Python中的加密算法详解<\/h1>

一、加密基础概念<\/h2>

1. 数据加密定义<\/h3>
数据加密是一种保护数据安全的技术，通过将明文转换为不易被理解的密文，以防止数据泄露、篡改或滥用。加密后的密文可以通过解密过程恢复成原始明文。<\/p>

2. 密码学分类<\/h3>

密码学主要分为：<\/p>

密码编码学<\/strong>：研究如何设计安全的密码系统<\/li>

密码分析学<\/strong>：研究如何破解密码系统<\/li> <\/ul>
二、加密方式分类<\/h2>
1. 对称加密<\/h3>
定义<\/strong>：加密和解密使用同一个密钥
特点<\/strong>：<\/p>

加密解密速度快<\/li>
适合加密大量数据<\/li>
密钥需要安全传输和存储<\/li> <\/ul>
常见算法<\/strong>：<\/p>

DES（已不安全）<\/li>
3DES<\/li>
AES（目前最广泛使用的对称加密算法）<\/li> <\/ul>
2. 非对称加密<\/h3>
定义<\/strong>：使用一对密钥（公钥和私钥）
特点<\/strong>：<\/p>

公钥可公开，私钥保密<\/li>
加密解密速度较慢<\/li>
适合加密少量数据和数字签名<\/li> <\/ul>
常见算法<\/strong>：<\/p>

RSA（应用最广泛）<\/li>
ECC（椭圆曲线加密，适合移动设备）<\/li>
DSA（适用于数字签名）<\/li> <\/ul>
3. 单向加密（不可逆加密）<\/h3>
定义<\/strong>：通过散列算法生成固定长度的散列值
特点<\/strong>：<\/p>

无法从散列值还原原文<\/li>
常用于数字签名、密码存储等<\/li> <\/ul>
常见算法<\/strong>：<\/p>

MD5（已被破解）<\/li>
SHA-1（比MD5安全但速度慢）<\/li>
SHA-2（包括SHA-224、SHA-256等）<\/li>
HMAC（带密钥的散列消息认证码）<\/li> <\/ul>
三、Python中的加密实现<\/h2>
1. 编码与解码<\/h3>
# 编码<\/span> <\/span><\/span>str_ =<\/span> "xiaoyu安全"<\/span> <\/span><\/span>byte =<\/span> str_.<\/span>encode('utf-8'<\/span>) # 转为二进制<\/span> <\/span><\/span> <\/span><\/span># 解码<\/span> <\/span><\/span>original =<\/span> byte.<\/span>decode('utf-8'<\/span>) # 转回字符串<\/span> <\/span><\/span><\/code><\/pre>2. Base64编码<\/h3> import<\/span> base64 <\/span><\/span> <\/span><\/span>def<\/span> enbase64<\/span>(str_): <\/span><\/span> return<\/span> base64.<\/span>b64encode(str_.<\/span>encode('utf-8'<\/span>)).<\/span>decode("utf-8"<\/span>) <\/span><\/span> <\/span><\/span>def<\/span> debase64<\/span>(str_): <\/span><\/span> return<\/span> base64.<\/span>b64decode(str_).<\/span>decode('utf-8'<\/span>) <\/span><\/span> <\/span><\/span># 使用<\/span> <\/span><\/span>encoded =<\/span> enbase64("xiaoyu安全"<\/span>) # 输出: eGlhb3l15a6J5YWo<\/span> <\/span><\/span>decoded =<\/span> debase64(encoded) # 输出: xiaoyu安全<\/span> <\/span><\/span><\/code><\/pre>3. MD5加密<\/h3> import<\/span> hashlib <\/span><\/span> <\/span><\/span>def<\/span> md5<\/span>(str_): <\/span><\/span> str_ =<\/span> str_.<\/span>encode('utf-8'<\/span>) <\/span><\/span> result =<\/span> hashlib.<\/span>md5(str_) <\/span><\/span> return<\/span> result.<\/span>hexdigest().<\/span>upper() # 返回大写结果<\/span> <\/span><\/span> <\/span><\/span># 使用<\/span> <\/span><\/span>print(md5("hellow_world"<\/span>)) # 输出: 0D0A96FA021CCD3FAC05DF1A584E3185<\/span> <\/span><\/span><\/code><\/pre>4. SHA1加密<\/h3> import<\/span> hashlib <\/span><\/span> <\/span><\/span>def<\/span> sha1<\/span>(str_): <\/span><\/span> return<\/span> hashlib.<\/span>sha1(str_.<\/span>encode()).<\/span>hexdigest() <\/span><\/span><\/code><\/pre>5. Secrets模块（安全随机数）<\/h3> import<\/span> secrets <\/span><\/span>import<\/span> string <\/span><\/span> <\/span><\/span># 生成安全随机密码<\/span> <\/span><\/span>parm =<\/span> string.<\/span>ascii_letters +<\/span> string.<\/span>digits <\/span><\/span>password =<\/span> ''<\/span>.<\/span>join(secrets.<\/span>choice(parm) for<\/span> i in<\/span> range(10<\/span>)) <\/span><\/span> <\/span><\/span># 生成安全URL<\/span> <\/span><\/span>url =<\/span> 'https:\/\/example.com\/update='<\/span> +<\/span> secrets.<\/span>token_urlsafe() <\/span><\/span><\/code><\/pre>6. DES加密<\/h3> from<\/span> pyDes import<\/span> des, CBC, PAD_PKCS5 <\/span><\/span>import<\/span> binascii <\/span><\/span> <\/span><\/span>key =<\/span> 'xiaoyu13'<\/span> # 必须8字节<\/span> <\/span><\/span> <\/span><\/span>def<\/span> des_encrypt<\/span>(s): <\/span><\/span> secret_key =<\/span> key <\/span><\/span> iv =<\/span> secret_key <\/span><\/span> des_obj =<\/span> des(secret_key, CBC, iv, pad=<\/span>None<\/span>, padmode=<\/span>PAD_PKCS5) <\/span><\/span> return<\/span> binascii.<\/span>b2a_hex(des_obj.<\/span>encrypt(s, padmode=<\/span>PAD_PKCS5)) <\/span><\/span> <\/span><\/span>def<\/span> des_decrypt<\/span>(s): <\/span><\/span> secret_key =<\/span> key <\/span><\/span> iv =<\/span> secret_key <\/span><\/span> des_obj =<\/span> des(secret_key, CBC, iv, pad=<\/span>None<\/span>, padmode=<\/span>PAD_PKCS5) <\/span><\/span> return<\/span> des_obj.<\/span>decrypt(binascii.<\/span>a2b_hex(s), padmode=<\/span>PAD_PKCS5) <\/span><\/span> <\/span><\/span># 使用<\/span> <\/span><\/span>encrypted =<\/span> des_encrypt('XIAOYU'<\/span>) # 输出: b'ab498fe821d50739'<\/span> <\/span><\/span>decrypted =<\/span> des_decrypt(encrypted) # 输出: b'XIAOYU'<\/span> <\/span><\/span><\/code><\/pre>7. AES加密<\/h3> from<\/span> Cryptodome.Cipher import<\/span> AES <\/span><\/span>from<\/span> Cryptodome import<\/span> Random <\/span><\/span> <\/span><\/span>data =<\/span> 'XiaoYu安全'<\/span> <\/span><\/span>key =<\/span> b<\/span>'this is a 16 key'<\/span> # 必须16\/24\/32字节<\/span> <\/span><\/span>iv =<\/span> Random.<\/span>new().<\/span>read(AES.<\/span>block_size) <\/span><\/span> <\/span><\/span># 加密<\/span> <\/span><\/span>mycipher =<\/span> AES.<\/span>new(key, AES.<\/span>MODE_CFB, iv) <\/span><\/span>cip =<\/span> mycipher.<\/span>encrypt(data.<\/span>encode()) <\/span><\/span>cip_text =<\/span> iv +<\/span> cip <\/span><\/span> <\/span><\/span># 解密<\/span> <\/span><\/span>mydecrypt =<\/span> AES.<\/span>new(key, AES.<\/span>MODE_CFB, cip_text[:16<\/span>]) <\/span><\/span>decrypted =<\/span> mydecrypt.<\/span>decrypt(cip_text[16<\/span>:]).<\/span>decode() <\/span><\/span><\/code><\/pre>8. RSA加密<\/h3> from<\/span> Crypto.PublicKey import<\/span> RSA <\/span><\/span>from<\/span> Crypto.Cipher import<\/span> PKCS1_OAEP <\/span><\/span>import<\/span> binascii <\/span><\/span> <\/span><\/span># 生成密钥对<\/span> <\/span><\/span>key =<\/span> RSA.<\/span>generate(2048<\/span>) <\/span><\/span>private_key =<\/span> key.<\/span>export_key() <\/span><\/span>public_key =<\/span> key.<\/span>publickey().<\/span>export_key() <\/span><\/span> <\/span><\/span># 加密<\/span> <\/span><\/span>message =<\/span> '你好, RSA!'<\/span>.<\/span>encode() <\/span><\/span>encryptor =<\/span> PKCS1_OAEP.<\/span>new(RSA.<\/span>import_key(public_key)) <\/span><\/span>encrypted =<\/span> encryptor.<\/span>encrypt(message) <\/span><\/span> <\/span><\/span># 解密<\/span> <\/span><\/span>decryptor =<\/span> PKCS1_OAEP.<\/span>new(RSA.<\/span>import_key(private_key)) <\/span><\/span>decrypted =<\/span> decryptor.<\/span>decrypt(encrypted).<\/span>decode() <\/span><\/span><\/code><\/pre>四、实际应用案例<\/h2> 1. 用户登录系统（Flask + MD5）<\/h3> from<\/span> flask import<\/span> Flask <\/span><\/span>import<\/span> hashlib <\/span><\/span>import<\/span> pymysql <\/span><\/span> <\/span><\/span>app =<\/span> Flask(__name__) <\/span><\/span> <\/span><\/span>@app<\/span>.<\/span>route('\/login\/<username>\/<password>\/'<\/span>) <\/span><\/span>def<\/span> user_login<\/span>(username, password): <\/span><\/span> try<\/span>: <\/span><\/span> password =<\/span> hashlib.<\/span>md5(password.<\/span>encode()).<\/span>hexdigest() <\/span><\/span> sql =<\/span> 'select * from t_user where username=<\/span>%s<\/span> and password=<\/span>%s<\/span>'<\/span> <\/span><\/span> # 执行SQL验证...<\/span> <\/span><\/span> return<\/span> '登录成功'<\/span> if<\/span> valid else<\/span> '登录失败'<\/span> <\/span><\/span> except<\/span> Exception<\/span> as<\/span> e: <\/span><\/span> return<\/span> f<\/span>'登录失败:<\/span>{<\/span>str(e)}<\/span>'<\/span> <\/span><\/span><\/code><\/pre>2. 文件完整性验证<\/h3> import<\/span> hashlib <\/span><\/span> <\/span><\/span>def<\/span> get_file_md5<\/span>(file_path): <\/span><\/span> with<\/span> open(file_path, 'rb'<\/span>) as<\/span> f: <\/span><\/span> return<\/span> hashlib.<\/span>md5(f.<\/span>read()).<\/span>hexdigest() <\/span><\/span> <\/span><\/span># 比较文件MD5与预期值<\/span> <\/span><\/span>if<\/span> get_file_md5('file.txt'<\/span>) ==<\/span> 'expected_md5_value'<\/span>: <\/span><\/span> print("文件完整"<\/span>) <\/span><\/span><\/code><\/pre>五、安全建议<\/h2> 密码存储<\/strong>：<\/p> 使用单向加密（如SHA-256）存储密码<\/li> 加盐（salt）增加安全性<\/li> 密码长度建议10位以上<\/li> <\/ul> <\/li> 密钥管理<\/strong>：<\/p> 对称加密密钥必须保密<\/li> 非对称加密私钥必须严格保护<\/li> 避免硬编码密钥<\/li> <\/ul> <\/li> 算法选择<\/strong>：<\/p> 避免使用已被破解的算法（如MD5）<\/li> 根据场景选择合适算法：大量数据：AES<\/li> 密钥交换：RSA<\/li> 数字签名：DSA\/ECDSA<\/li> <\/ul> <\/li> <\/ul> <\/li> 随机数生成<\/strong>：<\/p> 使用secrets<\/code>模块而非random<\/code>模块生成安全随机数<\/li> 用于密码、令牌等敏感信息生成<\/li> <\/ul> <\/li> <\/ol> 通过合理选择和组合这些加密技术，可以有效保护数据的机密性、完整性和可用性，防止数据泄露和篡改。<\/p>

Python中的加密算法详解<\/h1>

一、加密基础概念<\/h2>

1. 数据加密定义<\/h3> 数据加密是一种保护数据安全的技术，通过将明文转换为不易被理解的密文，以防止数据泄露、篡改或滥用。加密后的密文可以通过解密过程恢复成原始明文。<\/p>

二、加密方式分类<\/h2>

三、Python中的加密实现<\/h2>

四、实际应用案例<\/h2>

1. 数据加密定义<\/h3>
数据加密是一种保护数据安全的技术，通过将明文转换为不易被理解的密文，以防止数据泄露、篡改或滥用。加密后的密文可以通过解密过程恢复成原始明文。<\/p>