Usually , In order to protect the sensitive data of the website , The application needs to encrypt these information , Information encryption technology can be divided into three categories ：

• One way hash encryption
• Symmetric encryption
• Asymmetric encryption

One way hash encryption

One way hash encryption refers to hash calculation through information of different lengths , Get a fixed length output , The process is one-way , That is, the output fixed length information cannot be , Reverse operation to get the input original information , As shown in the figure .

Take advantage of this feature of one-way hash encryption , One way hash encryption can be applied to passwords , Save the password into the database , When the user logs in , Password verification , Also calculate the ciphertext of the input password , And compare it with the ciphertext in the database , If the same , The password is verified successfully . The ciphertext of the password entered by the user when stored in the database , And the plaintext of the password is calculated irreversibly , So the technical database is “ Towing Library ”, It will not disclose user password information .

Although one-way hash ciphertext can not be inversely calculated by algorithm to get plaintext password , But because the passwords people set have certain patterns , So you can go through the rainbow bridge （ Common passwords and corresponding ciphertext relation tables ） And so on . In order to enhance the security of one-way hash calculation , The hash algorithm is also salted （salt）,salt Equivalent to an encrypted key , Increase the difficulty of cracking .

The commonly used one-way hash algorithms are MD5,SHA etc. . One way hash algorithm also has a feature that any small change in input will lead to a completely different output . This feature is sometimes not used to generate information summaries 、 It is used to calculate random numbers with high discreteness .

Symmetric encryption

Symmetric encryption means that the keys used for encryption and decryption are the same （ Or they can calculate each other ）, As shown in the figure .

The symmetric encryption algorithm is simple , High encryption efficiency , Small overhead , Suitable for encrypting large amounts of data . The disadvantage is that the same key is used for encryption , How to exchange keys safely in the case of remote communication is a difficult problem , If the key is lost , Then all encrypted information will have no secrets .

The commonly used symmetric encryption algorithms are DES Algorithm 、RC Algorithm etc. . Symmetric encryption is a traditional encryption method , It is also the most commonly used encryption method , It is suitable for most occasions that need encryption .

Asymmetric encryption

Different from conversion encryption , Asymmetric encryption and decryption do not use the same key , One of them is open to the outside world , Become a public key , The other is known only to the owner , Become a private key . Information encrypted with a public key must be decrypted with a private key , conversely , Information encrypted with a private key must be opened with a public key , As shown in the figure .

Asymmetric encryption technology is often used in information security transmission , Digital signature, etc .

The common algorithms of asymmetric encryption are RSA Algorithm etc. ,HTTPS The digital certificate used by the browser in the transmission is actually an asymmetric encrypted public key authenticated by the authority . 

Key security management

  The security of information depends on the key , But in practice , Many developers write the key directly in the source code , A little better is written in the configuration file , Different keys for online and development configurations . In short, the key itself is stored in clear text , Many people in the company have access to . Increases the risk of leakage . Therefore, it is best to have the key maintained by a specially assigned person .