码迷,mamicode.com
首页 > 其他好文 > 详细

SHA1 VS RSA: what's the difference between them?

时间:2020-11-23 12:09:41      阅读:4      评论:0      收藏:0      [点我收藏+]

标签:graphic   ogr   instance   ORC   fun   perl   HERE   tps   bsp   

SHA1 VS RSA: what‘s the difference between them?

Fundamentally different.

SHA1 is a hash algorithm, which is a one way function, turning an input of any size into a fixed-length output (160 bit in this case). A cryptographic hash function is one for which it should not be possible to find two inputs giving the same output except by brute force (for instance, with a 128-bit function you should need to try on average 2^64 message to find such a "collision"碰撞 due to something called the birthday paradox悖论 - Google it for more).

In fact for SHA1 this is no longer the case - the algorithm is (in cryptographic terms at least) broken now, with a collision attack described by Xiaoyun Wang et al that beats a classic birthday attack. The SHA2 family is not broken, and a process is underway by NIST to agree on a SHA3 algorithm or family of algorithms.

Edit - Google have now generated and published an actual SHA1 collision.

 

RSA is an asymmetric encryption algorithm, encrypting an input into an output that can then be decrypted (contrast a hash algorithm which can‘t be reversed). It uses a different key for encryption (the public one) than for decryption (the private one). This can therefore be used to receive encrypted messages from others - you can publish your public key, but only you with the private key can then decrypt the messages that have been encrypted with it.

If you reverse the keys for RSA, it can be used to generate a digital signature - by encrypting something with your private key, anyone can decrypt it with the public key and, if they are sure the public key belongs to you, then they have confidence that you were the one who encrypted the original. This is normally done in conjunction with a hash function - you hash your input, then encrypt that with your private key, giving a digital signature of a fixed length for your input message.

 

SHA1 VS RSA: what's the difference between them?

标签:graphic   ogr   instance   ORC   fun   perl   HERE   tps   bsp   

原文地址:https://www.cnblogs.com/chucklu/p/14001295.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!