Preface:
I haven't used the SHA secure hash algorithm much before, but I just stayed at the stage I've heard of. Today, when I looked at the Glide source code of the image cache framework, I found that the cached key was not the MD5 encryption algorithm, but the SHA-256 encryption algorithm, which aroused my curiosity, so I took advantage of the fact that there was nothing to do at night to learn.
Several other encryption methods:
•Rsa encryption for Android data encryption
•Android data encryption: Aes encryption
• Android data encryption: Des encryption
•Android data encryption MD5 encryption
• Base64 encoding algorithm for Android data encryption
SHA encryption algorithm
SHA (Secure Hash Algorithm), an important tool in cryptography applications such as digital signatures, is widely used in information security fields such as e-commerce. Like the MD5 encryption algorithm, it is also an irreversible encryption algorithm, but it can also be cracked by exhaustive methods. However, the difficulty and cost of SHA are higher than that of MD5, which is more secure than MD5. It has now become one of the most secure hashing algorithms recognized and has been widely used. It mainly includes several unidirectional hashing algorithms such as SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. SHA-1, SHA-224 and SHA-256 are suitable for messages with a length of no more than 2^64 binary bits. SHA-384 and SHA-512 are suitable for messages with a length of no more than 2^128 binary bits. The official explanation is as follows:
• It is very difficult to infer the original input message from the message digest inversely.
• It is also very difficult to find two different sets of messages corresponding to the same message digest in terms of calculation. Any changes to the input message have a high probability of causing the message summary to be very different.
SHA encryption principle
SHA-1 is a data encryption algorithm. The idea of this algorithm is to receive a plain text and then convert it into a (usually smaller) ciphertext in an irreversible way. It can also be simply understood as the process of taking a string of input codes (called premapping or information) and converting them into a shorter-length, fixed-digit output sequence, i.e. hash values (also known as information digest or information authentication code).
The safety of a one-way hash function lies in the strong one-way nature of its operation process of generating hash values. If a password is embedded in the input sequence, no one can generate the correct hash value without knowing the password, thus ensuring its security. SHA blocks the input streams in 512 bits (64 bytes) per block and produces 20 bytes of output called information authentication code or information digest.
The length of the input message of this algorithm is unlimited, and the output generated is a 160-bit message digest. The input is processed in 512-bit packets. SHA-1 is irreversible, conflict-proof, and has a good avalanche effect.
Digital signature can be implemented through a hash algorithm. The principle of digital signature is to convert the plain text to be transmitted into a message digest through a function operation (hash) (different plain texts correspond to different message digests). The message digest is encrypted and sent to the recipient together with the plain text. The recipient generates a new message digest to decrypt and compares the message digest sent by the sender. The comparison result is consistent, which means that the plain text has not been changed. If it is inconsistent, it means that the plain text has been tampered with.
MAC (Information Authentication Code) is a hash result, in which part of the input information is a password. Only participants who know this password can calculate and verify the legitimacy of the MAC code again.
Advantages of SHA encryption
Since SHA also evolved from MD4, its advantages are roughly the same as MD5
•Compressibility: The calculated SHA value length is fixed for data of any length.
• Easy calculation: It is easy to calculate the SHA value from the original data.
• Modification resistance: Any changes to the original data, even if only 1 byte is modified, the resulting SHA value is very different.
• Strong anti-collision: It is known that the original data and its SHA value are very difficult to find a data with the same SHA value (i.e., forged data).
SHA application scenarios
•Consistency verification
•Digital signature
•Secure access authentication
Simple implementation of SHA encryption
This code demonstration takes SHA-256 as an example.
public static String sha(String string) {
if ((string)) {
return "";
}
MessageDigest md5 = null;
try {
md5 = ("sha-256");
byte[] bytes = ((string ).getBytes());
String result = "";
for (byte b : bytes) {
String temp = (b & 0xff);
if (() == 1) {
temp = "0" + temp;
}
result += temp;
}
return result;
} catch (NoSuchAlgorithmException e) {
();
}
return "";
}
Discussion on SHA security
•SHA-1 is widely used in many security protocols, including TLS and SSL, PGP, SSH, S/MIME and IPsec, and was once regarded as the successor to MD5 (a hash function that was widely used earlier). In 2005, cryptographers proved that the cracking speed of SHA-1 was 2,000 times higher than expected. Although cracking is still extremely difficult and expensive, as computers become faster and cheaper, the security of the SHA-1 algorithm has also decreased year by year, and has been seriously questioned by cryptographers, hoping to replace it with SHA-2, which has a higher security strength.
•SHA-224, SHA-256, SHA-384, and SHA-512 are called SHA-2.
•The new hash functions have not been tested in detail by the public cryptographic community like SHA-1, so their password security is not widely trusted.
•Although no effective attack on SHA-2 has occurred so far, its algorithm is still basically similar to SHA-1; therefore some people have begun to develop other alternative hashing algorithms.
Deeds of multinational corporations:
Google's official blog announced that it will gradually reduce the security instructions for SHA-1 certificates in Chrome. But what is interesting is that the current SHA-1 signed certificate is also used, but the certificate will expire within 3 months. Google will use SHA-2 signed certificates from 2015. The SHA-1 algorithm has not yet discovered serious weaknesses, but the cost of forging certificates is getting lower and lower.
The above is all the content of this article. I hope it will be helpful to everyone's study and I hope everyone will support me more.