Home >Java >javaTutorial >Share a Java encryption and decryption basic classification and model summary
This article mainly introduces the relevant information summarized by the basic classification methods of Java encryption and decryption. Friends in need can refer to the following
Java Basics of Encryption and Decryption:
Cryptography is the technical science that studies the preparation and deciphering of codes. The study of the objective laws of password changes, which is applied to compiling codes to keep communication secrets, is called cryptography; the application to deciphering codes to obtain communication intelligence is called deciphering, and is generally called cryptography.
Commonly used terms in cryptography
Plaintext: Data to be encrypted.
Ciphertext: The plain text is encrypted data.
Encryption: The process of converting plain text into cipher text.
Encryption algorithm: A conversion algorithm that converts plaintext into ciphertext.
Encryption key: The key used to perform encryption operations through the encryption algorithm.
Decryption: The process of converting ciphertext into inscription.
Decryption algorithm: A conversion algorithm that converts ciphertext into plaintext.
Decryption Key: The key for decryption operations by decrypting short hair.
Cryptozoology classification
1. By time
a.Classical Password: Use characters as the basic encryption unit.
b. Modern cryptography: Information block is the basic encryption unit.
2Divided by algorithm of confidential content
a. Restricted algorithm: The confidentiality of the algorithm is based on keeping the algorithm secret.
b. Key-based algorithm: The confidentiality of the algorithm is based on the confidentiality of the key.
3. Divided by key system
a. Symmetric cryptosystem: also called single key or private key cryptosystem, the encryption process is the same as The decryption process uses the same set of keys. The corresponding algorithm is a symmetric encryption algorithm, such as DES and AES.
b. Asymmetric cryptosystem: also called dual-key or public-key cryptosystem, the encryption process and the decryption process use different keys. The corresponding algorithm is an asymmetric encryption algorithm, such as RSA.
4. Divide according to plaintext processing method
a. Stream cipher: Also known as sequence cipher, it encrypts one bit at a time or One byte of plaintext. For example, the RC4 algorithm.
b. Block cipher: When encrypting, the plaintext is divided into fixed-length groups, and the same key and algorithm are used to encrypt each group and the output is also fixed-length plaintext. When the last group size does not meet the specified group size,
has two processing modes:
No filling mode, directly process the remaining The data is encrypted, and the encrypted size of this group is related to the remaining data;
has a filling mode, and data is filled for groups that do not meet the specified length; if the last group of data happens to be the same size as the specified group, Then directly add a group with the specified
size; the last byte of padding records the number of padding bytes.
Introduction to block cipher working mode
1. Electronic cipher book model--ECB
Encrypt each group of plaintext independently using the same key. When encrypted in this way, the encryption of each group is performed independently without interfering with each other, so it can be performed in parallel. Also because each group is encrypted independently, the same plaintext group will have the same ciphertext after encryption. This mode easily exposes the statistical regularity and structural characteristics of plaintext grouping. Does not protect against substitution attacks.
In fact, according to the implementation, the process of ECB is just a process of grouping plaintext, then encrypting them separately, and finally stringing them together. This mode is not recommended when the message length exceeds one packet. Adding random bits to each group (such as 96 bits of valid plaintext and 32 bits of random numbers in a 128-bit group) can slightly improve its security, but this will undoubtedly cause the expansion of data during the encryption process.
Advantages:
1. Simple;
2. Conducive to parallel computing;
3. Errors will not be transmitted;
Disadvantages:
1. Unable to hide plaintext mode;
2. Possible active attack on plain text;
2. Cipher group link mode--CBC
requires one Initialization vector IV, the first set of plaintext is XORed with the initialization vector and then encrypted. Each subsequent set of plaintext is XORed with the ciphertext of the previous set before being encrypted. The IV does not need to be kept secret, it can be transmitted in clear text along with the cipher text.
Advantages:
1. It is not easy to attack actively, and the security is better than ECB. It is suitable for transmitting long messages, which is SSL, IPSec standards.
Disadvantages:
1. Not conducive to parallel computing;
2. Error propagation;
3. Requires an initialization vector IV
3. Ciphertext feedback mode--CFB
Requires an initialization vector IV , after encryption, perform an XOR operation with the first grouped plaintext to generate the first group of ciphertext, then encrypt the first group of ciphertext, and then perform an XOR operation with the second group of plaintext to wrap the second group of ciphertext, and so on, until Encryption completed.
Advantages:
1. Hide plaintext mode;
2. Convert block cipher to stream mode ;
3. Can encrypt and transmit data smaller than the packet in time;
Disadvantages:
1. Not conducive to parallel computing;
2. Error transmission: one plaintext unit is damaged and affects multiple units;
3. Unique IV;
4. Output Feedback mode--OFB
requires an initialization vector IV. After encryption, the first encrypted data is obtained. This encrypted data is XORed with the first group plaintext to generate the first group of ciphers. text, and then encrypt the first encrypted data for the second time to obtain the second encrypted data. The second encrypted data is then XORed with the second set of plain text to generate the second set of cipher text, and so on until the encryption is completed. .
Advantages:
1. Hide plaintext mode;
2. Convert block cipher to stream mode ;
3. Can encrypt and transmit data smaller than the packet in time;
Disadvantages:
1. No Conducive to parallel computing;
2. Active attacks on plaintext are possible;
3. Error transmission: damage to one plaintext unit affects multiple units;
5. Counter mode--CTR
#Use a counter. After the initial value of the counter is encrypted, it is XORed with the first set of plaintext to generate the first set of ciphers. Text, the
counter is incremented, and then, after encryption, it is XORed with the next set of plaintext to generate the next set of ciphertext, and so on, until the encryption is completed
Advantages:
1. Can be calculated in parallel;
2. Security is at least as good as CBC mode;
3. Encryption and The solution only involves the encryption of cryptographic algorithms;
Disadvantages:
1. There is no error propagation and it is difficult to ensure data integrity;
Introduction to block cipher padding method
PKCS5: The padding string consists of a byte sequence with a value of 5, and each byte is filled with the byte sequence length. The size of the Block is clearly defined to be 8 bits
PKCS7: The padding string consists of a byte sequence with a value of 7, each byte padding the length of the byte sequence. The size of the block is undefined and can be between 1-255
ISO10126: The padding string consists of a byte sequence, the last byte of this byte sequence is the padding byte sequence length, and the remaining bytes are filled with random data.
Hope this article will be helpful to you
The above is the detailed content of Share a Java encryption and decryption basic classification and model summary. For more information, please follow other related articles on the PHP Chinese website!