数字签名加密推荐组合 [英] Recommended Encryption combination for digital signatures

问题描述

我终于 - 天后和痛苦的日子 - 想通了，我需要两种形式的加密我的数字签名项目。第一个将将对称（AES）并将加密的许可证数据第二将是一个非对称（RSA）的意志<强>加密对称密钥。有人可以给我的最好的方法指针使用Android的。

I have finally - after days and days of agony - figured out that I need two forms of encryption for my Digital Signatures Project. The first will will be symmetric (AES) and will encrypt the license data and the second will be a asymmetric (RSA) an will encrypt the symmetric key. Can someone give me pointers on the best methods to use for Android.

对于我使用的公钥/私钥：RSA / ECB / PKCS1Padding（我把头欧洲央行糟糕，所以我应该用什么？怎么样PKCS1Padding - ？shoudl我是用PKCS5Padding）

For the public/private keys I am using: "RSA/ECB/PKCS1Padding"(I head ECB is bad so what should I use?, what about the PKCS1Padding - shoudl I be using PKCS5Padding?)

对于对称密钥我可能会使用AES / ??? / ?????????（我应该使用什么样的模式和填充？）

For the symetric keys I will probably use: "AES/???/?????????" (What mode and padding should I use?)

提供者：BC

RSA密钥大小：1024（我试过2048，但它并没有出于某种原因）

RSA Keysize: 1024 (I tried 2048 but it didn't work for some reason)

AES密钥大小：???? （建议）

AES Keysize: ???? (suggestions)

另外，如果你知道我在哪里可以找到什么Android是实际支持的一个很好的指南，将是巨大的。

Also if you know where I can find a good guide on what is actually supported in Android that would be great.

我在没有办法的加密专家，所以如果有什么在这里看起来有点precarious请告诉我一个更好的选择！

I am in no way an encryption expert so if anything looks a little precarious here please tell me a better alternative!

如果你知道一个很好的结合，但如果它支持在Android上不能确定，请说出来，这样我最终不会浪费一大堆时间去寻找它不支持。

If you know of a good combination but are not sure if it is supported on Android please say so, so that I don't end up wasting a whole lot of time to find it is not supported.

推荐答案

欧洲央行是不安全的块加密模式，因为它太容易为64，128，或者输入流中256位数据块被重新使用 - 重复内容presence将在密文立即可见。

ECB is unsafe for block cipher modes, because it is too easy for 64, 128, or 256 bit blocks to be re-used in an input stream -- the presence of repeated content would be immediately visible in the ciphertext.

但是RSA不用于加密的输入流 - 它仅曾经用于加密会话密钥（如你可能在操作的）或签名的消息的输出消化功能。因此，对于RSA ECB模式是好的。

But RSA is not used for encrypting input 'streams' -- it is only ever used for encrypting session keys (as you appear to be doing) or signing the output of message digest functions. So ECB mode for RSA is fine.

使用与RSA的PKCS＃1填充方案; PKCS＃5填充方案适用于对称密码。

Use the PKCS#1 padding scheme with RSA; PKCS#5 padding scheme is intended for symmetric ciphers.

如果1024密钥对，你可以用最大的RSA（或生成设备上的？），那么很可能128或192位AES是一个类似的风险。根据慢多少256位AES是，我可能会使用它，而不是，只需提供针对AES的攻击算法改进另一个四五年的缓冲。

If 1024 is the largest RSA keypair you can use (or generate on the device?) then probably 128 or 192 bit AES is a similar risk. Depending on how much slower 256-bit AES is, I might use it instead, just to provide another four or five years buffer against algorithmic improvements in AES attacks.

NIST对使用AES指南推荐使用任何的：CBC，CFB，OFB，CTR或模式

NIST's guidelines on using AES recommend using any of: CBC, CFB, OFB, or CTR modes.

同样的指导方针还提到添加 1 和几个 0 位必须完成最后一个块填充机制，所以它应该是足够安全使用。

The same guidelines also mention the 'add 1 and as few 0 bits are required to complete the final block' padding mechanism, so it should be safe enough to use.

但对于这一切，我都用GPGME或OpenSSL的或GNUTLS做所有的工作建议。试图让自己的协议可以是非常微妙的。希望有对Android的某些更高级别的工具包，使签名生成/验证变得更加容易。

But for all this, I have to suggest using gpgme or openssl or gnutls to do all your work. Trying to make your own protocols can be very subtle. Hopefully there's some higher-level toolkits on the Android to make signature generation / verification much easier.

NIST的指导方针： http://csrc.nist.gov /publications/nistpubs/800-38a/sp800-38a.pdf

NIST's guidelines: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf

这篇关于数字签名加密推荐组合的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！