At present, the computing environment and past changes, many data resources can rely on the network to remote access, and more and more communication depends on public network public networks (such as Internet), and these environments do not guarantee entities. Safety communication, data may be read or tampered with other people in the transmission process.
Encryption will prevent data from being viewed or modified, and provide secure communication channels on the original unsafe channel, which reaches the following:
Confidentiality: Prevent the user's identity or data from being read. Data Integrity: Prevent data from being changed. Authentication: Make sure the data is from a specific party.
First, data encryption / encoding algorithm list
Common encryption or encoding algorithms for ensuring safe, as follows:
1, common key algorithm
The key algorithm is used to encrypt the sensitive data, summary, signature and other information, and the common key algorithms include:
DES (Data Encryption Standard): Data encryption standard, fast speed, applicable to encrypting large amounts of data; 3DES: is based on DES, three different keys for three different keys, higher intensity RC2 and RC4: Encrypt a large amount of data with the variable length key, fast than DES; IDEA (International Data Encryption Algorithm) International Data Encryption Algorithm, using 128-bit key to provide very strong security; RSA: Invention by RSA It is a public key algorithm that supports the growth key. The length of the file that needs to be encrypted is also variable; DSA (DIGITAL SIGNATURE ALGORITHM): Digital Signing Algorithm is a standard DSS (digital signature standard); AES (Advanced Encryption Standard): Advanced Encryption Standard is the next-generation encryption algorithm standard, fast speed, security level, one implementation of the AES standard is RijndAel algorithm; blowfish, it uses a long key, length up to 448 The running speed is very fast; other algorithms such as Elgamal, Deffie-Hellman, new elliptic curve algorithm ECC, etc.
2, one-way hash algorithm
The one-way hash function is generally used to generate a message summary, key encryption, etc., common:
MD5 (Message Digest Algorithm 5): It is a one-way hash algorithm developed by RSA Data Security. The MD5 is widely used, which can be used to code to a 128-bit data block; SHA Hash algorithm This is a newer hash algorithm that generates a 160-bit value for any length of data operation; MAC (Message Authentication Code): Message authentication code, is a one-way function using the key, You can use them to authenticate files or messages between the system or between users. HMAC (key hashing method for message authentication) is an example of such a function. CYCLIC Redundancy CHECK: Cyclic redundant check code, CRC check due to simple implementation, strong error error, is widely used in various data check applications. It takes less system resources, and it can be implemented in software and hardware. It is a good means for data transmission error detection (CRC is not a rigorous hash algorithm, but its role is roughly the same as the hash algorithm, so it is attributed Such). 3, other data algorithms
Other data algorithms include some commonly used coding algorithms and their conversion, such as Base 64, Quoted Printable, EBCDIC, and the like.
Second, the algorithm .NET implementation
Common encryption and coding algorithms have been implemented in .NET Framework, providing great convenience for coding personnel, achieving these algorithms Namespaces are: system.security.cryptography.
System.Security.cryptography namespace provides encryption services, including secure data coding and decoding, and many other operations, such as hash methods, random digital generation, and message authentication.
System.security.cryptography is organized as follows:
1, private key encryption
The private key encryption is also called symmetrical encryption because the same key is used for both encryption and for decryption. The private key encryption algorithm is very fast (compared to the public key algorithm), it is especially suitable for encrypting conversion to larger data streams.
.NET Framework provides classes that implement the private key encryption algorithm:
DES: DescryptoserviceProvider RC2: RC2CryptoserviceProvider Rijndael (AES): RijndaElManaged 3Des: TripLeDescryptoserviceProvider
2, public key encryption and digital signature
Public key encryption uses a private key that must be confidentially confidentially confidential with unauthorized users and a public key that can be disclosed to anyone. Data encrypted with public key can only be decrypted by private key, and data with private key signatures can only be verified by public key. The public key can be used by anyone; the key is used to encrypt data to be sent to the private key holder. Two keys are unique for communication sessions. The public key encryption algorithm is also referred to as an asymmetric algorithm, which is required to use a key encrypted data to decrypt data with another key.
.NET Framework provides classes that implement the public key encryption algorithm:
DSA: DSACryptoServiceProvider RSA: RSacryptoServiceProvider
3, hash (haveh) value
The hash algorithm maps any length of the binary value to a smaller binary value of the fixed length, which is called a hash value. The hash value is a single data unique and extremely compact value representation. If you have a clear text and even if you only change the letter in this paragraph, the subsequent hash will produce different values. To find two different inputs that have a hash of the same value, it is impossible to calculate, so the hash value of the data can verify the integrity of the data. .NET Framework provides classes that implement digital signature algorithms:
HMAC: HMACSHA1 (HMAC is a Hash algorithm for using keys) Mac: MactribRIPTes MD5: MD5CryptoserviceProvider Sha1: Sha1Managed, Sha256Managed, Sha384Managed, Sha512Managed
4, random number generation
The encryption key needs to be random as much as possible so that the generated key is difficult to reproduce, so the random number is generated by many encrypted operations inseparable components.
In .NET Framework, RNGCryptoServiceProvider is an implementation of a random number generator algorithm. For data algorithms, .NET Framework implements in other namespaces, such as the Convert class implementation Base 64 encoding, System.Text to implement the conversion of the encoding method.
From the above, .NET Framework is much better for data encryption / encoding or support, which is greatly facilitated, but the data encryption algorithm in the United States is still not complete, such as IDEA, Blowfish, other algorithms. Such as Elgamal, Deffie-Hellman, ECC, etc., is not enough for some other data calibration algorithms, such as CRC, SFV, etc., developers can only be transplanted from early code or find third-party manufacturers.
