Detailed explanation of the classification and summary of Java encryption and decryption technology

This article mainly introduces the relevant information summarized by the basic classification methods of Java encryption and decryption. Friends in need can refer to the following

Java Basics of Encryption and Decryption:

Cryptography is the technical science that studies the preparation and deciphering of codes. The study of the objective laws of password changes, which is applied to compiling codes to keep communication secrets, is called cryptography; the application to deciphering codes to obtain communication intelligence is called deciphering, and is generally called cryptography.

Commonly used terms in cryptography

Plaintext: Data to be encrypted.

Ciphertext: The plain text is encrypted data.

Encryption: The process of converting plain text into cipher text.

Encryption algorithm: A conversion algorithm that converts plaintext into ciphertext.

Encryption key: The key used to perform encryption operations through the encryption algorithm.

Decryption: The process of converting ciphertext into inscription.

Decryption algorithm: A conversion algorithm that converts ciphertext into plaintext.

Decryption Key: The key for decryption operations by decrypting short hair.

Cryptozoology classification

1. By time

a.Classical Password: Use characters as the basic encryption unit.

b. Modern cryptography: Information block is the basic encryption unit.

2Divided by algorithm of confidential content

a. Restricted algorithm: The confidentiality of the algorithm is based on keeping the algorithm secret.

b. Key-based algorithm: The confidentiality of the algorithm is based on the confidentiality of the key.

3. Divided by key system

a. Symmetric cryptosystem: also called single key or private key cryptosystem, the encryption process is the same as The decryption process uses the same set of keys. The corresponding algorithm is a symmetric encryption algorithm, such as DES and AES.

b. Asymmetric cryptosystem: also called dual-key or public-key cryptosystem, the encryption process and the decryption process use different keys. The corresponding algorithm is an asymmetric encryption algorithm, such as RSA.

4. Divide according to plaintext processing method

a. Stream cipher: Also known as sequence cipher, it encrypts one bit at a time or One byte of plaintext. For example, the RC4 algorithm.

b.Group Password: When encrypting, divide the plaintext into fixed-length groups, and use the same key and algorithm to encrypt and output each group. It is also a fixed-length plaintext. When the last group size does not meet the specified group size,

has two processing modes:

No filling mode, directly process the remaining The data is encrypted, and the encrypted size of this group is related to the remaining data;

has a filling mode, and data is filled for groups that do not meet the specified length; if the last group of data happens to be the same size as the specified group, Then directly add a group with the specified

size; the last byte of padding records the number of padding bytes.

Block cipher working modeIntroduction

##1. Electronic code book model--ECB

Encrypt each group of plaintext independently using the same key. When encrypted in this way, the encryption of each group is performed independently without interfering with each other, so it can be performed in parallel. Also because each group is encrypted independently, the same plaintext group will have the same ciphertext after encryption. This mode easily exposes the statistical regularity and structural characteristics of plaintext grouping. Does not protect against substitution attacks.

In fact, according to the implementation, the process of ECB is just a process of grouping plaintext, then encrypting them separately, and finally stringing them together. This mode is not recommended when the message length exceeds one packet. Adding random bits to each group (such as 96 bits of valid plaintext and 32 bits of random numbers in a 128-bit group) can slightly improve its security, but this will undoubtedly cause the data to be compromised during the encryption process. expansion.

Advantages:

1. Simple;

2. Conducive to parallel computing;

3. Errors will not be transmitted;

Disadvantages:

1. Unable to hide plaintext mode;

2. Possible active attack on plain text;

2. Cipher group link mode--CBC

requires one Initialization vector IV, the first set of plaintext is XORed with the initialization vector and then encrypted. Each subsequent set of plaintext is XORed with the ciphertext of the previous set before being encrypted. The IV does not need to be kept secret, it can be transmitted in clear text along with the cipher text.

Advantages:

1. It is not easy to attack actively, and the security is better than ECB. It is suitable for transmitting long messages, which is SSL, IPSec standards.

Disadvantages:

1. Not conducive to parallel computing;

2. Error propagation;

3. Initialization vector IV required

3. Ciphertext feedback mode--CFB

An initialization vector IV is required. After encryption, XOR operation is performed with the first group of plaintext to generate the first group of ciphertext. Then, the first group of ciphertext is encrypted and then XOR operation is performed with the second group of plaintext to wrap the second group. Group ciphertext, and so on, until the encryption is completed.

Advantages:

1. Hide plaintext mode;

2. Convert block cipher to stream mode ;

3. Can encrypt and transmit data smaller than the packet in time;

Disadvantages:

1. No Conducive to parallel computing;

2. Error transmission: damage to one plaintext unit affects multiple units;

3. Unique IV;

4. Output feedback mode--OFB

requires an initialization vector IV. After encryption, the first encrypted data is obtained. This encrypted data is differentiated from the first group plaintext. The OR operation generates the first set of ciphertext, and then the first encrypted data is encrypted for the second time to obtain the second encrypted data. The second encrypted data is then XORed with the second set of plaintext to generate the second set of ciphertext. , and so on until the encryption is completed.

Advantages:

1. Hide plaintext mode;

2. Convert block cipher to stream mode ;

3. Can encrypt and transmit data smaller than the packet in time;

Disadvantages:

1. No Conducive to parallel computing;

2. Active attacks on plaintext are possible;

3. Error transmission: damage to one plaintext unit affects multiple units;

5. Counter mode--CTR

Use a counter. The initial value of the counter is encrypted and XORed with the first set of plaintext to generate the first set of ciphers. Text, the
counter increases, and then, after encryption, the XOR operation is performed with the next set of plaintext to generate the next set of ciphertext, and so on, until the encryption is completed

Advantages:

1. Can be calculated in parallel;

2. Security is at least as good as CBC mode;

3. Encryption and The solution only involves the encryption of cryptographic algorithms;

Disadvantages:

1. There is no error propagation and it is difficult to ensure data integrity;

Introduction to block cipher padding method

PKCS5: paddingString consists of a byte sequence with a value of 5, each word Section padding is the length of this byte sequence. The size of the Block is clearly defined to be 8 bits

PKCS7: The padding string consists of a byte sequence with a value of 7, each byte padding the length of the byte sequence. The size of the block is undefined and can be between 1-255

ISO10126: The padding string consists of a byte sequence, the last byte of this byte sequence is the padding byte sequence length, and the remaining bytes are filled with random data.

【Related Recommendations】

1. Special Recommendation: "php Programmer Toolbox" V0.1 version download

2. Java free video tutorial

3. Comprehensive analysis of Java annotations

The above is the detailed content of Detailed explanation of the classification and summary of Java encryption and decryption technology. For more information, please follow other related articles on the PHP Chinese website!