During the development process, not avoid it comes to data encryption, such as encryption, encrypt sensitive user data to the user's account password, the type of encryption algorithm related to the variety, as a developer time ism limited energy, which can be clearly mainstream encryption algorithm and uses, would have been sufficient.
Major data encryption algorithms are mainly: md5, sha, aes, des, rsa, base64 and so on.
Let's look at our old acquaintance: md5 algorithm, almost any system, and ultimately his presence. MD5 algorithm full name Message Digest Algorithm 5 (Message Digest algorithm 5), a digital digest algorithm is implemented, a summary is 128 bits. Because of the complexity and irreversibility of its algorithm, mainly used to ensure the integrity and consistency of information transmission. He also has an early "less disappointing" generations MD2, MD3, MD4 (early generations is not enough due to the complexity is cracked). It is precisely because there are so characteristic of the MD5 algorithm, widely used in the industry, the mainstream programming languages comes with the realization MD5.
The most common user password many systems have adopted the MD5 algorithm for encryption. But the inevitable big tree attracts the wind, just like the windows wide system applications, they received security challenges, MD5 is no exception. Degree of your mother what you will find, there are many sites provide MD5 crack, and some even need to crack the service provided free of charge.
But do not worry, there can crack MD5 and restore the original data, the success rate is very low (of course, such as 123456 original mentally handicapped, do not mention, the other degrees can break your mother try on their own). It should be mentioned that the main idea of the current crack the MD5 algorithm, in fact, only a core that is violent collision (Others include improved two kinds dictionary method, the rainbow table method is violent collision law, the same principle), saying that white is to use metamorphosis known that various combinations of characters, the generated many ciphertext corresponding to the original library, in accordance with the ciphertext and the reverse, find the corresponding plaintext.
For example, your plaintext data is abcd1234 (of course, which should not be so simple, just an example here), encrypted ciphertext is e19d5cd5af0378da05f63f891c7467af out, so do not ill-wishers who will use the ciphertext e19d5cd5af0378da05f63f891c7467af to provide this service there or crack tools , this query has no corresponding plaintext ciphertext, if so, on behalf of the successful break, and then he took the "crack" get plaintext login to your account, with predictable results.
Successfully entered your territory, but the success is not perfect. Because md5 irreversibility, most account login process, can only take the original text entered by the user into the MD5 encryption cipher text to talk to the database ciphertext comparison, the same identification code is correct.
But this is also slip through the net, because when it comes to even break out results are not above abcd1234 but xxxxx, xxxx may also be used successfully log system.
Because although MD5 is not reversible, but it is not unique. Here the so-called crack, not to restore the original summary. why? Because the fixed 128-bit digest (i.e. encrypted ciphertext) is finite, and the number of the original is infinite, each summary can be obtained by several original Hash through. Stated another person saying that different original get the same ciphertext may be encrypted. So take the ciphertext guess the original will get multiple results, a simple comparison ciphertext, it will be considered to be consistent. In turn, it is the same reason. Not necessarily to restore them to get the plaintext to do other operations, not necessarily successful.
To summarize, MD5 encryption algorithm to crack the reason why the probability of success is very low, mainly due to the following points:
1) rely on the Solutions violent collision, means that as many combinations of all the characters, forming massive pair library for by plaintext ciphertext reverse lookup, but tens of thousands of types of characters, all combined, the possibility of more than the total number of cells in the earth, it is estimated now that all the hard drive space together are kept high, the high cost of, and may want know.
2) the current can break belong guessed have been combined, and are generally shorter length, or a combination of more regular. As long as there is no longer the length of the laws, the more different types of character combinations, the lower the probability of crack, almost no success.
3) Even if the ciphertext to the original plaintext is not necessarily right, of course, this is the last line of defense, resigned.
Further, the use of MD5, the current mainstream of no more than two, one is used to encrypt sensitive data like password similar user need not reduced, a method for transmitting information to ensure integrity and consistency. In fact, he is the second use of the birth of the original intention.
Here brief mention second use. Many payment interface, data exchange interfaces are based MD5 to ensure the integrity and consistency of the data, that is, the network has not been tampered with during transmission. How to ensure that data is not tampered with, can not rely solely on MD5, also we need to join forces other encryption algorithms, specifically requested follow-up talk.