-
MD5 (Message-Digest Algorithm 5)
- 类型: 哈希算法(不可逆)
- 用途: 生成数据的固定长度摘要,用于数据完整性校验
- 安全性: 已被证明不够安全,容易遭受碰撞攻击(不同输入产生相同的输出)
- 应用场景: 数据校验,文件完整性检查,不推荐用于密码存储
-
SHA-256 (Secure Hash Algorithm 256-bit)
- 类型: 哈希算法(不可逆)
- 用途: 生成数据的固定长度摘要,具有较高的安全性
- 安全性: 比MD5更安全,但仍存在理论上的碰撞风险
- 应用场景: 数据完整性校验,数字签名,密码哈希
-
AES (Advanced Encryption Standard)
- 类型: 对称加密算法
- 用途: 加密和解密数据,使用同一个密钥
- 安全性: 非常安全,广泛应用于各种加密需求
- 应用场景: 数据加密存储,网络通信加密,文件加密
-
DES (Data Encryption Standard)
- 类型: 对称加密算法
- 用途: 加密和解密数据,使用同一个密钥
- 安全性: 已过时,密钥长度较短(56位),容易被暴力破解
- 应用场景: 过去用于数据加密,现在主要用于历史兼容性或教育目的
-
RSA (Rivest-Shamir-Adleman)
- 类型: 非对称加密算法
- 用途: 使用公钥加密,私钥解密,支持数字签名
- 安全性: 非常安全,但计算复杂度较高,适用于小数据块
- 应用场景: 密钥交换,数字签名,安全邮件,SSL/TLS
-
BCrypt
- 类型: 基于Blowfish加密算法的密码哈希函数
- 用途: 保护密码,具有可调节的复杂度因子(cost factor)
- 安全性: 非常安全,设计用于防止彩虹表攻击和暴力破解
- 应用场景: 密码存储
总结
- 哈希算法 (MD5, SHA-256): 主要用于数据完整性校验,SHA-256比MD5更安全。
- 对称加密算法 (AES, DES): 适用于加密和解密数据,AES更安全且广泛使用,DES已过时。
- 非对称加密算法 (RSA): 适用于密钥交换和数字签名,安全但计算复杂度高。
- 密码哈希算法 (BCrypt): 专门设计用于密码存储,具有高安全性。
适用范围
- 密码存储: BCrypt
- 数据加密: AES
- 数据完整性校验: SHA-256
- 密钥交换和数字签名: RSA
根据具体需求选择合适的加密方式,如对密码存储使用BCrypt,对数据加密使用AES,进行数据完整性校验使用SHA-256,不同的加密方式在其使用目的、算法复杂度、安全性和应用场景上有所区别
使用java.security包中的MessageDigest进行MD5加密
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class MD5Util {
public static String md5(String input) {
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] messageDigest = md.digest(input.getBytes());
StringBuilder sb = new StringBuilder();
for (byte b : messageDigest) {
sb.append(String.format("%02x", b));
}
return sb.toString();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
String original = "password";
String hashed = md5(original);
System.out.println("Original: " + original);
System.out.println("MD5 Hashed: " + hashed);
}
}
使用javax.crypto包进行AES加密
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
public class AESUtil {
private static final String ALGORITHM = "AES";
public static String encrypt(String data, String key) throws Exception {
SecretKeySpec secretKey = new SecretKeySpec(key.getBytes(), ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] encrypted = cipher.doFinal(data.getBytes());
return Base64.getEncoder().encodeToString(encrypted);
}
public static String decrypt(String encryptedData, String key) throws Exception {
SecretKeySpec secretKey = new SecretKeySpec(key.getBytes(), ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] decoded = Base64.getDecoder().decode(encryptedData);
byte[] original = cipher.doFinal(decoded);
return new String(original);
}
public static void main(String[] args) {
try {
String key = "1234567890123456"; // 16-byte key
String original = "password";
String encrypted = encrypt(original, key);
String decrypted = decrypt(encrypted, key);
System.out.println("Original: " + original);
System.out.println("Encrypted: " + encrypted);
System.out.println("Decrypted: " + decrypted);
} catch (Exception e) {
e.printStackTrace();
}
}
}
使用BCrypt进行密码加密
import org.mindrot.jbcrypt.BCrypt;
public class BCryptUtil {
public static String hashPassword(String password) {
return BCrypt.hashpw(password, BCrypt.gensalt());
}
public static boolean checkPassword(String password, String hashed) {
return BCrypt.checkpw(password, hashed);
}
public static void main(String[] args) {
String original = "password";
String hashed = hashPassword(original);
System.out.println("Original: " + original);
System.out.println("BCrypt Hashed: " + hashed);
System.out.println("Password matches: " + checkPassword(original, hashed));
}
}
使用javax.crypto包进行RSA加密
import javax.crypto.Cipher;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Base64;
public class RSAUtil {
private static final String ALGORITHM = "RSA";
public static KeyPair generateKeyPair() throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(ALGORITHM);
keyGen.initialize(2048);
return keyGen.generateKeyPair();
}
public static String encrypt(String data, PublicKey publicKey) throws Exception {
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] encrypted = cipher.doFinal(data.getBytes());
return Base64.getEncoder().encodeToString(encrypted);
}
public static String decrypt(String encryptedData, PrivateKey privateKey) throws Exception {
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decoded = Base64.getDecoder().decode(encryptedData);
byte[] original = cipher.doFinal(decoded);
return new String(original);
}
public static void main(String[] args) {
try {
KeyPair keyPair = generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
String original = "password";
String encrypted = encrypt(original, publicKey);
String decrypted = decrypt(encrypted, privateKey);
System.out.println("Original: " + original);
System.out.println("Encrypted: " + encrypted);
System.out.println("Decrypted: " + decrypted);
} catch (Exception e) {
e.printStackTrace();
}
}
}
使用java.security包中的MessageDigest进行SHA-256加密
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class SHA256Util {
public static String sha256(String input) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] encodedhash = digest.digest(input.getBytes());
StringBuilder sb = new StringBuilder();
for (byte b : encodedhash) {
sb.append(String.format("%02x", b));
}
return sb.toString();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
String original = "password";
String hashed = sha256(original);
System.out.println("Original: " + original);
System.out.println("SHA-256 Hashed: " + hashed);
}
}
使用javax.crypto包进行DES加密
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
public class DESUtil {
private static final String ALGORITHM = "DES";
public static String encrypt(String data, SecretKey key) throws Exception {
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encrypted = cipher.doFinal(data.getBytes());
return Base64.getEncoder().encodeToString(encrypted);
}
public static String decrypt(String encryptedData, SecretKey key) throws Exception {
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decoded = Base64.getDecoder().decode(encryptedData);
byte[] original = cipher.doFinal(decoded);
return new String(original);
}
public static SecretKey generateKey() throws Exception {
KeyGenerator keyGen = KeyGenerator.getInstance(ALGORITHM);
keyGen.init(56); // DES requires a key size of 56 bits
return keyGen.generateKey();
}
public static void main(String[] args) {
try {
SecretKey key = generateKey();
String original = "password";
String encrypted = encrypt(original, key);
String decrypted = decrypt(encrypted, key);
System.out.println("Original: " + original);
System.out.println("Encrypted: " + encrypted);
System.out.println("Decrypted: " + decrypted);
} catch (Exception e) {
e.printStackTrace();
}
}
}
扫一扫
1655
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
