是否可以用64位I/O块大小实现AES? [英] Is it possible to implement AES with a 64-bit I/O block size?
问题描述
我正在处理具有非常特定的加密要求的应用程序:
我们需要对单个64位值进行加密/解密,以保护我们内部体系结构的某些部分免于通过公共Web终结点进行逆向工程.
I'm working on an application with a very specific encryption requirement:
We are required to encrypt/decrypt individual 64-bit values, to protect certain parts of our internal architecture from reverse engineering through our public web endpoints.
问题是,现有的64位加密方法(例如3DES)不够安全,无法满足我们的要求(据我所知).
它们的性能也比AES慢,这是另一个痛点.
The problem is, the existing 64-bit encryption methods (such as 3DES) are not secure enough to meet our requirements (as far as I know).
They also perform slower than AES, which is another painpoint.
我的问题是,我们可以用64位块对输入和输出实施AES吗?
我们是否必须创建一个经过修改的AES算法?(如果这样做的话,这不是一个总的破坏交易的行为.)
My question is, can we feasibly implement AES with a 64-bit block for input and output?
Would we have to create a modified AES algorithm? (Not a total deal-breaker if we do.)
推荐答案
AES仅针对128位块大小定义.如果有一种减小块大小的方法,那就不再是AES了.分组密码不是确定可以加密内容的唯一内容.操作模式决定了分组密码的实际应用方式.
AES is defined only for 128-bit block sizes. If there would be a way to reduce the block size, it wouldn't be AES anymore. The block cipher is not the only thing that determines what you can encrypt. The mode of operation determines how the block cipher is actually applied.
If you have a limited size plaintexts, you can use AES in a streaming mode such as CTR mode (which encrypts a counter and XORs the resulting block with the plaintext). Ciphertexts in this mode have the exact length as the plaintext. The only problem is that for it to be secure, the nonce (IV) must be unique for every ciphertext under the same key. If your system can keep track of the nonces (they can be simple 96-bit global counters or even 128-bit global counters if the plaintexts are never longer than 128-bit), then you should be able to fulfill your requirement.
点击率加密:
这篇关于是否可以用64位I/O块大小实现AES?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
