This article details Ctrip's design and implementation of a high‑throughput, low‑latency user data collection platform that leverages Java NIO, Netty, and a custom Kafka‑based messaging layer, covering architecture, encryption, compression, disaster‑recovery, performance testing, and downstream analytics products.
This guide explains why plain HTTP is insecure, introduces SSL/TLS fundamentals, compares certificate types, and provides step‑by‑step instructions for configuring HTTPS on a web server (including Nginx redirects), while highlighting performance impacts and testing considerations.
This article traces the evolution of cryptography from ancient substitution ciphers to modern standards like DES, RSA, and ECC, explains symmetric and asymmetric encryption, compares ECC and RSA in security and efficiency, and presents cloud‑server performance tests showing ECC‑256’s superiority in speed and resource usage.
This article explains how WCDB for Android simplifies encryption with SQLiteCipherSpec, enables seamless data migration, provides a custom FTS3/4 tokenizer with dynamic ICU loading, and offers log redirection and performance monitoring tools, plus an optimized cursor implementation for high‑performance mobile apps.
This article explains the fundamental risks of plain HTTP, introduces HTTPS as a solution, and walks through the concepts of asymmetric encryption, digital signatures, certificate authorities, and the TLS handshake process using a relatable story of Bob and his friends to illustrate secure communication.
This article explains why deterministic encryption like ECB is unsafe for sensitive data, introduces nondeterministic authenticated encryption, and provides a practical blind‑index technique with PHP and SQL examples for searchable encryption of fields such as Social Security numbers.
This article explains why HTTPS is considered secure, how it prevents man‑in‑the‑middle attacks through certificate verification, details the TLS handshake captured with Wireshark, and shows the cryptographic primitives behind RSA, ECDHE and AES, including practical code snippets and the cost of using HTTPS.
This article provides a comprehensive technical analysis of the WannaCry ransomware, detailing its exploitation of the MS17‑010 vulnerability, propagation mechanisms, AES‑RSA encryption process, ransom infrastructure, decryption tool, and recommended security mitigations.
This article explains why internet‑financial companies need encrypted MariaDB connections, shows how to verify SSL support, and provides a detailed eight‑step procedure—including OpenSSL upgrade, CA creation, server and client certificates, MySQL configuration, and verification—to enable secure client‑server communication.
This article reconstructs the design of HTTPS by starting from a simple chat scenario, explaining why both symmetric and asymmetric encryption are required, how key exchange and digital certificates work, and how the TLS handshake secures client‑server communication.
This article introduces Node.js's built‑in crypto module, explaining how to perform one‑way hashing with SHA‑256, create HMACs for stronger integrity checks, and use symmetric cipher/decipher for encrypting and decrypting data, complete with practical code snippets.
This article surveys major TLS implementations, practical deployment and optimization strategies, and explores related modern encryption protocols such as QUIC, iMessage, HomeKit, TextSecure, OTR, and libsodium, providing resources and best‑practice guidance for secure communications.
This article explains how the TLS record layer encrypts and authenticates application data by fragmenting, sequencing, optionally compressing, encrypting, computing HMAC, and transmitting over TCP/IP, while detailing the security parameters, key derivation, and the evolution from MAC‑then‑Encrypt to AEAD modes.
This article analyzes recent Android app security scan data, detailing prevalent vulnerabilities such as log leakage, weak encryption, WebView password storage, unsafe PendingIntent usage, and dynamic broadcast receiver exposure, and provides concrete code examples and remediation recommendations for developers.
This article explains how Tencent's Mars framework provides a cross‑platform, high‑performance logging module (xlog) for mobile apps, covering its architecture, the evolution from V1.0 to V2.0, mmap usage, compression, encryption, and practical implementation details.
This article explains common user password storage methods, compares their security characteristics, and details various cracking approaches—including hash collisions, rainbow tables, and advanced algorithms like PBKDF2, bcrypt, and scrypt—while emphasizing the importance of strong encryption to mitigate data breach risks.
This guide outlines essential MySQL security measures—including removing default accounts, disabling unsafe LOCAL INFILE commands, enforcing strict user role permissions, encrypting sensitive data, ensuring data integrity through replication and backups, and standardizing operational practices—to protect database assets from irreversible breaches.
This article explains how DNS hijacking injects unwanted ads by exploiting HTTP's lack of encryption, identity verification, and integrity checks, and demonstrates how HTTPS, with SSL/TLS encryption, certificates, and integrity validation, protects users from such attacks while also discussing performance impacts.
This article provides a comprehensive overview of SSL/TLS, covering its architecture, differences between SSL and TLS, detailed handshake steps, key exchange processes, secret generation, security considerations, proxy handling, and references, aiming to clarify the complex concepts for readers.
The article explains that HTTPS combines HTTP with TLS to provide encryption, authentication, and data integrity, describes TLS versions, key‑exchange algorithms such as RSA and ECDHE, and analyzes the network round‑trip and CPU overhead that HTTPS introduces, while also discussing deployment costs and optimization considerations.
This article provides a comprehensive overview of HTTPS, explaining its purpose, advantages, and drawbacks, and delves into the underlying cryptographic concepts such as symmetric and asymmetric encryption, hash algorithms, digital signatures, digital certificates, and the detailed SSL/TLS handshake process.
This article explains HTTPS fundamentals, its encryption mechanisms, differences from HTTP, the roles of symmetric and asymmetric cryptography, hash functions, digital signatures, certificate issuance and validation, as well as SSL/TLS protocols, handshake steps, and session resumption techniques that secure web communications.
This article explains why protecting database‑stored sensitive data is critical, analyzes common attack vectors and breach statistics, and provides detailed logical and physical security measures—including user and permission management, auditing, encryption, disaster‑recovery planning, and Oracle replication technologies—to help organizations achieve comprehensive database protection.
This article explains the fundamentals of SSL and OpenSSL, covering symmetric and asymmetric encryption, hash functions, secure data transmission, and how to create and use a self‑signed certificate authority for network security.
This article explains PHP's various encryption methods, covering one-way hash functions like MD5 and SHA1, symmetric algorithms, the rarely used crypt() function, and detailed implementations of asymmetric encryption with OpenSSL, including key generation, encryption, decryption, and practical code examples.
DD Boost allows backup applications to manage and simplify file replication between multiple Data Domain systems, and using NetWorker as an example, the article details the step‑by‑step replication workflow, optional low‑bandwidth and encryption features, and how remote restores are performed.
This article provides a thorough, easy-to-understand overview of SSL/TLS, covering its architecture, differences between SSL and TLS, the handshake process, key derivation (PreMaster, Master, Session secrets), data encryption, security improvements, and practical considerations such as proxy handling and common attacks.
This article explains SSL fundamentals, encryption types, PKI components, and provides step‑by‑step Linux OpenSSL commands for symmetric/asymmetric encryption, hashing, password handling, key generation, private CA creation, certificate signing, and revocation, enabling secure data transmission over networks.
This article explains how to protect user privacy by using PostgreSQL's built-in pgcrypto extension to encrypt and decrypt sensitive fields such as phone numbers and ID numbers, showing practical SQL examples for creating tables, altering columns, storing ciphertext, and querying encrypted data.
This article explains the HTTPS protocol, covering its combination of HTTP and TLS, the roles of symmetric and asymmetric encryption, key exchange methods like RSA and ECDHE, certificate-based authentication, data integrity checks, and practical considerations such as performance impact and deployment costs.
This article explains why encrypting network traffic is essential, introduces OpenSSL’s cryptographic components, and provides a detailed, command‑line tutorial for creating a private Certificate Authority, issuing certificates, and handling revocation within a LAN environment.
