为什么不3DES一个块加密？ [英] Why won't 3DES encrypt one block?

问题描述

我想实现这个问题，我问在过去安全加密64位的w / o每个元素的开销？

在即时窗口我进入 TripleDES.Create（）。LegalBlockSizes.First（）并获得

  {System.Security.Cryptography.KeySizes}
    MAXSIZE：64
    MINSIZE：64
    SkipSize：0
 

64位/每字节8位是8个字节。究竟是什么长度很长的。反正我运行它通过以下code和异常抛出。该块的长度是16字节。不是我想有......我会问如何将其更改为64位，但作为结果说，最小值和最大值都是64位，为什么我会收到128位，而不是??

 长ENC（长V，字节[] IV）
{
    使用（VAR M =新的MemoryStream（））
    {
        使用（VAR C = des.CreateEncryptor（des.Key，IV））
        使用（VAR S =新CryptoStream的（M，C，CryptoStreamMode.Write））
        {
            变种B = BitConverter.GetBytes（五）;
            s.Write（B，0，b.length个）;
        }
        m.Flush（）;
        VAR ARR = m.ToArray（）;
        如果（arr.Length！= 8）
            抛出新的异常（）;
        返回BitConverter.ToInt64（ARR，0）;
    }
}
 

解决方案

我认为，这是由于填充。默认填充模式在对称密码.NET Framework是PKCS7：

  

的PKCS＃7的填充串由一个字节序列，其中每一个是等于填充字节的总数添加

如果您添加一行：

  des.Padding = PaddingMode.None;
 

你的加密code中的其余部分之前，你应该找到的阵列现已在长度为8个字节。当然，这意味着你必须确保被加密的明文任何由块长整除。

和，同时，你还需要传输这是另8个字节反正IV。工具变量不应该被重复使用，所以你仍然增加了一倍的存储/传输的大小比明文。

---

填充：

  

密码块链接（CBC）模式是操作的热门地块加密模式。它需要的消息，其长度是块的大小（通常为8或16字节）的倍数，因此消息必须被填充以将他们这个长度。一种方法是将填写的最后块以1位后面的零位。的如果输入恰好填满整个块，被添加到容纳填充一个虚拟块;否则，输入明文年底可能会PTED作为填充misinter $ P $。的

（强调，CBC是默认模式在.NET框架密码）

I'm trying to implement this question i asked in the past Securely Encrypt 64bits w/o per element overhead?

In the immediate window i entered TripleDES.Create().LegalBlockSizes.First() and got

{System.Security.Cryptography.KeySizes}
    MaxSize: 64
    MinSize: 64
    SkipSize: 0

64bits/8bits per byte is 8bytes. Exactly what length a long is. Anyways i run it through the code below and the exception throws. The length of the block is 16bytes. Not what i want to have... I would ask how to change it to 64bits but as the results say the min and max are both 64bits so why am i getting 128bits instead??

long enc(long v, byte[] iv)
{
    using (var m = new MemoryStream())
    {
        using (var c = des.CreateEncryptor(des.Key, iv))
        using (var s = new CryptoStream(m, c, CryptoStreamMode.Write))
        {
            var b = BitConverter.GetBytes(v);
            s.Write(b, 0, b.Length);
        }
        m.Flush();
        var arr = m.ToArray();
        if(arr.Length!=8)
            throw new Exception();
        return BitConverter.ToInt64(arr, 0);
    }
}

解决方案

I believe that this is due to padding. The default padding mode for symmetric ciphers in the .NET Framework is PKCS7:

The PKCS #7 padding string consists of a sequence of bytes, each of which is equal to the total number of padding bytes added.

If you add a line:

des.Padding = PaddingMode.None;

Before the rest of your encryption code, you should find the array is 8 bytes in length now. Of course, this means that you must ensure that any plaintext to be encrypted is exactly divisible by the block length.

And, also, you still need to transmit the IV which is another 8 bytes anyway. IVs should not be reused, so you've still doubled the size of storage/transmission compared to the plaintext.

---

Padding:

Cipher-block chaining (CBC) mode is a popular block cipher mode of operation. It requires messages whose length is a multiple of the block size (typically 8 or 16 bytes), so messages have to be padded to bring them to this length. One method is to fill out the last block with a 1-bit followed by zero bits. If the input happens to fill up an entire block, a "dummy block" is added to accommodate the padding; otherwise, the end of the input plaintext might be misinterpreted as padding.

(Emphasis added. CBC is the default mode for ciphers in .NET Framework)

这篇关于为什么不3DES一个块加密？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！