This comprehensive guide explains digital signatures, encryption and decryption processes, symmetric and asymmetric cryptography, and compares common algorithms such as MD5, SHA‑1, HMAC, DES, 3DES, AES, RSA, and ECC, complete with Java code examples and usage scenarios.
Oracle’s recent security update patches a critical Java vulnerability (CVE‑2022‑21449) that lets attackers forge SSL certificates, bypass two‑factor authentication, and create fraudulent digital signatures by exploiting a flaw in the ECDSA implementation of Java 15‑18, a bug rated as a crypto‑bug of the year.
This article provides a comprehensive overview of essential information security technologies, covering network attacks such as SQL injection, XSS, CSRF, DDoS, DNS and TCP hijacking, system vulnerabilities like stack overflow and privilege escalation, and core cryptographic concepts including symmetric/asymmetric encryption, key exchange, hashing, encoding, and multi‑factor authentication.
This article surveys the evolution of cryptography from ancient Mesopotamian cipher sticks through classical ciphers, the Enigma machine, modern public‑key systems, and multi‑party computation, then explains the concept, current challenges, and future directions of privacy‑preserving computation technologies.
This article explains why side‑channel attacks threaten SM2, SM3, and SM4 algorithms, describes the vulnerabilities of table‑lookup and double‑and‑add implementations, and presents constant‑time scalar multiplication and selection methods in Go to protect private keys on blockchain platforms.
The article analyzes the shift from plaintext data exchange to a data‑confidentiality era, outlines regulatory drivers, describes technical challenges of privacy‑preserving computation, evaluates existing cryptographic approaches, and argues that trusted privacy computing is the most promising solution to meet performance, reliability, cost, applicability, and security requirements.
This article explores the MD5 hashing algorithm in depth, detailing its fixed 128‑bit output, the padding and block processing steps defined in RFC 1321, the internal round functions, and the reasons it is considered irreversible yet vulnerable to collisions and various cracking techniques such as brute‑force, rainbow tables, and differential attacks.
This article explains why third‑party payment platforms like Alipay are used, describes Alipay's payment flow, outlines the configuration steps to obtain APPID and keys, and provides a complete Python implementation for integrating Alipay into backend services.
This article explains practical methods to protect externally exposed APIs, covering token‑based access, OAuth2.0 authorization, signature verification, encryption techniques (hashing, symmetric and asymmetric), key management, and provides Java code samples for DES and RSA implementations.
The article explains how combining hardware and software solutions can address the data‑lifecycle security and cryptographic performance challenges of privacy computing, describing the underlying technology stack, acceleration techniques, and the integrated privacy‑computing appliance released by Ant Group.
This article introduces common encryption methods—including Base64, MD5, SHA‑1, HMAC, DES, AES, and RSA—explains their principles, and provides complete Python code examples for encoding, decoding, and key handling, enabling readers to implement secure data transformations in their own projects.
This article explains the security risks of early Internet protocols, the evolution of SSL/TLS and DTLS, fundamental cryptographic concepts such as symmetric and asymmetric encryption, hashing, MACs, digital signatures, AES modes and padding, and how these technologies are applied in TLS handshakes, DTLS, and WebRTC.
This article explains RSA asymmetric encryption, key pair generation, encryption/decryption limits, digital signing and verification, and provides a full Python implementation using PyCryptodome, complete with code snippets, base64 handling, and practical usage tips.
SSL/TLS protects internet traffic by encrypting data, verifying integrity, and authenticating parties, and this article outlines its purpose, historical evolution, core operation using public‑key and symmetric keys, and details each step of the handshake process that establishes a secure session.
This article introduces common encryption algorithms—including symmetric, asymmetric, and digital signature methods—and provides detailed Go code examples for MD5, HMAC, SHA1, AES (with various modes), and RSA, helping developers understand and implement secure cryptographic operations in Go.
This guide walks you through generating an RSA keystore, exporting a public‑key certificate, and implementing full asymmetric encryption and decryption in Java, illustrating each step with command‑line examples, code snippets, and expected outputs.
This article walks through a step‑by‑step reconstruction of HTTPS’s design, explaining why both symmetric and asymmetric encryption are needed, how key exchange is negotiated, and how digital certificates and signatures solve the trust problem in secure web communication.
This article explains fundamental cryptography concepts, traces the evolution from ancient substitution ciphers to modern symmetric and asymmetric algorithms, and provides complete Java code examples for DES, AES, RSA, digital signatures, and hash functions such as MD5 and SHA.
OpenSSL 3.0 has entered its beta stage, treated as a release candidate, inviting users to build, test, and provide feedback, while introducing a new Apache 2.0 license, provider‑based architecture, FIPS‑validated provider, pluggable TLS 1.3 groups, new encoders/decoders, CMP support, and updated APIs, with ABI changes requiring recompilation.
This article explains why asymmetric encryption like RSA is paired with symmetric algorithms, outlines RSA's history and key concepts, and provides a complete Java implementation with code examples and execution results, illustrating both public‑key and private‑key operations.
This article explains the fundamentals of encryption by walking through a relatable story, defining keys, comparing symmetric and asymmetric methods, illustrating key‑exchange techniques such as paint‑mixing, multiplication tricks, Diffie‑Hellman, AES block processing, and the RSA algorithm with step‑by‑step calculations.
The article outlines typical cryptographic security risks such as weak algorithms, insufficient key lengths, poor key management, and then introduces a comprehensive Key Management System (KMS) architecture, its core functions, key hierarchy, and practical application scenarios like API signing and data encryption.
This article introduces the OneSM3 PHP library for the SM3 cryptographic hash, provides Composer installation steps, usage examples for string and file signing, and presents performance benchmark results comparing it with OpenSSL and another PHP SM3 implementation.
This article provides a comprehensive introduction to cryptographic techniques, covering the goals of confidentiality, integrity and authentication, and detailing symmetric, asymmetric and hash algorithms, common implementations, their advantages and drawbacks, as well as key exchange methods and public key infrastructure.
This article introduces Apache Shiro, a lightweight Java security framework, covering its authentication, authorization, cryptography, session management, core components, module functions, and overall architecture to help developers grasp its practical use in permission management.
The article explains RSA key files by detailing the underlying mathematics of prime factorization and modular exponents, introduces a six‑layer abstraction from raw values to application use, demonstrates OpenSSL and keytool commands for generation, conversion, and inspection, and illustrates common deployment scenarios such as HTTPS and MySQL SSL.
This article explains why HTTP is insecure, outlines the four core principles of secure communication, and details how HTTPS uses symmetric encryption, asymmetric encryption, digital certificates, and signatures to establish confidentiality, integrity, authentication, and non-repudiation for safe data transmission.
This introductory text explores the evolution of cryptography from ancient symbols to modern quantum and DNA‑based codes, highlighting its pivotal role in politics, warfare, and society while emphasizing the need for universal understanding of encryption and decryption across all fields.
This article explores the prevalence of weak passwords, introduces fundamental concepts of cryptography, explains symmetric encryption algorithms and their key distribution challenges, and demonstrates the Diffie‑Hellman key‑exchange process with a concrete example and a Python implementation of primitive‑root calculation.
This article introduces Secure Multi‑Party Computation and its two‑party variant, explains Yao’s garbled circuit technique, details a complete garbled‑circuit protocol, and walks through a concrete millionaire‑problem example to illustrate privacy‑preserving computation.
This article introduces Java developers to the Bouncy Castle library, detailing how to integrate it via Maven, demonstrating MD5 hashing and AES encryption/decryption code, and highlighting usage considerations and export compliance risks associated with cryptographic algorithms.
This article explains the technical principles behind offline payment codes used by Alipay and WeChat, covering common payment modes, online and offline code schemes, OTP generation, cryptographic algorithms, their advantages, drawbacks, and practical implementation details.
JD Digits' JACOBI Blockchain Innovation Lab unveiled a series of breakthrough research results—such as the Dumbo and Dumbo‑MVBA asynchronous consensus protocols, a blockchain identity management scheme, and a storage‑time proof—demonstrating leading academic contributions across consensus, cryptography, and distributed applications.
This article introduces symmetric encryption algorithms such as DES, 3DES, and AES, explains their principles, advantages and drawbacks, and provides complete .NET Core sample code using the BouncyCastle library for encryption and decryption with various padding modes.
This article clarifies the often‑confused concepts of encryption, digest (hash), and encoding, explains their definitions, typical algorithms, practical usage scenarios, and highlights their similarities and differences to improve communication among developers.
The Linux kernel’s generic crypto framework, introduced in version 2.5.45, defines core structures such as crypto_template, crypto_alg, crypto_instance and crypto_tfm to dynamically register and combine algorithms (e.g., ecb(aes)), providing a uniform API for symmetric, asymmetric, hash and other primitives, supporting user‑space access via AF_ALG and practical use cases like Android file‑based encryption with built‑in self‑tests for correctness.
The article explains how constant‑time string comparison functions work, shows Java and Scala implementations, and demonstrates why such techniques are essential to thwart timing attacks in cryptographic and authentication scenarios.
This article explains how marketers can use UTM parameters to identify the source of ad clicks, compares click‑based (CPC) and impression‑based (CPM) pricing models, and introduces a cryptographic private‑set‑intersection protocol that lets advertisers and e‑commerce platforms measure ad exposure effects while fully protecting user privacy.
This article introduces various cryptographic primitives—including MD, SHA, MAC, and digital signature algorithms such as RSA, DSA, and ECDSA—explains their usage and security considerations, and provides complete .NET Core code examples using the BouncyCastle library for implementation.
This article explains what an algorithm is, outlines its essential properties, traces its historical roots, and introduces ten pivotal algorithms—from sorting and Fourier transforms to RSA, hash functions, and random number generators—that underpin today’s digital world.
This article explains why HTTPS was created to address HTTP’s lack of encryption, authentication, and integrity, describes how TLS/SSL adds security, details the roles of symmetric and asymmetric encryption, hash algorithms, digital certificates, and the full handshake process that secures modern web communication.
This article provides a step‑by‑step technical guide to the AES encryption and decryption algorithm, covering state matrix construction, key expansion, round operations, final round differences, and practical Node.js code examples for handling padding and common implementation pitfalls.
This article explains the three main types of encryption—symmetric, asymmetric, and hash algorithms—detailing their principles, common examples such as DES, AES, RSA, ECC, MD5, SHA families, their strengths, weaknesses, and typical application scenarios.
This article explains the iOS app signing process, covering symmetric encryption, public‑key cryptography, hybrid cryptosystems, digital signatures, certificates, and how Apple verifies app packages during distribution and on‑device installation, providing both beginner and advanced insights.
This article explains the differences between true and pseudo‑random numbers, why JavaScript's Math.random is unsuitable for secure lottery draws, and how to use the Web Crypto API's Crypto.getRandomValues with a provided code example to achieve cryptographically strong randomness.
This tutorial explains blockchain fundamentals, its decentralized and tamper‑proof nature, and walks through a complete Java implementation—including block structure, hash calculation, mining, validation, and testing—while also covering advanced topics such as consensus algorithms, transaction verification, node types, real‑world applications, and essential development tools.
This article walks through the design of HTTPS, showing how symmetric encryption secures data while asymmetric encryption safely negotiates keys, and explains the role of digital certificates and certificate authorities in preventing man‑in‑the‑middle attacks.
This article introduces the comprehensive Python Algorithms GitHub repository, covering theoretical explanations and ready-to-use code for sorting, searching, graph, optimization, and encryption algorithms, and provides resources such as visual animations and links for deeper learning.
Argon2, the 2015 PHC champion, is a memory‑hard password‑hashing function that leverages large memory usage and configurable parameters to thwart GPU, FPGA, and ASIC attacks, offering three variants (d, i, id) and detailed security, performance, and implementation analysis.
This article provides a comprehensive walkthrough of using Go's crypto library for hashing, symmetric and asymmetric encryption, certificate generation, and TLS/HTTPS server and client implementation, illustrating how these techniques are applied in kubeadm to simplify Kubernetes cluster security.
JD Chain, JD Digital Technology’s open‑source blockchain engine announced in 2019, offers enterprise‑grade features such as modular cryptographic algorithms, pluggable consensus protocols, key‑value ledger model, flexible storage, and comprehensive APIs, aiming to accelerate blockchain adoption across diverse business scenarios.
A recent $100k research effort demonstrated a prefix collision attack on SHA-1, proving that attackers can forge signed documents and TLS certificates, and highlighting why the cryptographic community must retire SHA-1 in favor of stronger hash algorithms.
The article uses Thanos’ snap from the Avengers movies as a springboard to explain the concepts of randomness, compare true and pseudo random numbers, describe a layered sampling model, discuss hardware true random generators, and show how Java provides various APIs for generating random values.
The article uses Thanos' snap from the Avengers to examine the concept of randomness, compares true random numbers with pseudo‑random generators, explains quantum random number generators, and demonstrates how Java provides various APIs for generating random values, highlighting their strengths and limitations.
This guide explains how to generate RSA key pairs on Linux, use OpenSSL commands, and implement PHP code for public‑key encryption, private‑key decryption, padding options, data‑size limits, and helper functions for handling messages larger than the RSA block size.
This article uses the whimsical story of Alice, Bob, and a meddling pigeon to illustrate how HTTPS works, covering symmetric Caesar‑style ciphers, asymmetric public‑key encryption, certificate authorities, and the trade‑offs between security and performance in modern web communication.
This article explains why HTTPS is essential by comparing HTTP’s performance drawbacks, detailing its security vulnerabilities, and describing the cryptographic mechanisms—including TLS, symmetric and asymmetric encryption, certificates, and HMAC—that HTTPS employs to protect data and enable modern features like HTTP/2.
This article uses a playful story of Alice, Bob, Eve, Mallory, and Trent to explain the fundamentals of symmetric and asymmetric encryption, message authentication codes, digital signatures, and public‑key certificates, showing how each technique protects confidentiality, integrity, and authenticity in communications.
This article explains the SSL/TLS handshake process, the role of private keys, the advantages of switching to Diffie‑Hellman, and how session IDs and tickets enable secure session resumption, illustrating each step with clear diagrams.
The article explains how blockchain, introduced by Satoshi Nakamoto in 2008, uses cryptographic hash functions, Merkle trees, proof‑of‑work, and digital signatures to create an immutable, trust‑minimized ledger, compares naïve and validated coin models, and contrasts public versus private blockchains while forecasting massive future growth.
This tutorial explains the fundamentals of blockchain by defining block and blockchain classes in PHP, detailing fields, hash generation with SHA‑256, constructing genesis and subsequent blocks, and providing complete example code with a test run that demonstrates how each block links to its predecessor.
This comprehensive guide walks developers through the fundamental principles of blockchain, covering monetary trust, cryptographic primitives, Bitcoin's transaction model, block structure, proof‑of‑work mining, security challenges, alternative consensus mechanisms, and real‑world applications beyond cryptocurrency.
The article introduces blockchain fundamentals for programmers, covering asymmetric cryptography, public ledgers, double‑spending, transaction ordering, consensus mechanisms, proof‑of‑work mining, smart contracts, gas, token transfers, zero‑knowledge proofs, and self‑regulation, while relating each concept to familiar software engineering patterns.
This article explains the fundamentals of cryptography, covering symmetric and asymmetric encryption, key distribution challenges and solutions, digital signatures, certificates, and practical applications such as SSH login, HTTPS handshakes, and API authentication, providing clear examples and code snippets.
Blockchain relies on three fundamental technologies—SHA‑256 hashing, public‑key cryptography, and proof‑of‑work consensus—each ensuring data integrity, secure identity verification, and decentralized block creation, with detailed examples illustrating hash collisions, transaction signing, and nonce‑driven mining challenges.
This article walks through a reconstructed design process of HTTPS, explaining why secure web communication requires both symmetric encryption for data transfer and asymmetric encryption plus digital certificates for key exchange and authentication, while demystifying each component with clear diagrams.
This article traces the ancient origins of ledgers, their evolution through digitization, and explains how modern cryptographic advances have enabled distributed ledgers and blockchain to transform trust, data management, and record-keeping from static paper systems to dynamic, consensus-driven digital networks.
This article explains the core technical concepts of blockchain—including encrypted data relationships, immutability, peer-to-peer networks, blocks, mining, consensus mechanisms, Merkle trees—and discusses suitable and unsuitable use cases, typical applications such as Bitcoin and Ethereum, and practical considerations for developers.
This article explains what blockchain is, classifies public, consortium and private blockchains, describes block anatomy including headers and bodies, introduces the genesis block, outlines what can be stored in blocks, and provides a detailed breakdown of Bitcoin's block structure and fields.
This article explains how Bitcoin implements a decentralized electronic currency system by combining P2P networking, blockchain ledger structures, cryptographic signatures, proof‑of‑work consensus, and final consistency to achieve secure, tamper‑resistant storage and transaction processing.
This article explains how Bitcoin’s system combines existing technologies—P2P networking, cryptographic hashing, Merkle trees, and consensus mechanisms—to create a decentralized electronic currency, covering its architecture, data immutability, final consistency, and the economic incentives behind mining.
An Android SDK project's shift from HTTPS to RSA‑encrypted HTTP prompts a deep dive into AES encryption, tracing its historical roots from early ciphers through DES and Triple‑DES, culminating in the Rijndael design, while illustrating core cryptographic concepts of confusion, diffusion, and secret keys.
Bitcoin’s security relies on proven cryptographic principles—large‑integer public/private key pairs and digital signatures that authenticate transactions locally without exposing secret keys—making brute‑force attacks infeasible and ensuring that only implementation errors, not the mathematics, can compromise the system.
This guide explains where Ethereum stores encrypted private keys, how to create accounts via geth commands or console, the structure and contents of keystore files, and the cryptographic principles behind password‑protected decryption, helping you avoid losing access to your funds.
The article explores blockchain’s fundamental data structure—a hash‑linked list forming an immutable ledger—and its broader vision of enabling trust‑less, decentralized systems that can reshape finance, governance, and many coordination problems, while warning that speculation currently overshadows its true potential.
This article explains the fundamentals of blockchain technology, covering its definition as a distributed database, the structure of blocks and chains, mining, decentralization, node verification, and the five key characteristics that make it secure and transparent.
This article uses the classic Alice‑Bob‑pigeon analogy to demystify HTTPS, illustrating symmetric Caesar‑cipher encryption, asymmetric public‑key exchange, digital signatures, and why a certificate authority is essential for secure web communication.
This article breaks down the anatomy of a Bitcoin block, detailing its header, identifier, transaction list, and the Merkle tree construction with JavaScript code examples to illustrate how hashes are combined into a root hash.
This article explains symmetric and asymmetric encryption, the key‑distribution problem, hybrid cryptosystems, one‑way hash functions, message authentication codes, digital signatures, public‑key certificates, and compares these cryptographic methods in detail.
This article walks through creating a minimal blockchain in Haskell, covering data structures, serialization, mining logic, difficulty adjustment, and command‑line tools for mining and balance listing, while illustrating core concepts such as Merkle trees, hash functions, and transaction validation.
This article explains MD5's fast but insecure hashing, demonstrates its use for file verification and password storage in Node.js, and shows how adding random salts dramatically improves password protection while also introducing MD5 collision concepts.
The article presents a comprehensive engineering solution that separates RSA operations, employs parallel and asynchronous processing, modifies OpenSSL and Nginx event handling, and adds symmetric‑encryption optimizations to boost SSL/TLS handshake throughput by over threefold while reducing CPU load.
This article introduces Python's cryptographic capabilities, covering built‑in hashing with hashlib, key derivation with pbkdf2_hmac, and practical examples using third‑party libraries PyCryptodome and cryptography to perform MD5/SHA hashing, DES and RSA encryption/decryption, and secure file handling.
Recent public SHA-1 collision demonstrated by Google and Dutch researchers highlights the insecurity of SHA-1, prompting a shift toward stronger hashes like SHA-256/3, and underscores the importance of robust hash functions in data deduplication, storage compression, and overall information security.
This article provides a comprehensive security analysis of the TLS protocol, covering attacker models, authentication and key exchange mechanisms, version rollback attacks, handshake vulnerabilities, session resumption, application data protection, explicit IV concerns, DoS threats, session ticket security, TLS extensions, PKI considerations, historical flaws, and the major improvements introduced in TLS 1.3.
This article explains the TLS handshake process, detailing the Finished message verification, the use of NewSessionTicket for stateless session resumption, and the roles of ChangeCipherSpec, Alert, and Application Data protocols in secure communications.
This article explains how the TLS record layer encrypts and authenticates application data by fragmenting, sequencing, optionally compressing, encrypting, computing HMAC, and transmitting over TCP/IP, while detailing the security parameters, key derivation, and the evolution from MAC‑then‑Encrypt to AEAD modes.
This article explains the TLS handshake protocol in depth, covering its overall flow, the generation of security parameters, the role of asymmetric algorithms, message structures, performance considerations, and mechanisms like session caching and abbreviated handshakes to ensure secure communication.
This article explains blockchain as a distributed, fault‑tolerant ledger that combines P2P networking, cryptography, and economic game theory, describing its layered architecture, consensus mechanisms, public versus consortium chains, major platforms, and the distinction between UTXO and account‑balance models.
Since June, genuine PGP short‑ID collision attacks have surfaced, allowing attackers to create fake keys that exactly copy the name, email, and trust signatures of real keys, enabling man‑in‑the‑middle exploits, and experts now urge displaying full fingerprints to eliminate the threat.
This article provides a comprehensive overview of classic text encodings and simple ciphers frequently encountered in CTF challenges, detailing ASCII, Base64, URL, Unicode, various substitution and transposition ciphers, as well as practical encoding/decoding examples and useful online tools.
This article explains why simple password hashing is insufficient, describes common attacks such as dictionary, brute‑force, lookup‑table and rainbow‑table attacks, and provides best‑practice guidance—including random salts, CSPRNGs, key‑stretching algorithms like PBKDF2, bcrypt and scrypt—and complete PHP reference implementations.
This article explores the concept of front‑end slow encryption, explaining how deliberately increasing hashing time can hinder password cracking, discussing implementation techniques, performance trade‑offs, salt handling, adaptive strength strategies, and the broader security implications for web applications.
Shor’s algorithm leverages quantum parallelism to efficiently find integer factors, exposing the vulnerability of RSA encryption by locating periodicity in modular exponentiation, and the article outlines a five-step hybrid quantum‑classical procedure—including quantum Fourier transform—to break RSA keys.
The article explains that general‑purpose hash functions like MD5 and SHA families are fast and vulnerable to brute‑force attacks, while bcrypt’s deliberately slow, work‑factor‑adjustable design makes it a far more secure choice for storing passwords.
This article surveys a collection of seminal algorithms—including Huffman coding, public‑key encryption, Dijkstra's shortest‑path, binary search, quicksort, Karatsuba multiplication, Euclid's GCD, Bresenham's line drawing, and the fast inverse square‑root—explaining their origins, principles, and lasting impact on computer science.
This article walks through a real‑time TLS 1.0 handshake captured with Wireshark, explaining client and server hello messages, certificate verification, RSA key exchange, pre‑master and master secret derivation, key block generation, RC4 encryption, and how the encrypted HTTP request and response are finally delivered to the application layer.
MD5 is a one‑way hash, not an encryption method, and its 128‑bit output cannot be mathematically reversed; understanding this requires solid algorithmic and mathematical foundations, which the author argues are essential for programmers alongside broader theoretical knowledge rather than relying on mere trial‑and‑error experience.
This article explains the concept of digital signatures, their role in verifying data integrity and origin, outlines common algorithms such as RSA, DSS, and hash‑based signatures, and details the full PKI‑based workflow—including authentication, signing, and verification—while also describing how to combine encryption with signatures for confidential transmission.
Scientists at the University of Massachusetts have demonstrated a pulse‑position‑modulation optical link that encodes data in sparse laser pulses amid unrelated photons, making eavesdropping appear as random noise and offering theoretically unbreakable encryption, though it requires a pre‑shared decoding key.
