Lab 6: Encryption and Hashing

Reflection:

Encryption

Encryption technology is the main security and security measure adopted by e-commerce. It is the most commonly used security and confidentiality means. It uses technical means to turn important data into garbled (encrypted) transmission. After reaching the destination, it can be restored (decrypted) by the same or different means.

Hashing

Hash method is a method of converting a string of characters into a fixed-length (usually shorter length) value or index value, called hashing, also known as hashing. Since it is faster to perform a database search with a shorter hash value than the original value, this method is generally used to index and search in the database, and is also used in various decryption algorithms.

1.Discuss the use of MD5 hashes for software downloads.

A widely used cryptographic hash function that produces a 128-bit (16-byte) hash value to ensure complete and consistent information transmission.

Using the MD5 download software can ensure the correctness of the file and prevent some people from stealing the program or adding Trojans to tamper with the file.

2.Discuss the difference between MD5 and SHA-1 hashes.

Security for forced attacks:
The most significant and important difference is that the SHA-1 digest is 32 bits longer than the MD5 digest. Using the forcing technique, generating any message such that its digest is equal to the difficulty of a given message digest is 2^128 orders of magnitude for MD5, and 2^160 orders of magnitude for SHA-1. In this way, SHA-1 has greater strength against forced attacks.

Security for crypt analysis:
Due to the design of the MD5, it is vulnerable to crypt analysis attacks, and SHA-1 is not vulnerable to such attacks.

Speed:
On the same hardware, SHA-1 runs slower than MD5.

3.Discuss the use of SHA hashes for digital signatures in SSL certificates.

Digital signatures use technology implementations in the field of public key cryptography to identify digital information.

Digital signatures use a double encryption method to achieve anti-counterfeiting and anti-counterfeiting. The principle is:
1. The transmitted file is encrypted with SHA code to generate a 128-bit digital digest (see the previous section).
2. The sender re-encrypts the digest with its own private key, which forms a digital signature.
3. Pass the original text and the encrypted abstract to the other party at the same time.
4. The other party decrypts the digest with the sender’s public key, and simultaneously encrypts the received file with SHA code to generate another digest.
5. Compare the decrypted digest with the digest generated by the recipient’s re-encryption. If the two are consistent, the information has not been destroyed or tampered with during the transfer. Otherwise it is not.

Critical Thinking Analysis

Potential uses/advantages/pitfalls for this in securing a business