Reproduced from: https://blog.csdn.net/zyhlwzy/article/details/77948137
Because of the illegal copying of computer software, the leakage of communication and the security of data are threatened, the problem of decryption and piracy is becoming more and more serious, even leading to international disputes. Therefore, in information security technology, encryption technology occupies an irreplaceable position. Therefore, the research and development of information encryption technology and encryption means are subject to various countries. The computer industry attaches great importance to the rapid development.
In the process of system development, some data are very important and can not be leaked for the system or users. Encryption of important data is very necessary for any system, such as user's login password, transaction password and so on. This paper uses the encryption of user's password when user registers to get a general idea. Talk about some commonly used encryption algorithms and related implementations.
DES Encryption Algorithms
DES encryption algorithm is a block cipher, which encrypts data in 64 bits. Its key length is 56 bits. The same encryption and decryption algorithm is used. DES encryption algorithm is to keep secret the key, while public algorithm includes encryption and decryption algorithm. In this way, only those who have the same key as the sender can interpret the ciphertext data encrypted by DES encryption algorithm.
There are three entry parameters of DES algorithm: Key, Data and Mode. Among them, Key is 64 bits in 8 bytes, which is the working key of DES algorithm; Data is 64 bits in 8 bytes, which is data to be encrypted or decrypted; Model is the working mode of DES, there are two ways: encryption or decryption.
DES algorithm works as follows: If Model is encrypted, Data is encrypted by Key, and the output result of DES is generated in the form of Data cryptography (64 bits); if Model is decrypted, Data in the form of cryptography is decrypted by Key, and the output result of DES is restored to the form of Data plaintext (64 bits). At the two ends of the communication network, the two sides agree on a key, which encrypts the core Data with Key at the source of the communication, and then transmits the Data in the form of password to the end of the communication network in the public communication network (such as telephone network). After the Data reaches the destination, the same Key decrypts the cryptographic Data and reproduces the clear code form. Core Data. In this way, the security and reliability of the core Data (such as PIN, MAC, etc.) in the public communication network are guaranteed.
In java, examples of using DES algorithms are as follows:
public class SecurityDESUtils {
private static Logger logger = LogManager.getLogger(SecurityDESUtils.class);
private static final String ENCODEING = "UTF-8";
private static final String ALGORITHM = "DES";//encryption algorithm
/**
* @Comment DES Algorithmic encryption
* @param plaintext Text to be encrypted
* @param secureKey Length should not be less than 8
* @Author Ron
* @Date 2017 September 12, 11:54:12 a.m.
* @return
*/
public static String encrypt(String plaintext, String secureKey) {
String encryptStr = "";
try {
byte[] datasource = plaintext.getBytes(ENCODEING);
SecureRandom random = new SecureRandom();
DESKeySpec desKey = new DESKeySpec(secureKey.getBytes(ENCODEING));
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
SecretKey securekey = keyFactory.generateSecret(desKey);
//Cipher Object Actually Completes Encryption Operation
Cipher cipher = Cipher.getInstance(ALGORITHM);
//Initialization of Cipher objects with keys
cipher.init(Cipher.ENCRYPT_MODE, securekey, random);
//Now, get the data and encrypt it
//Formal Encryption Operation
byte[] encryptSrc = cipher.doFinal(datasource);
encryptStr = Base64Utils.encodeToString(encryptSrc);
} catch (Exception e) {
logger.error("DES Encryption report exception",e);
}
return encryptStr;
}
/**
* @Comment Decrypt
* @param encryptStr Encrypted string
* @param secureKey Length should not be less than 8
* @Author Ron
* @Date 2017 September 12, 1:12:56 p.m.
* @return
* @throws BadPaddingException
* @throws IllegalBlockSizeException
*/
public static String decrypt(String encryptStr, String secureKey){
String decryptStr = "";
try {
byte[] src = Base64Utils.decodeFromString(encryptStr);
// DES algorithm requires a trusted random number source
SecureRandom random = new SecureRandom();
// Create a DESKeySpec object
DESKeySpec desKey = new DESKeySpec(secureKey.getBytes(ENCODEING));
// Create a Key Factory
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
// Converting DESKeySpec objects to SecretKey objects
SecretKey securekey = keyFactory.generateSecret(desKey);
// Cipher object actually completes decryption operation
Cipher cipher = Cipher.getInstance(ALGORITHM);
// Initialization of Cipher objects with keys
cipher.init(Cipher.DECRYPT_MODE, securekey, random);
// Really start decryption
byte[] decryptSrc = cipher.doFinal(src);
decryptStr = new String(decryptSrc,ENCODEING);
} catch (Exception e) {
logger.error("DES Decryption failed",e);
}
return decryptStr;
}
public static void main(String[] arg) throws Exception{
String src="ninhao";
String srKey="40c7f529c177487bb3b03cf16e962c82";
String enString = encrypt(src,srKey);
System.out.println("Encryption:"+enString);
System.out.println("Decrypt:"+decrypt(enString,srKey));
}
}
The main form of attack on DES is known as brute force or exhaustion, which is to repeatedly try various keys until one matches. If DES uses a 56-bit key, the possible number of keys is 26. With the continuous development of computer system capability, the security of DES is much weaker than when it first appeared. However, from the reality of non-critical nature, it can still be considered as sufficient. However, DES is now only used for the authentication of old systems, and more new encryption standards - Advanced Encryption Standard (AES).