我的系统选择加密算法的标准是什么
[英]what is the criteria to choose encryption algorithm for my system
问题描述
I am working on a system which is going to be applied in the real environment. 
我正在开发一个将在实际环境中应用的系统。 I need to make high security mechanism for the system, one of them is encryption for user's passwords in my database. 我需要为系统建立高安全性机制,其中之一是对数据库中用户密码进行加密。
I prefer to use one way encryption method to two way encryption, the problem is I want to choose a good algorithm which has good performance and have reasonable reasons to convince my partners why i choose one algorithm instead of other. 我更喜欢使用一种双向加密方法而不是双向加密,问题是我想选择一种性能良好且有合理理由说服我的合作伙伴为什么我选择一种算法而不是另一种算法的好的算法。
Can you give me some tips for doing that? 你能给我一些提示吗?
2 个解决方案
解决方案1
3 2010-10-18 01:20:08
Don't just use a simple one-way hash. 不要只使用简单的单向哈希。
Use something like PBKDF2 or bcrypt instead. 请改用PBKDF2或bcrypt之类的东西。 I'm sure there will be good, free, off-the-shelf implementations available for Java (assuming that they're not already included in the JRE itself). 我敢肯定Java会有好的,免费的,现成的实现(假设JRE本身还没有包含这些实现)。
解决方案2
0 2010-10-18 00:52:50
i don't know what kind of argument you're looking for but : 我不知道您要寻找哪种参数,但是:
SHA is a good one-way hash functions. SHA是一种很好的单向哈希函数。
http://en.wikipedia.org/wiki/Secure_Hash_Algorithm http://en.wikipedia.org/wiki/Secure_Hash_Algorithm
Edit : 编辑:
- I'm using Bcrypt but maybe you should look at Scrypt ( http://www.unlimitednovelty.com/2012/03/dont-use-bcrypt.html ) 我正在使用Bcrypt,但也许您应该看看Scrypt( http://www.unlimitednovelty.com/2012/03/dont-use-bcrypt.html )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.