从加密和纯文本数据中查找AES密钥 [英] AES key finding from encrypted and plaintext data

问题描述

如果我有一个纯文本消息M及其加密的等效E，并且我知道它已经用256位AES密钥加密，是否有办法计算出密钥?如果M足够长，有什么方法可以做到?

If I have a plaintext message M along with its encrypted equivalent E, and I know that it has been encrypted with a 256-bit AES key, is there a way to work out the key? Are there ways to do it, if M is long enough?

推荐答案

理论上可以. 实际上没有 您将需要使软件在执行加密的同一台计算机上运行，​​并通过缓存分析来攻击系统:

In theory yes. In reality no. You'll need either to have software running on the same machine that is performing the encryption and attack the system through cache analysis:

" 2005年4月，DJ Bernstein宣布了一次缓存定时攻击，他曾经破坏了使用OpenSSL AES加密的自定义服务器.该自定义服务器旨在提供尽可能多的定时信息(该服务器会报告加密操作占用的机器周期数)，并且攻击需要选择超过2亿个选定的明文."

"In April 2005, D.J. Bernstein announced a cache-timing attack that he used to break a custom server that used OpenSSL's AES encryption. The custom server was designed to give out as much timing information as possible (the server reports back the number of machine cycles taken by the encryption operation), and the attack required over 200 million chosen plaintexts."

或者我想您可以使用超级计算机强制破解它.我不知道要花多长时间，所以如果不更改加密密钥，那只会是一个问题.该算法可在公共领域使用，但是您仍然会与实现联系在一起，因为它们会影响结果.

Or I would imagine that you could use a supercomputer to force crack it. I wouldn't know how long that would take though and so it would only be an issue if the encryption key was never changed. The algorithm is available in the public domain, but you'll still be tied to the implementation as they would have a bearing on the result.

这篇关于从加密和纯文本数据中查找AES密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！