如何在python中使用RSA/ECB/PKCS1Padding创建密钥? [英] How can I create a key using RSA/ECB/PKCS1Padding in python?
问题描述
我正在努力寻找使用python在PKCS1填充下以ECB模式使用RSA的任何方法.我研究了pyCrypto,但是它们在master分支中没有PKCS1填充(但在补丁中包含).尽管如此,我还是在M2Crypto软件包中找到了带有PKCS1的RSA,但是我不确定是否可以选择ECB模式...
I am struggling to find any method of using RSA in ECB mode with PKCS1 padding in python. I've looked into pyCrypto, but they don't have PKCS1 padding in the master branch (but do in a patch). Nevertheless I found RSA with PKCS1 in the M2Crypto package, but I'm not sure if I can choose ECB mode...
推荐答案
除非您做错了,否则ECB之类的链接模式对RSA没有意义.
Chaining mode such as ECB makes no sense for RSA, unless you are doing it wrong.
ECB用于块密码:将输入数据分为相等大小的块,并且每个块分别进行加密.这会导致一些弱点,因此最好避免将ECB模式用于分组密码.
ECB is for block ciphers: the input data is split into equal-size blocks, and each block is encrypted separately. This induces some weaknesses so ECB mode is best avoided for block ciphers.
RSA不是分组密码.特别是,RSA必须扩大加密的消息:使用1024位RSA密钥(相当典型的大小),可以将一条消息加密的最大长度为117个字节,但结果是一个128字节的值.
RSA is not a block cipher. In particular, RSA necessarily enlarges the encrypted message: with a 1024-bit RSA key (a fairly typical size), one can encrypt a message up to 117 bytes, but the result is a 128-byte value.
可以想象得到一条更大的消息,将其分成长度为117个字节(或更短)的单个块,并分别对其进行RSA加密,但没人这样做,主要是因为大小增加和CPU成本增加.另外,根本没有研究与拆分和重组有关的安全性问题,因此结果很可能很微弱.通常,当密码库要求填充模式作为算法名称的一部分时,例如在" RSA/ECB/PKCS1Padding "中,这仅是由于名称的语法限制以及链接部分( ECB )实际上被忽略(例如Java所做的事情).
One could imagine taking a larger message, split it into individual blocks of length 117 bytes (or less) and RSA-encrypt each of them individually, but nobody ever does that, mostly because of the size increase, and the CPU cost. Also, security issues related to that splitting and recombining are not studied at all, so it is quite possible that the result would be quite weak. Usually, when a cryptographic library requires a padding mode as part of an algorithm name, such as in "RSA/ECB/PKCS1Padding", this is only due to the syntaxic constraints on the name, and the chaining part (ECB) is actually ignored (this is what Java does, for instance).
在实践中,当加密某些可能大于最大RSA输入大小的数据时,将使用混合加密:RSA加密的是随机对称密钥(例如一堆16个均匀随机字节),并且该密钥用于对称加密(例如使用AES)实际数据.这样更节省空间(因为对称加密不会扩大块)和CPU效率(对称加密比非对称加密要快得多,尤其是RSA decryption ).
In practice, when encrypting some data which may be larger than the maximum RSA input size, hybrid encryption is used: what is RSA-encrypted is a random symmetric key (e.g. a bunch of 16 uniformly random bytes), and that key is used to symmetrically encrypt (e.g. with AES) the actual data. This is more space-effective (because symmetric encryption does not enlarge blocks) and CPU-efficient (symmetric encryption is vastly faster than asymmetric encryption, and in particular RSA decryption).
这篇关于如何在python中使用RSA/ECB/PKCS1Padding创建密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
