其他
256位加密方法是安全的吗?
导读:问题来了,256加密技术还安全吗?且看本文。
SSL安全性与两个节点上的数据是否加密有关。由于SSL执行加密,在互联网上的连接可以实现安全传输。
安全为什么如此必要
现在,我列出几个示例,这些示例可以证明日常传输和交易中加入安全加密的必要性。
1、你不想成为网络钓鱼的受害者
2、确保用户的真实性
3、可以保护敏感信息免遭欺诈
什么是加密
现在,我们来试想一个被装满不同字母的盒子。我们把字母打乱,那么盒子内容将不可读。
加密原理遵循同样的原理。
一般将纯文本或者可读型文本加入干扰,变成不可读的文本或字符,也称为密文。密文只能使用密码密钥破解,可以是私钥或公钥。
私钥仅允许目的收件人将代码破解还原为可读形式。另一侧,公钥是供所有人使用的。对所有人来讲,这已经不是什么大秘密。
加密算法
使用数学算法将纯文本转换为只能密钥解密的字母或符号。
比如一个生物学家,可以尝试将昆虫学和密钥关联。
目前加密算法如以下几种:
1) Two fish
2) Blowfish
3) AES or DES
以及更多内容。
加密类型
加密分为对称加密和不对称加密。我们分别来理解这两个术语。
1)对称加密
对称加密即服务器和客户端都使用相同的密钥来解密信息。如下加密类:
package eds;import java.math.BigInteger;import java.security.InvalidKeyException;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import java.util.Base64;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey;import javax.crypto.spec.SecretKeySpec;public class EncDecSymmetric { Symmetric encryption algorithms supported - AES, RC4, DES protected static String DEFAULT_ENCRYPTION_ALGORITHM = "AES"; protected static int DEFAULT_ENCRYPTION_KEY_LENGTH = 256; protected SecretKey mSecretKey; protected String mEncryptionAlgorithm, mKeyEncryptionAlgorithm, mTransformation; protected int mEncryptionKeyLength, mKeyEncryptionKeyLength; protected PublicKey mPublicKey; protected PrivateKey mPrivateKey; EncDecSymmetric() { mSecretKey = null; mEncryptionAlgorithm = EncDecSymmetric.DEFAULT_ENCRYPTION_ALGORITHM; mEncryptionKeyLength = EncDecSymmetric.DEFAULT_ENCRYPTION_KEY_LENGTH; } public static BigInteger keyToNumber(byte[] byteArray) { return new BigInteger(1, byteArray); } public SecretKey getSecretKey() { return mSecretKey; } public byte[] getSecretKeyAsByteArray() { return mSecretKey.getEncoded(); } public String getEncodedPublicKey() { String encodedKey = Base64.getEncoder().encodeToString(mPublicKey.getEncoded()); return encodedKey; } get base64 encoded version of the key public String getEncodedSecretKey() { String encodedKey = Base64.getEncoder().encodeToString(mSecretKey.getEncoded()); return encodedKey; } public void generateSymmetricKey() { KeyGenerator generator; try { generator = KeyGenerator.getInstance(mEncryptionAlgorithm); generator.init(mEncryptionKeyLength); mSecretKey = generator.generateKey(); } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } } public byte[] encryptText(String textToEncrypt) { byte[] byteCipherText = null; try { Cipher encCipher = Cipher.getInstance(mEncryptionAlgorithm); encCipher.init(Cipher.ENCRYPT_MODE, mSecretKey); byteCipherText = encCipher.doFinal(textToEncrypt.getBytes()); } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } catch(NoSuchPaddingException e) { e.printStackTrace(); } catch(InvalidKeyException e) { e.printStackTrace(); } catch(IllegalBlockSizeException e) { e.printStackTrace(); } catch(BadPaddingException e) { e.printStackTrace(); } return byteCipherText; } public String decryptText(byte[] decryptedKey, byte[] encryptedText) { String decryptedPlainText = null; try { SecretKey originalKey = new SecretKeySpec(decryptedKey, 0, decryptedKey.length, mEncryptionAlgorithm); Cipher aesCipher2 = Cipher.getInstance(mEncryptionAlgorithm); aesCipher2.init(Cipher.DECRYPT_MODE, originalKey); byte[] bytePlainText = aesCipher2.doFinal(encryptedText); decryptedPlainText = new String(bytePlainText); } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } catch(NoSuchPaddingException e) { e.printStackTrace(); } catch(InvalidKeyException e) { e.printStackTrace(); } catch(IllegalBlockSizeException e) { e.printStackTrace(); } catch(BadPaddingException e) { e.printStackTrace(); } return decryptedPlainText; }}使用上述类的方法:
package eds;import javax.crypto.SecretKey;public class Main { public static void main(String[] args) { EncDecSymmetric sed = new EncDecSymmetric(); sed.generateSymmetricKey(); byte[] secretKeyByteArray = sed.getSecretKeyAsByteArray(); System.out.println("secret key: '" + EncDecSymmetric.keyToNumber(secretKeyByteArray).toString() + "'"); String plainText = "Hello World, Symmetric Encryption style"; System.out.println("plainText: '" + plainText + "'"); byte[] encryptedText = sed.encryptText(plainText); System.out.println("encrypted text: '" + EncDecSymmetric.keyToNumber(encryptedText).toString() + "'"); String decryptedText = sed.decryptText(secretKeyByteArray, encryptedText); System.out.println("decrypted text: '" + decryptedText + "'"); }}使用对称加密时,保管加密密钥是最大的挑战。如果加密消息需要大量人员或应用程序处理,则需要与每个人/应用程序共享相同的密钥,这增加了密钥被泄露的风险。
因此它与另一个加密方式:非对称加密方法相比,这种类型加密会被认为安全性更差一些。
2)非对称加密
此为TLS/SSL系统使用的加密技术。它被认为是最安全的加密形式,通常使用两个不同的密钥,即公有密钥和专有密钥。
公钥/私钥加密简称PKE,克服了对称加密的缺点。
在PKE方法中,加密和解密中使用了两个密钥,一个用来加密,一个用来解密。同一个密钥不能同时用于加解密,因此被称为非对称加密。
在PKE方法中,比如老王和老马在希望交换消息时,两边都会生成各自的私钥和公钥对。私钥各自不会公开,而公钥则与所有人共享。当老王希望向老马发送消息,他使用老马的公钥对消息进行加密,并将加密的消息发送给老马。老马收到消息后,使用自己的私钥对消息进行解密,还原完成原始消息。
PKE方法的好处在于,任何人都可以通过公钥发送消息,然后使用私钥对消息进行解密。只要私钥不被破坏,别人无法轻易解密消息。
以下是使用PKE方法的Java代码:
package edpkpk;import java.math.BigInteger;import java.security.InvalidKeyException;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import java.util.Base64;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.NoSuchPaddingException;public class EncDecPublicKeyPrivateKey{// key encryption algorithms supported - RSA, Diffie-Hellman, DSA// key pair generator - RSA: keyword - RSA, key size: 1024, 2048// key pair generator - Diffie-Hellman: keyword i DiffieHellman, key size - 1024// key pair generator - DSA: keyword - DSA, key size: 1024// NOTE: using asymmetric algorithms other than RSA needs to be worked out protected static String DEFAULT_ENCRYPTION_ALGORITHM = "RSA";protected static int DEFAULT_ENCRYPTION_KEY_LENGTH = 1024;protected static String DEFAULT_TRANSFORMATION = "RSA/ECB/PKCS1Padding";protected String mEncryptionAlgorithm, mTransformation;protected int mEncryptionKeyLength;protected PublicKey mPublicKey;protected PrivateKey mPrivateKey;EncDecPublicKeyPrivateKey(){mEncryptionAlgorithm = EncDecPublicKeyPrivateKey.DEFAULT_ENCRYPTION_ALGORITHM;mEncryptionKeyLength = EncDecPublicKeyPrivateKey.DEFAULT_ENCRYPTION_KEY_LENGTH;mTransformation = EncDecPublicKeyPrivateKey.DEFAULT_TRANSFORMATION;mPublicKey = null;mPrivateKey = null;}public static BigInteger keyToNumber(byte[] byteArray){return new BigInteger(1, byteArray);}public String getEncryptionAlgorithm(){return mEncryptionAlgorithm;}public int getEncryptionKeyLength(){return mEncryptionKeyLength;}public String getTransformation(){return mTransformation;}public PublicKey getPublicKey(){return mPublicKey;}public byte[] getPublicKeyAsByteArray(){return mPublicKey.getEncoded();}public String getEncodedPublicKey(){String encodedKey = Base64.getEncoder().encodeToString(mPublicKey.getEncoded());return encodedKey;}public PrivateKey getPrivateKey(){return mPrivateKey;}public byte[] getPrivateKeyAsByteArray(){return mPrivateKey.getEncoded();}public String getEncodedPrivateKey(){String encodedKey = Base64.getEncoder().encodeToString(mPrivateKey.getEncoded());return encodedKey;}public byte[] encryptText(String text){byte[] encryptedText = null;try {KeyPairGenerator kpg = KeyPairGenerator.getInstance(mEncryptionAlgorithm);kpg.initialize(mEncryptionKeyLength);KeyPair keyPair = kpg.generateKeyPair();mPublicKey = keyPair.getPublic();mPrivateKey = keyPair.getPrivate();Cipher cipher = Cipher.getInstance(mTransformation);cipher.init(Cipher.PUBLIC_KEY, mPublicKey);encryptedText = cipher.doFinal(text.getBytes());} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (NoSuchPaddingException e) {e.printStackTrace();} catch (InvalidKeyException e) {e.printStackTrace();} catch (IllegalBlockSizeException e) {e.printStackTrace();} catch (BadPaddingException e) {e.printStackTrace();}return encryptedText;}public byte[] decryptText(byte[] encryptedText){byte[] decryptedText = null;try {Cipher cipher = Cipher.getInstance(mTransformation);cipher.init(Cipher.PRIVATE_KEY, mPrivateKey);decryptedText = cipher.doFinal(encryptedText);} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (NoSuchPaddingException e) {e.printStackTrace();} catch (InvalidKeyException e) {e.printStackTrace();} catch (IllegalBlockSizeException e) {e.printStackTrace();} catch (BadPaddingException e) {e.printStackTrace();}return decryptedText;}}调用此代码的主函数如下:
package edpkpk;public class Main{public static void encryptDecrypt(String plainText){EncDecPublicKeyPrivateKey edpkpk = new EncDecPublicKeyPrivateKey();//byte[] secretKeyByteArray = sed.getSecretKeyAsByteArray();//System.out.println("secret key: '" + EncryptDecryptPublicKeyPrivateKey.keyToNumber(secretKeyByteArray).toString() + "'" );System.out.println("plainText: '" + plainText + "'");System.out.println("plainText size: '" + plainText.length() + "'");System.out.println("encryption key length: '" + edpkpk.getEncryptionKeyLength() + "'");System.out.println("encryption algorithm: '" + edpkpk.getEncryptionAlgorithm() + "'");System.out.println("encryption transform: '" + edpkpk.getTransformation() + "'");byte[] encryptedText = edpkpk.encryptText(plainText);System.out.println("encrypted text: '" + EncDecPublicKeyPrivateKey.keyToNumber(encryptedText).toString() + "'" );System.out.println("encrypted text length: '" + EncDecPublicKeyPrivateKey.keyToNumber(encryptedText).toString().length() + "'" );System.out.println("public key: '" + EncDecPublicKeyPrivateKey.keyToNumber(edpkpk.getPublicKeyAsByteArray()).toString() + "'" );System.out.println("public key length: '" + EncDecPublicKeyPrivateKey.keyToNumber(edpkpk.getPublicKeyAsByteArray()).toString().length() + "'" );System.out.println("private key: '" + EncDecPublicKeyPrivateKey.keyToNumber(edpkpk.getPrivateKeyAsByteArray()).toString() + "'" );System.out.println("private key length: '" + EncDecPublicKeyPrivateKey.keyToNumber(edpkpk.getPrivateKeyAsByteArray()).toString().length() + "'" );String decryptedText = new String(edpkpk.decryptText(encryptedText));System.out.println("decrypted text: '" + decryptedText + "'" );System.out.println("decrypted text length: '" + decryptedText.length() + "'");}public static void main(String[] args){String plainText1 = "Hello World, Public Key / Private Key style";Main.encryptDecrypt(plainText1);//System.out.println("----------------------------------------------------------------");//String plainText2 = "Hello World, Public Key / Private Key style with a very loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooog piece of text";//Main.encryptDecrypt(plainText2);}}
PKU方法加密安全可靠,但是也有局限性,第一就是加密速度慢,第二必须使用块的形式加密,每个块的长度要小于密钥的长度。例如,使用密钥长度为1024的RSA算法,那么可加密的块最大长度为117个字符(块的长度=(密钥长度/64)-11)
破解此密文可能是一项艰巨的任务,需要花费数年时间甚至更长。
256位加密算法
通过以上内容,我们已经了解了加密的功能和重要性。
现在,请让我们共同进入256位加密系统。
这是当今最安全的加密方法,它使用256位密钥来加密和解密数据。
这里的数字术语描述了用于加密的密钥长度。
256位长度表示将加密组织提升到256的幂。这个数字几乎无法换算,这种类型的密钥有十几亿种组合,实际上是不可能被破解的。
即使用我们使用超级计算机,尝试和测试每种组合也需要数个光年。
因此,使用256位加密数据,数据安全性如何?
答案已经不言而喻。256位加密是一种安全的加密系统,目前已经广泛应用在政府、银行、电商等机构来支持交易。
可以确定,256位加密方式足够可靠并安全。
作者:恒一
说明:21CTO社区。
相关阅读