ASP.NET database password: detailed explanation of MD5 encryption algorithm

In the process of software development, the storage of key information such as user passwords will inevitably be involved. In most cases, the user's password is stored in the database. If you do not add any confidentiality measures and directly save it in plain text, it will easily cause the leakage of users' personal information, causing unpredictable losses to enterprises and users.

Currently, there are many commonly used password encryption storage algorithms, such as: MD5, 3DES, AES, SHA1wait.

Today we will mainly introduce the MD5 encryption algorithm.

What is the MD5 algorithm

MD5 is a single-key hashing algorithm used to generate digital signatures. It uses 512 bits Groups are used to process the input information, and each group is divided into 16 32-bit sub-groups. After a series of processing, the output of the algorithm is concatenated by four 32-bit groups to generate a 128-bit hash value.

Use ASP.NET to encrypt the password field value. The code is as follows:

using System.Security.Cryptograhoy;//引入MD5加密命名空间
public string GetMD5(string strPwd)
{
    //将要加密的字符串加上前缀与后缀后再加密
    string cl = DateTime.Now.Month + strPwd + DateTime.Now.Day;
    string pwd = "";
    //实例化一个MD5对象
    MD5 md5 = MD5.Create();
    //加密后是一个字节类型的数组，要注意编码UTF8/Unicode等的选择
    byte[] s = md5.ComputeHash(Encoding.UTF8.GetBytes(cl));
    //翻转生成的MD5码
    s.Reverse();
    //通过循环，将字节类型的数组转换为字符串
    //只取MD5码的一部分，这样恶意访问者无法知道取的是哪几位
    for(int i = 3;i < s.Length-1; i++)
    {
        //将得到的字符串使用十六进制类型格式化。格式化后的字符是小写的字母，如果使用大写（X），则格式化后的字符是大写字母
        //进一步对生成的MD5码做一些改造
        pwd = pwd + (s[i] < 198 ? s[i] + 28 : s[i]).ToString("X");
    }
    return pwd;
}

Note

If you simply use MD5 The hash value generated by the algorithm can be cracked. Therefore, in the actual development process, we need to use the MD5 algorithm combined with the salt algorithm to generate an encrypted string that cannot be cracked.

The above is the detailed content of ASP.NET database password: detailed explanation of MD5 encryption algorithm. For more information, please follow other related articles on the PHP Chinese website!