如何使用密码和Java加密/解密12位十进制数到其他的十进制数？ [英] How can I encrypt/decrypt 12-digit decimal numbers to other ones, using a password and Java?

问题描述

我已经阅读了使用Java加密整数和使用密码加密DES使用通配短语。

我需要的是一个简单的Encrypter，它将12位数字转换为12位数字，具有以下限制：

All I need is a simple Encrypter which transforms a 12 digit number to a 12 digit number with the following constraints:

1. 加密必须依赖于一个密码（在应用程序的整个生命周期内都是不变的），而没有其他的。


2. 映射必须是1-1（没有哈希和多个输入给出相同的输出反之亦然）。


3. 映射不能在不同的VM之间或启动VM时（如重新启动Java时，实用程序应该提供相同的映射，这意味着它必须是纯粹的取决于提供的密码）


4. 以0开头的数字不是有效的12位数字（也在输入数字不能以0开头。


5. 密钥/密码永远不可猜测。例如运行具有多个输入的实用程序并分析输出不应允许人们猜测键/ pwd / hash或其他任何内容。


6. 所有输入将完全为12位数且小于12数字素数（这意味着我们可以使用模数运算）。

1. The encryption must depend on a password (which will be constant throughout the life time of an application) and nothing else.
2. The mapping must be 1-1 (No hashing and multiple inputs giving same output and vice versa).
3. The mapping must not change between different VMs or when VM is started (like when you restart Java, the utility should give you same mappings which means that it must be purely dependent on the password that is supplied).
4. Numbers starting with 0 is not a valid 12 digit number (also input numbers won't start with 0).
5. The key/password should never be guessable. For example running the utility with multiple inputs and analysing the outputs should not allow one to guess the key/pwd/hash or whatever.
6. All inputs will be exactly 12 digits and less than a 12 digit prime number (which means we could use modulo arithmetic).

浏览文献我有这个代码我

Having trawled through the literature I have this code with me

public void mytestSimple(long code, String password) throws Exception {
    SecretKey key = new SecretKeySpec(password.getBytes(), "DES");
    Cipher ecipher = Cipher.getInstance("DES");
    ecipher.init(Cipher.ENCRYPT_MODE, key);
    System.out.println(ecipher.getOutputSize(8));

    byte[] encrypted = ecipher.doFinal(numberToBytes(code));
    System.out.println(encrypted + "--" + encrypted.length);

    Cipher dcipher = Cipher.getInstance("DES");
    dcipher.init(Cipher.DECRYPT_MODE, key);
    byte[] decrypted = dcipher.doFinal(encrypted);
    System.out.println(bytesToNumber(decrypted) + "--" + decrypted.length);
}

public void testSimple() throws Exception {
    mytestSimple(981762654986L, "password");
}

我遇到了

1. 如何将16个字节转换为12位数字。


2. 维护1-1映射。

****我在下面添加的答案****

**** Answer added by me below****

我添加了一个答案，这是一个40bit的RSA，从标准的Java RSA关键字代码逻辑中抽出来。我还需要处理边缘案件。我会接受答案，并提出Tadmas，我认为这有可能导致我的答案。有人可以告诉我我的算法是否会弱/可攻击？

I have added one answer which is a 40bit RSA pulled out of standard Java RSA keypair gen logic. I still have to work on the edge cases. I am going to accept the answer and upvote "Tadmas" who I think kinda lead me to the answer. Can someone tell me if my algorithm is going to be weak/attackable?

推荐答案

我认为Tadmas下面给出的答案是有帮助，我希望你们下面黑客/欺负我的实现。正如Tadmas指出的，我的所有数字都是40位（12位数字是10 ^ 12，大约是2 ^ 40）。

Me thinks the answer given below by Tadmas was very helpful and I want you guys to hack/bully my implementation below. As Tadmas points out all my numbers are 40 bits (12 digit number is 10^12 which is 2^40 approx).

我复制了sun.security.rsa。 RSAKeyPairGenerator（链接），并为40位RSA算法创建了自己的生成器。标准的一个需要512-1024位，所以我删除了它周围的输入检查。一旦我创建一个合适的n，e，d值（e似乎是65537根据alog）。以下代码服务正常，

I copied the sun.security.rsa.RSAKeyPairGenerator (link) and created my own generator for a 40 bit RSA algorithm. The standard one needs between 512-1024 bits so I removed the input check around it. Once I create a suitable n, e, d values (e seems to be 65537 as per the alog). The following code served fine,

public void testSimple() throws NoSuchAlgorithmException {
    MyKeyPairGenerator x = new MyKeyPairGenerator();
    x.initialize(40, new SecureRandom("password".getBytes()));

    MyPublicPrivateKey keypair = x.generateKeyPair();
    System.out.println(keypair);

    BigInteger message = new BigInteger("167890871234");
    BigInteger encoded = message.modPow(keypair.e, keypair.n);
    System.out.println(encoded); //gives some encoded value
    BigInteger decoded = encoded.modPow(keypair.d, keypair.n);
    System.out.println(decoded); //gives back original value
}

缺点

1. 编码可能不总是12位数字（有时可能以0开头，这意味着只有11位数字）。我正在考虑在前面填零0，并在开始时添加一些CHECKSUM数字，这可以减轻这个问题。所以一个13位数总是...


2. 40位RSA弱于512位（不仅仅是512/40倍，而是指数级的倍数）。你可以让专家指出一个40bit RSA相对于512位RSA的安全性的链接（我可以在wiki看到一些东西，但是不能具体地确认攻击的可能性）？任何链接（维基？）的概率/尝试攻击RSA作为N的函数的尝试次数将是非常好的！

这篇关于如何使用密码和Java加密/解密12位十进制数到其他的十进制数？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！