This transformation is a compressed mapping. That is, the space of hash value is usually much smaller than that of input, and different inputs may be hashed into the same output, so it is impossible to determine the unique input value from the hash value. However, if there are enough bits in the output, the probability that different inputs are hashed into the same output is very, very small.
Simply put, hashing is the process of compressing messages of arbitrary length into message digests of fixed length.
Hash is irreversible, that is, the input cannot be restored by the output, and it is often used to save passwords.
SHA-5 12, MD5, etc. Are well-known hash functions. The hash code generated by MD5 is 128 bits, and even MD5 is a synonym for hash. Hash:/sha 512-hash-generator/can be calculated online through the website.
What's the use of hash?
Encryption is the process of changing plaintext into ciphertext, and decryption is the process of changing ciphertext into plaintext in the opposite direction.
For example, the famous Caesar password is to map each word to another word, so as long as there is a codebook, encryption and decryption can be completed by comparison. For example, the simplest, for the 26 letters of English, if each letter moves 3 to the right, abc becomes def, which is also a kind of encryption. Of course, this encryption is very simple and easy to decipher.
However, AES (Advanced Encryption Standard) and 3DES (Triple Data Encryption Algorithm) are recognized as hard to crack. However, Wang Xiaoyun, a female professor of Shandong University, is very good at cracking MD5 and SHA- 1, forcing the encryption standard to upgrade and eventually becoming an academician.
Symmetric encryption
Symmetric encryption means that the encryption and decryption keys are the same, which has the advantage of high speed and is also a traditional encryption method, such as AES and 3DES.
Asymmetric encryption
Asymmetric encryption has different encryption and decryption keys. There are two keys, a public key and a private key. The public key can be made public and the private key can be kept properly. RSA, ECC (Elliptic Curve Encryption Algorithm) and DH (Key Exchange Algorithm) are all asymmetric encryption.
Asymmetric encryption is very slow. How slow? Compared with symmetric encryption, it is 1000 times slower. Because it is slow, it is often used in key agreement. After the session key is negotiated, the communication data is encrypted with the symmetric key.
In 1976, Whitfield Diffie and Martin Hellman first put forward the concept of asymmetric encryption, which is called Diffie-Hellman key exchange. Then in 1978, Ron Rivest, adi shamir and Leonard Aderman of MIT published RSA algorithm. These can be regarded as the basis of asymmetric encryption.
Asymmetric encryption is also called public key infrastructure and PKI. The proposal of asymmetric encryption is a revolution in cryptography and has far-reaching influence.
Asymmetric encryption algorithm is encrypted with private key and decrypted with public key, or encrypted with public key and decrypted with private key.
The purpose of the certificate is to prove that I am who I am. For example, if you want to visit the website of Bank of China, how can BOC official website prove that it is BOC official website? The answer is a digital certificate.
CA is a digital certificate center, and the server needs to find a CA for authentication, so that CA can issue digital certificates for itself. Digital certificates usually contain some information about the service and the public key of the server. After being encrypted by CA private key, a digital certificate is generated. Because the authority of CA and its public key are well known all over the world, if you can unlock the certificate with the public key of CA, you can prove that the certificate must be issued by CA, otherwise there will be no private key of CA, and a usable public key of CA cannot be generated.
Therefore, it can be seen that the digital certificate uses asymmetric encryption.
And signatures in daily life, everyone's handwriting is different. You sign the bill after spending by credit card, and the waiter will check it and save it. You can have a signature as evidence when you break the contract, because the handwriting written by others is always different from yours.
What is a digital signature? For example, if A sends an email, how can the recipient prove that this letter was written by A?
In essence, digital signatures also use asymmetric encryption.
As mentioned earlier, asymmetric encryption has a public key and a private key. If the sender encrypts it with a private key, and then the receiver can decrypt it with the sender's public key, it can be proved that it is sent from the sender. Because others can't get your private key, they can't use it to encrypt. You can't deny it
Digital signature usually hashes the content first to generate a summary of the content, and then encrypts it with a private key to obtain a signature.
Here is an example to illustrate these problems:
Zhang San has two keys, a public key and a private key. Keep them properly. Obviously, only he knows about asymmetric encryption.
Li Si wrote a letter to Zhang San. After writing it, he encrypted it with Zhang San's public key and sent it to Zhang San through the post office. Even if the postman opens the envelope, he can't read it, because the content is ciphertext, and only Zhang San's key can decrypt it.
After Zhang San received the letter, he decrypted it with the private key and could read it normally.
Now Zhang San wants to write back to Li Si. After writing, he uses a hash function to generate a summary.
Then Zhang San encrypts the abstract with the private key to generate a digital signature.
Then attach a signature to the bottom of the letter and send it to Li Si.
The process is: clear the letter-> Hash-> digist-& gt; Private key encryption->; Sign.
After receiving the reply, Li Si decrypted the digital signature with Zhang San's public key and got the abstract, which proved that the letter was indeed sent by Zhang San. Why? Because if it is not Zhang Sanfa, then the writer does not have Zhang San's private key, and the signature encrypted with other private keys cannot be decrypted with Zhang San's public key.
Li Si hashed the contents of the letter and got a summary. If it is consistent with the summary obtained in the previous step, it proves that the contents of the letter have not been modified and are complete.
A complicated situation has arisen.
Wang Wu replaced Zhang San's public key saved by Li Si with his own public key, that is, Wang Wu deceived Li Si and Li Si mistook Wang Wu's public key for Zhang San's public key, so that Wang Wu could write to Li Si as Zhang San (Wang Wu encrypted it with his own private key).
What's the problem? The problem is that Li Si is not sure that the public key he saved is really Zhang San's public key. If the public key of ICBC official website stored on the client computer is actually the public key of the fraud company, it will be in big trouble.
How to break it? Let Zhang San go to CA(Certificate Authority) to authenticate the public key. What should I do? CA center encrypts Zhang San's public key and other related information with its own private key to generate a digital certificate.
After Zhang San got the digital certificate, he wrote back to Li Si later, signing and attaching the digital certificate.
After receiving the letter, Li Si unlocks the digital certificate from CA's public key, takes out Zhang San's public key (which must be true), and then can unlock the signature safely and happily according to the previous process.
After joining the digital certificate, the core difference is that Zhang San's public key is no longer stored in Li's four places, but issued through the digital certificate.
Why must Zhang San's public key in the digital certificate be true? Because CA is an authoritative organization, it is assumed that there is only one (actually not many) in the world, and its public key is known all over the world and is a fixed string. Therefore, the certificate that can be unlocked with CA's public key must be issued by CA, because CA encrypts its generated certificate with its own private key. Obviously, asymmetric encryption can be used to prove that I am who I am.
Key exchange algorithm
The famous DH key exchange algorithm, this algorithm is very interesting and ingenious. In short, it is amazing that two communication parties exchange a little information (not afraid of being stolen) and then distribute the same key at both ends.
There is a very interesting example.
Alice and Bob are going to negotiate a common color. They can exchange information, but the information they exchange can be stolen. What shall we do? We can negotiate the color of the boy, and we can't let others know.
The principle of key exchange algorithm is similar. There is a lot of information on the internet about this problem. I think, after understanding the above example, ECDH will not be ugly.
As we all know, http is an Internet protocol, but it is not secure enough, so there is an improved version of https behind it, which is actually an additional TLS, that is, transport layer encryption. In essence, a session key is negotiated by shaking hands, and all subsequent data transmission uses this key for symmetric encryption and decryption.
The secure channel we often talk about is actually to negotiate a session key. It's not mysterious. Just put a few pictures.
In order to reduce these RTTs, we have thought of various ways, and then we can realize 0RTT, 1RTT by multiplexing connections.
That's all. Finally, I throw out a few nouns that I am interested in learning from Baidu: DTLS, HMAC, AEAD, replay attack and amplification attack. Is it high-end?