Algorithms that have been proven to be easier to crack (unsafe algorithms): MD4, MD5, SHA-0, SHA-1, DES.
Theoretically, most algorithms can basically be cracked, but it requires many computers to operate in parallel for a long time to crack. . The longer the key, the more resources are consumed, which increases the cost of cracking. Because the cost is too high, no attack is performed or a side-channel attack is used. (Recommended learning: PHP Video Tutorial)
At the same time, the longer the key, the higher the cost of encryption and decryption will be. Therefore, the appropriate algorithm can be selected based on the value of the information and confidentiality requirements.
DES algorithm is a symmetric cryptography system in cryptography, also known as the American Data Encryption Standard. It is a symmetric cryptography encryption algorithm developed by IBM in the United States in 1972. The plaintext is grouped by 64 bits, and the key is 64 bits long. The key is actually 56 bits participating in the DES operation (the 8th, 16th, 24th, 32nd, 40th, 48th, 56th, and 64th bits are check bits, making each password The keys have an odd number. 1) The encryption method of grouping the plaintext group and the 56-bit key to form a ciphertext group by bitwise substitution or exchange.
The DES algorithm has extremely high security. So far, apart from using the exhaustive search method to attack the DES algorithm, no more effective method has been found. The exhaustive space of a 56-bit key is 2^56, which means that if a computer is capable of detecting one million keys per second, it will take nearly 2285 years to search for all keys. time, it can be seen that this is difficult to achieve. However, this does not mean that DES is unbreakable. In fact, with the development of hardware technology and the Internet, the possibility of cracking is becoming more and more likely, and the time required is getting less and less. Parallel processing takes hours using specially designed hardware.
MD5: Strictly speaking, it is not an encryption algorithm, it can only be said to be a digest algorithm. MD5 processes the input information in 512-bit groups, and each group is divided into 16 32-bit sub-groups. After a series of processing, the output of the algorithm consists of four 32-bit groups. These four 32-bit sub-groups are The group concatenation will produce a 128-bit hash value.
MD4 is an information summary algorithm designed by MIT professor Ronald Rivest in 1990. It is an implementation of a cryptographic hash function used to test the integrity of a message. Its digest length is 128 bits. This algorithm influenced later algorithms such as MD5, SHA family and RIPEMD.
SHA-1 (English: Secure Hash Algorithm 1, Chinese name: Secure Hash Algorithm 1) is a cryptographic hash function designed by the U.S. National Security Agency and developed by the U.S. National Security Agency Published by the National Institute of Standards and Technology (NIST) as Federal Data Processing Standards (FIPS). SHA-1 can generate a 160-bit (20-byte) hash value called a message digest. The hash value is usually presented as 40 hexadecimal digits.
The originally specified algorithm was released in 1993, called Secure Hash Standard, FIPSPUB 180. This version is now often referred to as SHA-0.
SHA-1 is no longer considered viable against attackers with sufficient funds and sufficient computing resources. In 2005, cryptanalysts discovered an effective attack on SHA-1, suggesting that the algorithm may not be secure enough for continued use, and since 2010, many organizations have recommended replacing SHA-1 with SHA-2 or SHA-3 . Microsoft, Google, and Mozilla have all announced that their browsers will stop accepting SSL certificates signed using the SHA-1 algorithm by 2017.
For more PHP related technical articles, please visit the PHP Graphic Tutorial column to learn!
The above is the detailed content of Insecure encryption algorithm. For more information, please follow other related articles on the PHP Chinese website!