数字签名加密推荐组合 [英] Recommended Encryption combination for digital signatures
问题描述
我终于 - 天后和痛苦的日子 - 想通了,我需要两种形式的加密我的数字签名项目。第一个将将对称(AES)并将加密的许可证数据第二将是一个非对称(RSA)的意志<强>加密对称密钥。有人可以给我的最好的方法指针使用Android的。
I have finally - after days and days of agony - figured out that I need two forms of encryption for my Digital Signatures Project. The first will will be symmetric (AES) and will encrypt the license data and the second will be a asymmetric (RSA) an will encrypt the symmetric key. Can someone give me pointers on the best methods to use for Android.
对于我使用的公钥/私钥:RSA / ECB / PKCS1Padding
(我把头欧洲央行糟糕,所以我应该用什么?怎么样PKCS1Padding - ?shoudl我是用PKCS5Padding)
For the public/private keys I am using: "RSA/ECB/PKCS1Padding"
(I head ECB is bad so what should I use?, what about the PKCS1Padding - shoudl I be using PKCS5Padding?)
对于对称密钥我可能会使用AES / ??? / ?????????
(我应该使用什么样的模式和填充?)
For the symetric keys I will probably use: "AES/???/?????????"
(What mode and padding should I use?)
提供者:BC
RSA密钥大小:1024(我试过2048,但它并没有出于某种原因)
RSA Keysize: 1024 (I tried 2048 but it didn't work for some reason)
AES密钥大小:???? (建议)
AES Keysize: ???? (suggestions)
另外,如果你知道我在哪里可以找到什么Android是实际支持的一个很好的指南,将是巨大的。
Also if you know where I can find a good guide on what is actually supported in Android that would be great.
我在没有办法的加密专家,所以如果有什么在这里看起来有点precarious请告诉我一个更好的选择!
I am in no way an encryption expert so if anything looks a little precarious here please tell me a better alternative!
如果你知道一个很好的结合,但如果它支持在Android上不能确定,请说出来,这样我最终不会浪费一大堆时间去寻找它不支持。
If you know of a good combination but are not sure if it is supported on Android please say so, so that I don't end up wasting a whole lot of time to find it is not supported.
推荐答案
欧洲央行是不安全的块加密模式,因为它太容易为64,128,或者输入流中256位数据块被重新使用 - 重复内容presence将在密文立即可见。
ECB is unsafe for block cipher modes, because it is too easy for 64, 128, or 256 bit blocks to be re-used in an input stream -- the presence of repeated content would be immediately visible in the ciphertext.
但是RSA不用于加密的输入流 - 它仅曾经用于加密会话密钥(如你可能在操作的)或签名的消息的输出消化功能。因此,对于RSA ECB模式是好的。
But RSA is not used for encrypting input 'streams' -- it is only ever used for encrypting session keys (as you appear to be doing) or signing the output of message digest functions. So ECB mode for RSA is fine.
使用与RSA的PKCS#1填充方案; PKCS#5填充方案适用于对称密码。
Use the PKCS#1 padding scheme with RSA; PKCS#5 padding scheme is intended for symmetric ciphers.
如果1024密钥对,你可以用最大的RSA(或生成设备上的?),那么很可能128或192位AES是一个类似的风险。根据慢多少256位AES是,我可能会使用它,而不是,只需提供针对AES的攻击算法改进另一个四五年的缓冲。
If 1024 is the largest RSA keypair you can use (or generate on the device?) then probably 128 or 192 bit AES is a similar risk. Depending on how much slower 256-bit AES is, I might use it instead, just to provide another four or five years buffer against algorithmic improvements in AES attacks.
NIST对使用AES指南推荐使用任何的:CBC,CFB,OFB,CTR或模式
NIST's guidelines on using AES recommend using any of: CBC, CFB, OFB, or CTR modes.
同样的指导方针还提到添加 1
和几个 0
位必须完成最后一个块填充机制,所以它应该是足够安全使用。
The same guidelines also mention the 'add 1
and as few 0
bits are required to complete the final block' padding mechanism, so it should be safe enough to use.
但对于这一切,我都用GPGME或OpenSSL的或GNUTLS做所有的工作建议。试图让自己的协议可以是非常微妙的。希望有对Android的某些更高级别的工具包,使签名生成/验证变得更加容易。
But for all this, I have to suggest using gpgme or openssl or gnutls to do all your work. Trying to make your own protocols can be very subtle. Hopefully there's some higher-level toolkits on the Android to make signature generation / verification much easier.
NIST的指导方针: http://csrc.nist.gov /publications/nistpubs/800-38a/sp800-38a.pdf
NIST's guidelines: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
这篇关于数字签名加密推荐组合的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!