JAVA加密解密算法研究
自带密钥的加密解密算法研究Abstract
Data Encryption Standard (DES) is an ancient symmetric key encryption algorithm, is now no longer in use. It is not a very safe algorithms. Triple DES (Triple-DES) is still very safe, but it was only a last resort under the law of a better choice. Obviously Advanced Encryption Standard (AES) is a better encryption algorithm, NIST AES replaced by Triple-DES as their standard (Below is a more detailed discussion). Other good two other algorithms including AES and Twofish algorithms variants, also known as Serpent-CAST-128, it is efficiency and safety of the perfect combination. These algorithms not only more secure than DES, but also faster than DES. Why not use some of the safety and slow it SHA1 algorithm is a hash function, rather than an encryption function. As a hash function, SHA1 is still quite good, but it can take several years for the development of encryption algorithms. If you are designing a new system, then you may remember that several years later SHA1 replace the algorithm. I repeat: only possible.
RSA is a public key encryption algorithm. RSA key length for 2048-4096 in general. If you are using a system of 1,024 public key, and there is no need to worry, but you can be lengthened in the length of key encryption to achieve better results.
Advanced Encryption Standard (AES) is used to replace a data encryption standard (DES) algorithm. Currently 128,196 for the general use and 256 keys, the three keys are very safe. And the United States Government have thought. They will be approved by the 128 key AES algorithm for general data encryption, 196 and 256-bit AES algorithm for the key secret and top-secret data encryption data. DES, DESX is an improved version. DESX principle is to use a random binary number and encryption and decryption of data before the data or differences. Although some people criticized this algorithm, but with DES is more secure than DESX, but DESX in many cases does not apply. I have handled a DES hardware support system, as some areas can not tolerate the slow Triple DES, we DESX these places used to replace DES. However, this is a very special situation. If you need to use DESX reasons obvious (and I may have to use DESX similar reasons). However, I suggest that you use AES I mentioned above or some algorithm. RC4 is a common link in the data stream SSL encryption algorithm. It has been there for many years, and there are many known and may be flawed, in some new projects will not use it. If you are currently using it and can be easily uninstall it, the situation is not so bad. However, I doubt if you are using it, you can easily uninstall it. If it can not be from the system easily uninstall, then you should consider how to upgrade its future, but do not feel very scared. I will not refuse to use RC4 algorithm to encrypt SSL connection site to buy things, but if I now have to build a new system, then I will consider using other algorithms, such as: AES. I think you mentioned the following two-MD5 algorithm and SHA1-DSA RSA time, you know that they are used for digital signatures. But do not use MD5, because it has many shortcomings. We know that many years ago on the existence of loopholes in the MD5, but until this summer to break out. If you would like to learn more about MD5 detailed information, you can look at the past I wrote an article. You can SHA1 or DSA and RSA together with use. DSA key now up to the median 1024, the median key has been long enough, so do not worry about security issues. If, however, the NIST has a longer median key course better. X.509 certificate is a data structure, commonly used in the provisions of the order of bits and bytes, it is not a password system. It usually contains a RSA keys, and may also include a DSA key. But X.509 certificate and the certificate itself is not within the encryption technology.
Keyword: encryption, decryption, key, the algorithm
摘 要
数据加密标准(DES)是一个古老的对称密钥加密算法,目前已经不再使用。它不是一个很安全的算法。三重DES(Triple-DES)仍然是很安全的,但是也只是在别无他法的情况下的一个较好的选择。显然高级加密标准(AES)是一个更好的加密算法,NIST用AES代替Triple-DES作为他们的标准(下面有更详细的讨论)。其他较好的算法包括另外两个AES的变种算法Twofish和Serpent-也称为CAST-128,它是效率和安全的完美结合。这几个算法不仅比DES更安全,而且也比DES的速度更快。为什么要使用一些又慢又不安全的算法呢SHA1是一个哈希函数,而不是一个加密函数。作为一个哈希函数,SHA1还是相当优秀的,但是还需要几年的发展才能用作加密算法。如果你正在设计一个新系统,那么谨记你可能会在若干年后用SHA1代替目前的算法。我再重复一遍:只是可能。
RSA是一个公开密钥加密算法。RSA的密钥长度一般为2048-4096位。如果你现在的系统使用的是1024位的公开密钥,也没有必要担心,但是你可以加长密钥长度来达到更好的加密效果。
高级加密标准(AES)是一个用来代替数据加密标准(DES)的算法。目前使用的一般为128,196和256位密钥,这三种密钥都是相当安全的。而且美国政府也是这样认为的。他们批准将128位密钥的AES算法用于一般数据加密,196位和256位密钥的AES算法用于秘密数据和绝密数据的加密。DESX是DES的一个改进版本。DESX的原理是利用一个随机的二进制数与加密前的数据以及解密后的数据异或。虽然也有人批评这种算法,但是与DES相比DESX确实更安全,不过DESX在许多情况下并不适用。我曾经处理过一个硬件支持DES的系统,由于有些环节不能容忍三重DES的慢速,我们在这些地方使用了DESX来代替DES。然而,这是一个非常特殊的情况。如果你需要使用DESX,理由显而易见(可能和我不得不使用DESX的原因类似)。但我建议你使用AES或者上面我提到的一些算法。RC4是一种常用于SSL连接的数据流加密算法。它已经出现很多年了,而且有很多已知和可能的缺陷,因此在一些新的工程中不要使用它。如果你目前正在使用它而且可以轻易的卸载它,那么情况也不是很坏。不过,我怀疑如果你现在正在使用它,你不可能轻易的卸载它。如果不能将它从系统中轻易的卸载,那么你还是考虑今后怎样升级它,但是不要感到很惊慌。我不会拒绝在一个使用RC4算法来加密SSL连接的网站购买东西,但是如果我现在要新建一个系统,那么我会考虑使用其他的算法,例如:AES。我认为你谈到下面两个算法MD5-RSA和SHA1-DSA的时候,你知道他们是用于数字签名的。但是不要使用MD5,因为它有很多缺陷。很多年前大家就知道MD5中存在漏洞,不过直到今年夏天才破解出来。如果你想了解关于MD5的详细信息,那你可以看看我以前写的一篇文章。你可以将SHA1和RSA或DSA配合在一起使用。目前DSA的密钥位数高达1024位,这个密钥位数已经足够长了,因此不需要担心安全问题。然而,如果NIST实现了更长的密钥位数当然更好。X.509证书是一个数据结构,常用于规定比特和字节的顺序,它本身不是一个密码系统。它通常包含一个RSA密钥,也可能包含一个DSA密钥。但是X.509证书内部以及证书本身并不是加密技术。
关键字:加密,解密,密钥,算法505
[1] [2] [3] [4] [5] [6] [7] [8] 下一页