Instructions
In project development, in order to ensure the security of data and user privacy, we usually encrypt key information, this article details how to use hutool in java language to quickly encrypt and decrypt data, hope you can help.
If your project is built on Maven, you can introduce Hutool through pom to use the encryption and decryption function.
If your project is not built based on maven, you can also directly download the jar package to use.
Download Links
: https://repo1.maven.org/maven2/cn/hutool/hutoolall/5.8.0.M1
Symmetric versus asymmetric encryption
Symmetric encryption
Encryption Algorithm
 An encryption method that uses a singlekey cryptosystem where the same key can be used as both encryption and decryption of a message is called symmetric encryption, also known as singlekey encryption.
 Common encryption algorithms
DES(Data Encryption Standard)
: Data Encryption Standard, a block algorithm using key encryption, was established as a Federal Information Processing Standard (FIPS) by the National Bureau of Standards of the U.S. federal government in 1977 and authorized for use in unclassified government communications, and the algorithm has since spread widely internationally.AES (Advanced Encryption Standard)
: Advanced Encryption Standard. Also known as Rijndael cryptography in cryptography, it is a block encryption standard adopted by the U.S. federal government. This standard is used to replace the original DES, which has been analyzed by many parties and is widely used around the world.
 Features
 Fast encryption speed, can encrypt large files
 Ciphertext reversible, if the key file is leaked, the data will be exposed
 After encryption, the encoding table can not find the corresponding characters, resulting in garbled code, usually used in combination with Base64
encryption mode
ECB(Electronic codebook)
: Electronic codebook. The message to be encrypted is divided into several blocks according to the block size of the block cipher, and each block is encrypted independently. Advantages: data can be processed in parallel
 Disadvantage: the same original text generates the same ciphertext, which does not protect the data well
 Simultaneous encryption, the original text is the same and the encrypted ciphertext is also the same
CBC(Cipherblock chaining)
: Cipherblock linking. Each plaintext block is first heterogeneous with the previous ciphertext block before encryption, and each ciphertext block depends on all the plaintext blocks before it Advantage: the same original text generates different ciphertexts
 Disadvantage: serial processing of data
padding mode
When data needs to be processed by block, and the data length does not meet the block processing requirements, the block length is filled according to certain rules
NoPadding
no padding In
DES
encryption algorithm, the length of the original text must be an integer multiple of8byte
.  Under
AES
encryption, the original text length must be an integer multiple of16byte
.
 In
PKCS5Padding
 The size of the data block is 8 bits, if it is not enough, it will be filled
Tips: By default, the encryption mode and padding mode are:
ECB/PKCS5Padding
. If you useCBC
mode, you need to add the parameter initialization vectorIV
DES and AES sample code


Asymmetric Encryption
Introduction
 Asymmetric encryption algorithms are also known as modern encryption algorithms.
 Asymmetric encryption is the cornerstone of computer communication security, ensuring that encrypted data cannot be broken.
 Unlike symmetric encryption algorithms, asymmetric encryption algorithms require two keys: a public key
(publickey)
and a private key(privatekey)
 The public key and the private key are a pair
 If the data is encrypted with the public key, it can only be decrypted with the corresponding private key.
 If the data is encrypted with a private key, it can only be decrypted with the corresponding public key.
 Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm.
 Features
 Different keys are used for encryption and decryption
 Slower processing of data, because of high security level
 Common algorithms
 RSA
 ECC
RSA
example


Abstract Encryption
Introduction
 Message Digest
Message Digest
is also known as Digital Digest  It is a fixedlength value that uniquely corresponds to a message or text, and is generated by a oneway
Hash
encryption function that acts on the message  The value generated using Digital Digest is not tamperable, in order to secure the file or value
 Features.
 The length of the computed message digest is always fixed, no matter how long the input message is. For example
 Message digested with
MD5
algorithm has 128 bits  A message digested with the
SHA1
algorithm ends up with 160 bits
 Message digested with
 As long as the input message is different, the digested message must be different; but the same input must produce the same output
 Message digest is oneway and irreversible
 The length of the computed message digest is always fixed, no matter how long the input message is. For example
 Common algorithms
 MD5
 SHA1
 SHA256
 SHA512
MD5
and SHA1
examples

