AES密钥生成的机器人 [英] AES key generation in Android
问题描述
目前我在生成密钥的AES加密/解密我的工作。关键是基于密码的每个用户的随机盐。我的第一个想法是做与算法PBKDF2WithHmacSHA1的SecretKeyFactory。问题是,目前的Android不支持。
Currently I am working in generating a key for AES encryption/decryption. The key is based on a password an a random salt per user. My first idea was to made a SecretKeyFactory with the algorithm "PBKDF2WithHmacSHA1". The problem is that Android currently does not support it.
做一些搜索,我发现从埃里克森推荐使用的算法为同一目的的答案(<一href="http://webcache.googleusercontent.com/search?q=cache:4T7m9QGHPt8J:stackoverflow.com/questions/992019/java-256bit-aes-encryption+SecretKeyFactory.getInstance(%22PBKDF2WithHmacSHA1%22)&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com"相对=nofollow> AES 256位加密)。我的问题是如何diffent将加密过程中,如果我使用,而不必PBKDF2WithHmacSHA1PBEWITHSHA256AND256BITAES-CBC-BC?这里是如何产生的AES android系统中的关键安全的方式,而不是不只是与散列来回的关键盐的密码(我不认为这种做法遵循)任何其他的想法。
Doing some search I found the answer from erickson recommended the use of that algorithm for the same purpose (AES 256 bit encryption). My question is how diffent would be the encryption process if I use "PBEWITHSHA256AND256BITAES-CBC-BC" instead of having "PBKDF2WithHmacSHA1"? There are any other idea of how to generate a key for AES in android in a secure way and not not just hashing the password with the salt fro the key (I don't think that approach to follow).
推荐答案
正如其名说,PBEWITHSHA256AND256BITAES-CBC-BC将使用SHA256为HMAC,而是如果使用SHA1。因为这是一个不同的算法,它会生成一个不同的密钥选择的密码。
As the name says, "PBEWITHSHA256AND256BITAES-CBC-BC" will use SHA256 as HMAC, instead if using SHA1. Because this is a different algorithm, it will generate a different Key for the chosen password.
如果你恩/解密只在Android上,这应该是好的。
If you en/decrypt only on android, this should be fine.
这篇关于AES密钥生成的机器人的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
