对称整数到整数加密 [英] Symmetric integer to integer encryption
问题描述
我需要一些指针或一个关于如何将int加密到另一个int的实用示例,并且需要一个密钥来解密该值。
:
encrypt(1,secret key)== 67123571122
decrypt(67123571122,secret key) == 1
这家伙提出了同样的问题:http://stackoverflow.com/questions/3131193/symmetric-bijective-algorithm-for-integers
$ b $然而我是一个完全加密n00b我想要一些更实用的例子,在python如果可能。
我明白我需要使用某种块密码,但是我很遗憾,保持加密的结果仍然是数字和有点短(也许一个长而不是一个int)。
任何指针?感谢
UPDATE-
为什么要这样做?
我有一个网络服务每个对象获取一个URL,例如:
example.com/thing/123456 /
现在,这些ID是连续的。我想隐藏它们是顺序(数据库ID)的事实。
这些页面上的东西不是绝密或类似的东西,但它应该对于某人来说,在某些其他随机的对象中窥探就像在URL中增加该ID一样容易。
因此,通过某种双向数字加密,URL ID将不会是连续的,而且需要花费一些时间才能找到更多的这些对象。 (另外,请求被限制)
我想保留这个数字而不是任意字符串的唯一原因是,更改是一个总的替换,而且事情只是工作,没有任何其他代码更改。
此外,我不能只生成新的随机数据库ID。我必须在应用程序中处理这个加密/解密。
这取决于你想要的加密安全。对于不是非常安全的(在加密的意义上 - 可能很好的日常使用,如果你真的不期望严重的攻击),然后XOR与固定的密钥将工作。只要注意,它将容易受到一些相当基本的密码分析。
如果你想真正的加密,你可能需要使用流密码,如RC4。你可以抓住32位的密钥流和XOR它的值加密它。只要你为每个值得到一个新的32位的密钥流,你会很好。
RC4有一些注意事项,所以先读一下。 / p>
在这种情况下,块密码不会是你的朋友,因为它们都有64位或更多的块大小。这意味着你需要将你的32位整数填充到64位,你会得到64位退出...但你不能选择保留32。你将无法解密它只有一半的位。如果你愿意移动到longs,那么你可以使用3DES或Blowfish。
这取决于你正在加密什么,为什么,所以很难给最终答案。我希望这给出了从哪里开始,至少。
I need some pointers or a practical example on how to encrypt an int to another int, and a secret key would be required to decrypt the value.
Something like:
encrypt(1, "secret key") == 67123571122
decrypt(67123571122, "secret key") == 1
This guy asks pretty much the same question: http://stackoverflow.com/questions/3131193/symmetric-bijective-algorithm-for-integers
however me being a total encryption "n00b" I would like some more practical examples, in python if possible.
I understand I need to use some kind of block cipher, but I'm pretty lost on the part about keeping the encrypted result still be numeric and somewhat short (maybe a long instead of an int)
Any pointers? Thanks
UPDATE-
Why do I want to do this?
I have a web service where each "object" gets a URL, e.g.:
example.com/thing/123456/
Right now, those IDs are sequential. I want to hide the fact that they're sequential (database IDs).
The stuff on those pages is not "top secret" or anything like that, but it shouldn't be as easy for someone to snoop in some other random' object as just incrementing that ID in the URL.
So with some kind of two-way numeric encryption, the URL IDs will not be sequential at all, and it would take someone quite a bit of time to find more of these objects. (Additionally, requests are throttled)
And the only reason I want to keep this numeric instead of an arbitrary string is so that the change is a total drop-in replacement, and things will just work without any other code changes.
Also, I can't just generate new random database IDs. I have to handle this encrypt/decrypt in the application.
It depends how cryptographically secure you want to be. For not-very-secure (in the crypto sense - probably fine for everyday use if you don't really expect serious attack) then XOR with a fixed secret key will work. Just be aware that it will be vulnerable to some fairly basic cryptanalysis.
If you want real encryption, you'll probably have to use a stream cipher like RC4. You can grab 32 bits of keystream and XOR it with your value to encrypt it. As long as you get a new 32 bits of keystream for each value you'll be fine.
RC4 has some caveats, however, so read up on it first.
Block ciphers will not be your friend in this case as they all have block sizes of 64 bits or more. This means you need to pad your 32 bit integer to 64 bits and you'll get 64 bits back out...but you can't choose which 32 to keep. You won't be able to decrypt it with only half the bits. If you're happy to move to longs then you can use 3DES or Blowfish.
It all depends on exactly what you are encrypting and why, so it's hard to give a definitive answer. I hope this gives an idea of where to start, at least.
这篇关于对称整数到整数加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
