Symmetric encryption Symmetric encryption refers to an encryption algorithm that uses the same key for encryption and decryption. It requires the sender and receiver to agree on a key before secure communication. The security of symmetric algorithms depends on the key. Leaking the key means that anyone can decrypt the messages they send or receive, so the confidentiality of the key is crucial to communication.
Advantages and disadvantages of symmetric encryption algorithms: Advantages: open algorithm, small amount of calculation, fast encryption speed and high encryption efficiency. shortcoming:
Asymmetric encryption This type of encryption may be difficult to understand. This type of encryption refers to the ability to generate public and private keys. Any data encrypted by a public key cannot be decrypted by the public key itself, but requires a private key to decrypt it; any data encrypted by a private key cannot be decrypted by the private key, but requires a public key to decrypt it. In fact, there are many such algorithms. The most commonly used one is RSA. The mathematical principle it is based on is that the product of two large prime numbers is easy to calculate, but it is very complicated to use this product to calculate which two prime numbers are multiplied. If you are interested in the specific principle, you can study it yourself. Asymmetric encryption is more secure than symmetric encryption, but it also has two obvious disadvantages:
Therefore, public key encryption can only be used for key exchange or content signing at present, and is not suitable for encryption and decryption of content transmitted at the application layer. Detailed encryption process First, the server uses asymmetric encryption (RSA) to generate a public key and a private key. Then the public key is sent to the client. Someone may intercept the path, but it is useless because only the private key can decrypt the file encrypted with the public key, and the private key will never leave the server. When the public key reaches the client, the client will use symmetric encryption to generate a secret key and encrypt it with the public key to send it to the server. This secret key is the key used for communication in the future. In this way, when the server receives the secret key encrypted with the public key, it can use the private key to decrypt the public key to obtain the secret key. In this way, both the client and the server have obtained the secret key, and the information exchange is relatively safe. It sounds really safe, but in fact, there is a more serious attack that this method cannot prevent, which is the legendary "man-in-the-middle attack". During the identity authentication process, a "middleman" intercepts our information and intends to know your message. We call this middleman M. When the server sends the public key to the client for the first time, it passes through M. M knows that you want to exchange keys, so it deducts the public key, pretends to be the client, forges a pseudo-secret key (generated by symmetric encryption), and then encrypts the pseudo-secret key with the public key sent by the server and sends it back to the server. In this way, the server thinks that it has completed the key exchange with the client, but in fact the server has completed the key exchange with M (obtained the pseudo-secret key). At the same time, M pretends to be a server and generates a pseudo-public key and a pseudo-private key by asymmetric encryption, exchanges keys with the client, and obtains the secret key sent by the client. Now the client has the secret key, M has the secret key and the pseudo-secret key, and the server has the pseudo-secret key. |
<<: Aiti Tribe Stories (30): My Love-Hate Relationship with Python
>>: Have you encountered these pitfalls of being cheated by mini programs?
Bilibili , a video content community that started...
Short video editing and directing pilot course: c...
Summer is here, the temperature is high, and it’s...
Before solving a problem, do you want to understa...
Review expert: Yin Tielun, deputy chief physician...
"Air conditioning network and watermelon, Ha...
If there is any core ability that a product manag...
Last time we talked about how, when locking in th...
Gao Pengquan’s public account traffic main body m...
How to promote alcoholic products? An article wil...
In the past two years, the SAAS product market ha...
Produced by: Science Popularization China Author:...
Compared with Cordyceps sinensis to nourish the b...
2019 has passed by quickly, but it has left many ...