我看到哈希和加密算法之间有很多混淆,我想听到一些关于以下方面的专家建议:
什么时候使用哈希和加密 是什么让哈希或加密算法不同(从理论/数学层面) 例如,是什么使得哈希不可逆(没有彩虹树的帮助)
以下是一些类似的SO问题,但没有像我想要的那样详细:
混淆、哈希和加密之间的区别是什么? 加密和哈希的区别
我看到哈希和加密算法之间有很多混淆,我想听到一些关于以下方面的专家建议:
什么时候使用哈希和加密 是什么让哈希或加密算法不同(从理论/数学层面) 例如,是什么使得哈希不可逆(没有彩虹树的帮助)
以下是一些类似的SO问题,但没有像我想要的那样详细:
混淆、哈希和加密之间的区别是什么? 加密和哈希的区别
当前回答
我的两句台词……面试官一般想要以下答案。
哈希是一种方法。您不能将数据/字符串从哈希代码转换。
加密是两种方式-如果你有密钥,你可以再次解密加密的字符串。
其他回答
哈希和加密/解密技术的基本概述如下。
散列:
如果你再次哈希任何纯文本,你不能得到相同的纯文本 散列文本中的文本。简单地说,这是一个单向的过程。
加密和解密:
如果你加密任何纯文本与密钥再次你可以 通过使用相同(对称)/不同(不对称)密钥对加密文本进行解密来获得相同的纯文本。
更新: 解决编辑问题中提到的问题。
1. When to use hashes vs encryptions Hashing is useful if you want to send someone a file. But you are afraid that someone else might intercept the file and change it. So a way that the recipient can make sure that it is the right file is if you post the hash value publicly. That way the recipient can compute the hash value of the file received and check that it matches the hash value. Encryption is good if you say have a message to send to someone. You encrypt the message with a key and the recipient decrypts with the same (or maybe even a different) key to get back the original message. credits
2. 是什么使哈希或加密算法不同(从理论/数学层面),即什么使哈希不可逆 (没有彩虹树的帮助)
Basically hashing is an operation that loses information but not encryption. Let's look at the difference in simple mathematical way for our easy understanding, of course both have much more complicated mathematical operations with repetitions involved in it Encryption/Decryption (Reversible): Addition: 4 + 3 = 7 This can be reversed by taking the sum and subtracting one of the addends 7 - 3 = 4 Multiplication: 4 * 5 = 20 This can be reversed by taking the product and dividing by one of the factors 20 / 4 = 5 So, here we could assume one of the addends/factors is a decryption key and result(7,20) is an encrypted text. Hashing (Not Reversible): Modulo division: 22 % 7 = 1 This can not be reversed because there is no operation that you can do to the quotient and the dividend to reconstitute the divisor (or vice versa). Can you find an operation to fill in where the '?' is? 1 ? 7 = 22 1 ? 22 = 7 So hash functions have the same mathematical quality as modulo division and lose the information.
学分
加密和哈希算法的工作原理类似。在每种情况下,都需要在比特之间制造混乱和扩散。简而言之,混淆是在密钥和密文之间创建一个复杂的关系,扩散是在传播每个比特的信息。
许多哈希函数实际上使用加密算法(或加密算法的原语)。例如,SHA-3候选Skein使用threfish作为底层方法来处理每个块。不同之处在于,它们不是保留每个密文块,而是破坏性地、确定性地合并在一起,形成固定的长度
Cryptography deals with numbers and strings. Basically every digital thing in the entire universe are numbers. When I say numbers, its 0 & 1. You know what they are, binary. The images you see on screen, the music that you listen through your earphone, everything are binaries. But our ears and eyes will not understand binaries right? Only brain could understand that, and even if it could understand binaries, it can’t enjoy binaries. So we convert the binaries to human understandable formats such as mp3,jpg,etc. Let’s term the process as Encoding. It’s two way process and can be easily decoded back to its original form.
哈希
哈希是另一种加密技术,数据一旦转换为其他形式就永远无法恢复。用门外汉的话说,没有所谓去哈希的过程。有许多哈希函数来完成这项工作,如sha-512, md5等。
如果原始值不能恢复,那么我们在哪里使用它?密码!当你为你的手机或电脑设置密码时,你的密码哈希会被创建并存储在一个安全的地方。当您下次尝试登录时,输入的字符串再次使用相同的算法(哈希函数)进行散列,输出与存储的值匹配。如果相同,则登录。否则你就会被赶出去。
Credits: wikimedia By applying hash to the password, we can ensure that an attacker will never get our password even if he steal the stored password file. The attacker will have the hash of the password. He can probably find a list of most commonly used passwords and apply sha-512 to each of it and compare it with the value in his hand. It is called the dictionary attack. But how long would he do this? If your password is random enough, do you think this method of cracking would work? All the passwords in the databases of Facebook, Google and Amazon are hashed, or at least they are supposed to be hashed.
然后是加密
加密介于哈希和编码之间。编码是一个双向过程,不应该用来提供安全性。加密也是一个双向过程,但是当且仅当知道加密密钥时才能检索原始数据。如果您不知道加密是如何工作的,不要担心,我们将在这里讨论基础知识。这就足以理解SSL的基础知识了。因此,有两种类型的加密,即对称加密和非对称加密。
对称密钥加密
I am trying to keep things as simple as I could. So, let’s understand the symmetric encryption by means of a shift algorithm. This algorithm is used to encrypt alphabets by shifting the letters to either left or right. Let’s take a string CRYPTO and consider a number +3. Then, the encrypted format of CRYPTO will be FUBSWR. That means each letter is shifted to right by 3 places. Here, the word CRYPTO is called Plaintext, the output FUBSWR is called the Ciphertext, the value +3 is called the Encryption key (symmetric key) and the whole process is a cipher. This is one of the oldest and basic symmetric key encryption algorithm and its first usage was reported during the time of Julius Caesar. So, it was named after him and it is the famous Caesar Cipher. Anyone who knows the encryption key and can apply the reverse of Caesar’s algorithm and retrieve the original Plaintext. Hence it is called a Symmetric Encryption.
非对称密钥加密
We know that, in Symmetric encryption same key is used for both encryption and decryption. Once that key is stolen, all the data is gone. That’s a huge risk and we need more complex technique. In 1976, Whitfield Diffie and Martin Hellman first published the concept of Asymmetric encryption and the algorithm was known as Diffie–Hellman key exchange. Then in 1978, Ron Rivest, Adi Shamir and Leonard Adleman of MIT published the RSA algorithm. These can be considered as the foundation of Asymmetric cryptography.
As compared to Symmetric encryption, in Asymmetric encryption, there will be two keys instead of one. One is called the Public key, and the other one is the Private key. Theoretically, during initiation we can generate the Public-Private key pair to our machine. Private key should be kept in a safe place and it should never be shared with anyone. Public key, as the name indicates, can be shared with anyone who wish to send encrypted text to you. Now, those who have your public key can encrypt the secret data with it. If the key pair were generated using RSA algorithm, then they should use the same algorithm while encrypting the data. Usually the algorithm will be specified in the public key. The encrypted data can only be decrypted with the private key which is owned by you.
来源:SSL/TLS for dummies第1部分:加密套件,哈希,加密| WST (https://www.wst.space/ssl-part1-ciphersuite-hashing-encryption/)
我的两句台词……面试官一般想要以下答案。
哈希是一种方法。您不能将数据/字符串从哈希代码转换。
加密是两种方式-如果你有密钥,你可以再次解密加密的字符串。
EncryptionThe Purpose of encryption is to transform data in order to keep it secret E.g (Sending someone a secret text that they only should able to read,sending passwords through Internet). Instead of focusing the usability the goal is to ensure the data send can be sent secretly and it can only seen by the user whom you sent. It Encrypts the data into another format of transforming it into unique pattern it can be encrypt with the secret key and those users who having the secret key can able to see the message by reversible the process. E.g(AES,BLOWFISH,RSA) The encryption may simply look like this FhQp6U4N28GITVGjdt37hZN Hashing In technically we can say it as takes a arbitary input and produced a fixed length string. Most important thing in these is you can't go from the output to the input.It produces the strong output that the given information has not been modified. The process is to take a input and hash it and then send with the sender's private key once the receiver received they can validate it with sender's public key. If the hash is wrong and did't match with hash we can't see any of the information. E.g(MD5,SHA.....)