The article explains HTTP’s plaintext nature and its susceptibility to man‑in‑the‑middle attacks, then details how HTTPS (TLS) uses asymmetric key exchange, certificates, and a trusted CA hierarchy to establish encrypted communication and prevent such attacks.
This article walks through using RSA to encrypt Spring Boot API responses, covering the theory behind RSA, two security scenarios, Maven dependency setup, configuration, controller annotations, encryption/decryption code, a front‑end JavaScript example, common pitfalls, and a final security summary.
This article explains RSA encryption fundamentals, illustrates two practical scenarios, and walks through creating a Spring Boot project, adding Maven dependencies, configuring RSA keys, annotating controllers for automatic encryption/decryption, testing the endpoints, and handling client‑side encryption with JavaScript, while highlighting common pitfalls.
The article walks through six real penetration‑testing scenarios, dissecting common encryption and authentication mechanisms in mini‑programs and web applications, demonstrating how to reverse‑engineer, debug, and script the bypass of Hawk signatures, MD5 timestamps, RSA and AES encryptions to achieve unauthorized data access and account takeover.
HTTPS secures web communication by replacing plaintext HTTP with TLS encryption, using asymmetric key exchange to protect symmetric keys, and relying on a hierarchical CA certificate chain to verify server identities, thereby preventing man‑in‑the‑middle attacks that exploit HTTP’s unencrypted traffic.
To protect API traffic from scraping, tampering, replay attacks, and ensure data integrity, this guide outlines a hybrid encryption scheme that combines symmetric AES, asymmetric RSA, hash‑based signatures, and HTTPS principles, detailing design, implementation steps, common issues, and security analysis.
This article walks through the end‑to‑end automation of a company’s daily dashboard report, covering reverse‑engineered login, API data extraction, image generation with canvas, OSS upload, and scheduled DingTalk webhook delivery, all implemented in Node.js.
To protect sensitive data in third‑party API integrations, this guide outlines a three‑layer security architecture—mutual TLS for channel protection, HMAC‑based request signing for integrity, and RSA encryption for data confidentiality—plus key management, monitoring, performance considerations, and implementation roadmaps.
This article provides a comprehensive guide to Go cryptography, covering fundamental concepts, common mistakes like using math/rand for keys or RSA v1.5 padding, correct implementations with crypto/rand, AES‑GCM, RSA‑OAEP/PSS, password‑derived keys, performance benchmarks, and practical testing strategies.
This guide explains how to implement symmetric (AES‑CBC, AES‑GCM) and asymmetric (RSA) encryption as well as hashing in Go, providing clear explanations and complete, runnable code samples for each technique.
This article presents concise Python examples for a wide range of encryption and encoding methods—including MD5, SHA‑256, Base64, AES, RSA, HMAC‑SHA256, Fernet, PBKDF2, Blowfish, and XOR—explaining their usage scenarios and highlighting the importance of selecting appropriate cryptographic techniques for security.
This article walks through a complete solution for protecting data in Spring Boot applications, covering symmetric, asymmetric, and hybrid encryption schemes, utility classes for AES and RSA, a custom HttpServletRequestWrapper to enable multiple reads of the request body, a filter that transparently decrypts incoming parameters, and an AOP‑based response‑encryption mechanism triggered by a custom annotation.
This article explains the fundamentals of asymmetric encryption, its key concepts, common application scenarios such as HTTPS and blockchain, provides a Python RSA implementation, and outlines how to apply it securely in API automation testing, including best practices and precautions.
This article explains OpenSSL’s origins, its role in encryption on CentOS, common use cases such as web servers and database security, provides step‑by‑step installation and upgrade commands, and demonstrates how to generate RSA, SM2, AES, and SM4 keys via the OpenSSL command line and Java alternatives.
This article explains symmetric and asymmetric encryption principles, digital signatures, HTTPS with certificate authorities, and demonstrates how to implement combined encryption, digital signing, and URL protection using Spring Cloud Gateway filters and Java code examples.
This article explains how to protect front‑end and back‑end communication in a Spring Boot application by encrypting request and response data using a hybrid AES and RSA scheme, custom request wrappers, filters, and AOP‑based response encryption, complete with code examples and implementation details.
This article provides a comprehensive overview of TLS handshakes, detailing the RSA and ECDHE key exchange mechanisms, their step-by-step processes, security properties, and the differences between TLS 1.2 and TLS 1.3, including cipher suite structures and certificate validation.
This article explains a real‑world incident where insecure API parameters led to leaderboard manipulation, then details how to securely combine RSA asymmetric encryption with AES symmetric encryption, covering key concepts, padding modes, implementation steps, and server‑side decryption using Java.
This article explains how to secure OpenAPI interfaces by using globally unique AppId/AppSecret pairs, SHA‑256 and RSA signatures, timestamp and nonce validation, caching, rate‑limiting, parameter validation, and encryption algorithms, providing complete client‑server implementation examples in Java.
This article introduces several widely used PHP encryption algorithms—including MD5, SHA family, AES, RSA, and Base64 encoding—explaining their functions, security considerations, and PHP functions for implementation, while also mentioning additional algorithms like DES, RC4, and Blowfish for specific use cases.
This article describes a real‑world API security incident, explains the fundamentals of asymmetric RSA and symmetric AES encryption, and provides a complete Java implementation—including a hybrid encryption strategy, custom @RequestRSA annotation, Spring AOP decryption aspect, and utility classes—to securely transmit and automatically decrypt request parameters.
This article explains how to secure Spring Boot API responses using RSA asymmetric encryption and digital signatures, covering RSA fundamentals, project setup, Maven configuration, key management, annotation‑driven encryption/decryption, front‑end JavaScript encryption with JSEncrypt, and practical testing steps.
The article recounts a real‑world incident where a game’s leaderboard showed absurd scores due to insecure API parameters, then explains RSA and AES fundamentals, demonstrates how to combine asymmetric and symmetric encryption for secure request handling, and provides Java code, custom annotations, and AOP logic to automate decryption on the server side.
This tutorial explains RSA asymmetric encryption and signing, then walks through securing Spring Boot API endpoints by adding annotations, configuring keys, integrating JavaScript decryption, and addressing practical deployment considerations to protect data from interception and tampering.
This guide explains how to secure Spring Boot API responses using RSA asymmetric encryption, covering the theory of RSA, practical scenarios, Maven setup, annotation‑based encryption/decryption, configuration files, and a JavaScript front‑end example for encrypting request payloads.
This article provides Python implementations and usage examples for a range of encryption and decryption techniques—including AES, RSA, Caesar cipher, Base64, SHA‑256/HMAC, Blowfish, DES, ChaCha20‑Poly1305, and XOR—along with notes on required libraries and security considerations.
This article explains the concept, advantages, and three implementation methods of Single Sign-On (SSO), then provides two complete practical examples—including architecture diagrams, step‑by‑step flows, and full Java code for ticket‑based and encrypted data‑based SSO—followed by supplementary RSA key generation notes and a brief promotional note.
This article walks through the theory behind RSA, illustrates two battlefield‑style scenarios for encryption and signing, and then shows how to integrate RSA‑based request/response encryption into a Spring Boot application using Maven, annotations, configuration files, and a JavaScript front‑end, complete with code snippets and troubleshooting tips.
This article walks you through implementing RSA‑based encryption and digital signatures in a Spring Boot application, covering the theory of asymmetric cryptography, practical code snippets for Maven, configuration, controller annotations, and a JavaScript client that encrypts requests and verifies responses to protect API data from eavesdropping and tampering.
This article explains the principles of RSA asymmetric encryption, illustrates two communication scenarios, and provides a step‑by‑step Spring Boot implementation with Maven dependencies, configuration, annotations, and front‑end JavaScript code to encrypt API requests and decrypt responses, helping developers secure their APIs.
This article demonstrates how to secure Spring Boot API data using RSA asymmetric encryption, covering the theory of RSA, step‑by‑step project setup, Maven dependencies, annotations for automatic encryption/decryption, Java and JavaScript client implementations, and practical testing of encrypted endpoints.
This article explains the basic concepts of encryption, distinguishes between symmetric and asymmetric methods, describes how public and private keys work, and compares common algorithms such as AES and RSA, highlighting their security properties, performance trade‑offs, and typical use cases.
This article provides a comprehensive guide to building a JWT authentication service in Java, covering JWT fundamentals, Spring Boot configuration, entity and DAO definitions, service interfaces, token generation and parsing, RSA key handling, controller endpoints, testing procedures, and a comparison with traditional session-based authentication.
This article explains why the MySQL 8.0 client may report the caching_sha2_password authentication error requiring a secure connection, describes the plugin’s design, RSA and SSL mechanisms, cache behavior, and provides practical commands and replication settings to resolve the issue.
This article explains how to protect Spring Cloud Gateway APIs from data interception by using RSA asymmetric encryption, adding request timestamps and UUIDs for replay protection, and implementing request signatures, with detailed Java code examples and gateway filter configuration.
This guide explains how to protect a Spring Cloud Gateway service from packet sniffing by using RSA asymmetric encryption, timestamp validation, unique request IDs stored in Redis, and MD5 signature checks, with complete Java and front‑end code examples.
This article provides a comprehensive guide on securing Spring Cloud Gateway APIs using RSA asymmetric encryption, timestamp-based replay protection, unique request IDs stored in Redis, and MD5 signature verification, complete with detailed Java and front‑end code examples and testing results.
This article introduces common encryption algorithms—symmetric, asymmetric, and hash—explains where encryption is needed in a user management module, and details implementation steps using RSA and AES128, while also warning about man‑in‑the‑middle attacks and recommending best practices.
This guide demonstrates how to secure Spring Boot configuration values by using Jasypt encryption and a custom EnvironmentPostProcessor with RSA, covering Maven dependencies, property setup, encrypted YAML syntax, utility classes, processor implementation, and registration via spring.factories.
This article examines how the widely used Objective‑C‑RSA library can cause RSA encryption failures on iOS when multiple threads concurrently add, delete, and query keychain entries using the same tag, leading to error‑25300 and data corruption, and proposes practical fixes.
This article introduces common encryption methods—including Base64, MD5, SHA‑1, HMAC, DES, AES, and RSA—explains their principles, and provides complete Python code examples for encoding, decoding, and key handling, enabling readers to implement secure data transformations in their own projects.
This article explains why password security is critical, describes symmetric and asymmetric encryption methods, details how HTTPS and RSA protect data in transit, and outlines best practices for securely storing passwords using hashing, salting, BCrypt, and PBKDF2.
This article explains RSA asymmetric encryption, key pair generation, encryption/decryption limits, digital signing and verification, and provides a full Python implementation using PyCryptodome, complete with code snippets, base64 handling, and practical usage tips.
MySQL 8.0 replaces the default mysql_native_password with the caching_sha2_password plugin, which stores a 70‑byte salted SHA‑256 hash with configurable rounds, caches SHA256(password) for fast logins, and falls back to RSA‑encrypted full verification on insecure connections, supporting user creation, replication and key management.
This article introduces common encryption algorithms—including symmetric, asymmetric, and digital signature methods—and provides detailed Go code examples for MD5, HMAC, SHA1, AES (with various modes), and RSA, helping developers understand and implement secure cryptographic operations in Go.
This guide walks you through generating an RSA keystore, exporting a public‑key certificate, and implementing full asymmetric encryption and decryption in Java, illustrating each step with command‑line examples, code snippets, and expected outputs.
This article explains fundamental cryptography concepts, traces the evolution from ancient substitution ciphers to modern symmetric and asymmetric algorithms, and provides complete Java code examples for DES, AES, RSA, digital signatures, and hash functions such as MD5 and SHA.
This article explains why asymmetric encryption like RSA is paired with symmetric algorithms, outlines RSA's history and key concepts, and provides a complete Java implementation with code examples and execution results, illustrating both public‑key and private‑key operations.
This article explains the fundamentals of encryption by walking through a relatable story, defining keys, comparing symmetric and asymmetric methods, illustrating key‑exchange techniques such as paint‑mixing, multiplication tricks, Diffie‑Hellman, AES block processing, and the RSA algorithm with step‑by‑step calculations.
This article explains the high‑security encryption mechanisms used in Alipay payments, covering the payment flow, the role of digital signatures, RSA key pairs for signing and verification, and how AES symmetric encryption protects data during transmission.
This tutorial explains the concept of Single Sign‑On, demonstrates a simple ticket‑based analogy, introduces JWT structure and RSA signing, and walks through a complete Spring Boot implementation—including project layout, Maven dependencies, configuration files, utility classes, custom authentication and verification filters, security configuration, and Postman testing—so readers can build a secure SSO service from scratch.
The article explains RSA key files by detailing the underlying mathematics of prime factorization and modular exponents, introduces a six‑layer abstraction from raw values to application use, demonstrates OpenSSL and keytool commands for generation, conversion, and inspection, and illustrates common deployment scenarios such as HTTPS and MySQL SSL.
This guide explains why and how to verify WeChat Pay V3 response signatures using Java, covering certificate serial checks, constructing the verification string from response headers, and performing SHA256‑with‑RSA validation to ensure responses truly originate from the WeChat Pay server.
In the era of big data and GDPR, front‑end developers must protect personal information beyond HTTPS by using a hybrid AES‑RSA encryption scheme, and this article explains the threats, compares symmetric, asymmetric and hash algorithms, and provides full client‑side and Node.js server implementations with code examples.
This article explains how to protect payment platform data by using symmetric (DES, 3DES, AES) and asymmetric (RSA) encryption, key‑storage strategies, TLS transport security, and anti‑tampering signatures, with complete Java code examples for Android.
This article explains the security architecture of payment platforms, covering terminal data protection, symmetric and asymmetric encryption methods such as DES, 3DES, AES, and RSA, code implementations for Android, TLS transmission security, anti‑tampering signatures, and practical key‑management strategies.
This guide shows how to protect plaintext passwords in a Vue login flow by using RSA asymmetric encryption with the JSEncrypt library, generating key pairs, creating utility functions, and storing encrypted credentials in cookies while providing decryption on retrieval.
This article introduces various cryptographic primitives—including MD, SHA, MAC, and digital signature algorithms such as RSA, DSA, and ECDSA—explains their usage and security considerations, and provides complete .NET Core code examples using the BouncyCastle library for implementation.
This article explains how to use the BouncyCastle library in .NET Core to generate RSA keys in PKCS1 and PKCS8 formats, convert between them, handle PEM encoding, and perform RSA encryption and decryption with various padding schemes, providing extensive code examples.
This article demonstrates how to use Groovy scripts within JMeter’s JSR223 pre‑processor to generate RSA‑based signatures for request parameters, providing a complete utility class, configuration steps, sample code, and console output to verify that the signature is correctly added to the request.
This article demonstrates how to use Groovy scripts within JMeter's JSR223 pre‑processor to generate RSA signatures for request parameters, covering key handling, encryption, decryption, signing, verification, map conversion, and how to attach the signature to the HTTP sampler for automated performance testing.
The article explains the drawbacks of stateful authentication, defines stateless services, describes a token‑based login flow using JWT with RSA asymmetric encryption, and shows how to integrate this approach into a Zuul‑based microservice architecture to achieve scalable, secure, and session‑free authentication.
The article explains how MySQL 8.0's caching_sha2_password authentication plugin works, its caching mechanism, advantages, limitations, and how to generate, view, and use RSA key pairs for secure password exchange in encrypted or RSA‑based non‑encrypted connections.
This article explains how to integrate the rsa-encrypt-body-spring-boot starter into a Spring Boot project to uniformly encrypt request parameters and response bodies using RSA and AES, providing step‑by‑step configuration, code examples, and practical encryption tips.
This guide explains what RSA encryption is, outlines common use cases, shows step‑by‑step commands to generate private and public keys with OpenSSL, and provides a complete PHP class with methods for public‑key encryption, private‑key decryption, signing and verification, plus practical code examples.
This guide explains how to generate RSA key pairs on Linux, use OpenSSL commands, and implement PHP code for public‑key encryption, private‑key decryption, padding options, data‑size limits, and helper functions for handling messages larger than the RSA block size.
This article explains why API security is crucial in front‑end/back‑end separated systems and provides practical measures—including HTTPS, request signing, SSL pinning, and full request/response AES encryption—along with a Spring Boot starter and JavaScript Axios interceptor to protect data in transit.
This article explains how passwords should be encrypted during transmission using symmetric and asymmetric methods such as RSA, why HTTPS is essential, how services like GitHub and Baidu handle login security, and best practices for securely storing passwords with hashing, salting, and strong algorithms like BCrypt and PBKDF2.
This article traces the evolution of cryptography from ancient substitution ciphers to modern standards like DES, RSA, and ECC, explains symmetric and asymmetric encryption, compares ECC and RSA in security and efficiency, and presents cloud‑server performance tests showing ECC‑256’s superiority in speed and resource usage.
The article presents a comprehensive engineering solution that separates RSA operations, employs parallel and asynchronous processing, modifies OpenSSL and Nginx event handling, and adds symmetric‑encryption optimizations to boost SSL/TLS handshake throughput by over threefold while reducing CPU load.
This article explains why HTTPS is considered secure, how it prevents man‑in‑the‑middle attacks through certificate verification, details the TLS handshake captured with Wireshark, and shows the cryptographic primitives behind RSA, ECDHE and AES, including practical code snippets and the cost of using HTTPS.
This article explains the complex iOS signing mechanism, covering RSA asymmetric encryption, digital signatures, certificates, provisioning profiles, and the multiple distribution methods that require layered signing to ensure only Apple‑approved apps run on devices.
This article introduces Python's cryptographic capabilities, covering built‑in hashing with hashlib, key derivation with pbkdf2_hmac, and practical examples using third‑party libraries PyCryptodome and cryptography to perform MD5/SHA hashing, DES and RSA encryption/decryption, and secure file handling.
This article uses a playful conversation between browsers and a reporter to explain how HTTPS secures web traffic by employing RSA public‑key encryption, digital signatures, certificate authorities, and the challenges of performance and man‑in‑the‑middle attacks, ultimately showing why modern browsers adopted HTTPS by default.
This article walks through creating a Python 2.7 script that logs into Weibo, fetches red‑envelope lists, evaluates their value with a custom algorithm, and automatically claims them, covering required libraries, cookie handling, HTTP GET/POST functions, RSA encryption, and result logging.
Shor’s algorithm leverages quantum parallelism to efficiently find integer factors, exposing the vulnerability of RSA encryption by locating periodicity in modular exponentiation, and the article outlines a five-step hybrid quantum‑classical procedure—including quantum Fourier transform—to break RSA keys.
This article walks through a real‑time TLS 1.0 handshake captured with Wireshark, explaining client and server hello messages, certificate verification, RSA key exchange, pre‑master and master secret derivation, key block generation, RC4 encryption, and how the encrypted HTTP request and response are finally delivered to the application layer.
This article explains the concept of digital signatures, their role in verifying data integrity and origin, outlines common algorithms such as RSA, DSS, and hash‑based signatures, and details the full PKI‑based workflow—including authentication, signing, and verification—while also describing how to combine encryption with signatures for confidential transmission.
