用1024字节的密钥实现AES-256 [英] Implementing AES-256 with 1024 byte key

问题描述

我正在尝试编写使用1024字节密钥进行AES-256加密/解密的Java代码。我看了互联网的执行情况，有很多方法可以实现。

我看了以下教程：

1. http://karanbalkar.com/2014/02/tutorial- 76-implement-aes-256-encryptiondecryption-using-java /


2. https://gist.github.com/bricef/2436364

但没有找到什么步骤是必需的。所以我的问题是我需要开始加密/解密。不是指定算法（AES-256）和密钥是否足够？我要调用哪些API？

---

此外，我打算用一个暴露于加密的两个方法编写一个实用程序类并解密。我打算在构造函数中初始化所有这些设置。所以建议我最好的方式把这个类放在我的Spring Web应用程序中。

解决方案

AES仅限于128,192和256位密钥。这些分别称为AES-128，AES-192和AES-256。所以你不能使用AES的1024字节密钥。

AES块大小（你所说的数据分组编码的大小）总是128位用于AES。 Rijndael，其子集成为AES，除了128位块之外，还支持256位块。对于1024字节的密钥，Rijndael和AES都没有定义。

如果你有这么大的密钥材料，可以使用SHA-256等哈希值将其减少到256位，或一个适当的KDF像HKDF。显然这会将安全级别降低到256位，但这仍然很多。 AES没有为较大密钥定义的原因是传统的计算机永远不能强制使用256位密钥。请参阅加密费用是多少美元在一年中强制一个256位密钥？在crypto.se。

I am trying to write Java code which will do AES-256 encryption/decryption using 1024 byte key. I looked into Internet for the implementation and there are many way to implement.

I took a look at the following tutorials:

1. http://karanbalkar.com/2014/02/tutorial-76-implement-aes-256-encryptiondecryption-using-java/
2. https://gist.github.com/bricef/2436364

but didn't find what steps are the required. So my question is What I need to to start encryptiopn/decryption. Isn't specifying algorithm (AES-256) and secret key is enough? What are the APIs I have to call?

---

Also I am planning to write a utility class with two method exposed to encrypt and decrypt. I am planning to initialize all these setting in constructor. So suggest me the best way to put this class in my Spring web app.

解决方案

AES is only defined for 128, 192 and 256 bit keys. These are called AES-128, AES-192 and AES-256 respectively. So you can't use a 1024 byte key with AES.

The AES block size (what you described as "size in which data is grouped for encoding") is always 128 bits for AES. Rijndael, a subset of which became AES, supports 256 bit blocks in addition to 128 bit blocks. Neither Rijndael nor AES have been defined for 1024 byte keys.

If you have such large key material you can reduce it to 256 bits using a hash like SHA-256, or a proper KDF like HKDF. Obviously this will reduce the security level to 256 bits, but that's still plenty. The reason why AES is not defined for larger keys is that a conventional computer will never be able to brute-force a 256 bit key. See How much would it cost in U.S. dollars to brute force a 256 bit key in a year? on crypto.se.

这篇关于用1024字节的密钥实现AES-256的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！