Current location - Quotes Website - Signature design - Common signature algorithms
Common signature algorithms
Write in front: encryption and signature are two different things. The purpose of encryption is to prevent information leakage, and the purpose of signature is to prevent tampering and forgery.

MD5, SHA- 1, SHA-256, HMAC-SHA256, etc. It belongs to the hash algorithm, which is irreversible and has collision.

DES, AES, RSA, etc. It belongs to encryption algorithm, which can reversibly encrypt and decrypt data.

MD5 signature usually arranges the data to be signed according to certain rules, adds salt (spelling key), and then calculates the abstract by MD5 digest algorithm, and the hash value obtained is sign.

MD5 signature verification is to arrange the data to be signed according to the same rules, use the same key, and then use MD5 digest algorithm to calculate the abstract, and compare whether the signature value obtained by itself is equal to the signature value sent by the other party.

References:

Principle of MD5 algorithm

As a hash algorithm, MD5 is difficult to have hash collision, but there are still two different kinds of data that will collide.

Knowing plaintext A, we can calculate that another plaintext B and A have the same MD5 value, but there is no guarantee that B is a meaningful text.

Unknown plaintext a, given MD5 value x, plaintext a cannot be calculated.

Violent enumeration, dictionary method and rainbow table method (dictionary table optimization)

References:

MD5 cracking method

This article on the Internet is very clear: SHA 1 algorithm principle.

SHA- 1 is generally applied to the signature hash algorithm of digital certificates or the hash algorithm in RSA signatures.

It has been confirmed by authoritative organizations that the insecurity of sha 1 algorithm is getting higher and higher, and the cost of sha fingerprint fraud is getting lower and lower. Subsequently, IT giants such as Microsoft and Google successively issued statements to abandon sha 1 hash algorithm, and third-party certification bodies will stop issuing numbers of SHA 1 algorithm from 20 16 1.

This article on the internet makes it very clear: the principle of SHA256 algorithm.

SHA- 1 algorithm and SHA-256 algorithm are not close relatives, and SHA-256 algorithm belongs to SHA-2 algorithm. SHA- 1 is a hash value of 160, while SHA-2 is a combination value of different digits, and SHA-256 is a 256-bit SHA-2. SHA- 1 algorithm and MD5 algorithm are derived from MD4 algorithm, so they are close relatives.

As the name implies, slow hashing is very slow, mainly to prevent violent cracking. Because of its slow speed, it is usually used in client or scenes with no performance requirements.

Commonly used in the industry are MD5(MD5 (password) +salt) or SHA256(SHA256 (password) +salt).

The client transmits SHA256 (password) to the server, and the server transmits SHA 256 (password +salt).

slow

Ps: If small data needs to be encrypted and signed, you can directly encrypt the whole data with RSA private key and decrypt it with the receiver's public key without signature.

For example, the interface for presenting vouchers can be called repeatedly after getting a real request.

Solution: