(1, r)));        String salt = "random";        byte[] digest = toMD5((str + salt).getBytes("UTF-8"));        System.out.println(String.format("%32x", new BigInteger(1, digest)));    }
SHA-1

The SHA-1 algorithm is also a hashing algorithm, output 160bit, its similar algorithm has SHA-256 and SHA-512, the output length is 256bit and 512bit respectively. SHA-1 used in Java similar to MD5:

 public static byte[] sha(byte[] input) {        MessageDigest md = null;        try {            md = MessageDigest.getInstance("SHA-1");        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        md.update(input);        return md.digest();    }    public static void main(String[] args) throws UnsupportedEncodingException {        String str = "SHA-1摘要算法测试";        byte[] r = sha(str.getBytes());        System.out.println(String.format("%040x", new BigInteger(1, r)));    }

Welcome to the public number: wood can be greatly, all articles will be synchronized in the public number.

Three-minute reading digest algorithm

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.