The encryption algorithm is easy to understand, that is, it turns plaintext into something that people can't understand, and then sends it where they want to send it. The receiver uses the matching decryption algorithm to decrypt the ciphertext into plaintext, so if the ciphertext is intercepted by others on the road, they are not afraid of leaking.
There are two encryption algorithms. The first one is not based on KEY. For a simple example, if I want to encrypt a string like "fordesign", I will change every character to its last character, so it is "gpseftjhm". Of course, people can't understand this kind of thing, and the receiver can get the original text by the opposite method. Of course, this is just an example. Nobody should use such a funny encryption algorithm now.
Encryption algorithms that are not based on keys seem to have been used until computers appeared. I remember that ancient military secrets in China were all encrypted in this way. When fighting, it seems that the telegraph operator in the army should also bring a password book, and it should be encrypted like this. The security of the algorithm is based on keeping the secret of the algorithm.
The disadvantage of this encryption algorithm is too obvious, that is, once your encryption algorithm is known by others, it will definitely hang up. Japan's midway failed miserably, as if the password had been cracked by Lao Mi. Designing an algorithm is very troublesome. Once it is broken, it is useless, which is also a waste.
The encryption algorithms we use now are generally based on keys, that is to say, a key is needed in the encryption process, and the plaintext is encrypted with this key. Even if this algorithm is cracked once, you can continue to use it next time you change the key. What is a key? Whatever you want, it can be a randomly generated number, or it can be a word, anything, as long as the algorithm you use thinks that what you choose as the key is legal.
The most important thing about this algorithm is that its security depends on the key, and generally depends on the length of the key. That is to say, it is quite difficult to crack when people know the algorithm and don't know the key. In fact, commonly used key-based encryption algorithms can be found on the Internet, and many revolutionary comrades (all foreigners) are trying to crack key-based encryption algorithms, including symmetric encryption and asymmetric encryption. Symmetric encryption means that both parties use exactly the same key, the most common one is DES. DES3, RC4, etc. The principle of symmetric encryption algorithm is easy to understand. One party encrypts plaintext with KEK, and the other party decrypts it with the same key after receiving it.
Asymmetric encryption means that both parties use different keys to encrypt and decrypt plaintext, and both parties must have their own public and private keys. For example, it is easier to understand. Let's assume that the two communication parties are A and B respectively.
A has KEY_A 1 and KEY_A2, where key _ a 1 is the private key and key _ a2 is the public key.
B has KEY_B 1 and KEY_B2, where key _ b 1 is B's private key and key _ b2 is B's public key. ..
The characteristic of public key and private key is that encrypted plaintext can only be decrypted by the other party. That is to say, plaintext encrypted with KEY_A 1 can only be decrypted with KEY_A2, and vice versa.
The communication process is as follows:
a-& gt; KEY_A2 ->B
A & lt-KEY _ B2 & lt; [Ancient names or Latin modern names of animals and plants]
This process is called public key exchange, and foreigners call it KeyExchange.
After that, A and B encrypt with each other's public key and decrypt with their own private key.
Generally, you have to release the public key, and then you encrypt the plaintext with your own private key, and others decrypt it with your public key. If you can unlock it, you are an encryptor, which is the authentication mechanism used by SSL.
Commonly used asymmetric encryption generally includes RSA, DSA, DH, etc. We usually use RSA.
Digital signature is also an important application of asymmetric encryption algorithm. Understanding it is very important for understanding SSL Let's stop here.
What is a signature? Are you familiar with it? The certificate was written by you and published by you. You can sign it. Look at those important documents. They should be signed by the director. A digital signature is a digital signature. Remember the characteristics of public key and private key? Only you have your own private key. And your public key is known to others. Then after you finish writing the email, encrypt your name with your private key, and the recipient will unlock it with your public key. Oh, it's from you. This is your digital signature process.
The above explanation is very simple. In fact, digital signature is much more complicated than this, but we don't need to know it, just need to know that digital signature is such a thing.
We need to know another encryption algorithm. Actually, I don't think it is an encryption algorithm. It should be called hash algorithm. English is message digest, which is used to change plaintext strings of any length into strings of fixed length according to certain rules. It also plays an important role in SSL, which will be mentioned later. MD5 is generally used. Sand. Base64 is not an encryption algorithm, but it is also an algorithm often used by SSL. Is a coding method used to reverse asc code and binary code.
We don't need to know the specific encryption and decryption process, because SSL doesn't care at all. But it is necessary to understand some basic principles of encryption algorithm, otherwise it is difficult to understand SSL.
Comrades who are interested in the details of encryption algorithms can go online to find articles about the principles and implementation procedures of these encryption algorithms to learn, but learn number theory first. I don't understand number theory. I'm still confused about that.