对称整数到整数加密 [英] Symmetric integer to integer encryption
问题描述
我需要一些指针或一个关于如何将int加密到另一个int的实际示例,并且需要一个秘密密钥来解密该值。
:
encrypt(1,secret key)== 67123571122
decrypt(67123571122,secret key) == 1
这个人问同样的问题:整数的对称双体形式算法
但是我是一个总加密n00b我想要一些更实用例如,如果可能的话,在python中。
我明白我需要使用某种块密码,但我很失落的是保持加密结果仍然是数字和有点短(可能长而不是int)
任何指针?谢谢
更新 -
为什么要这样做?
我有一个Web服务每个对象获取一个URL,例如:
example.com/thing/123456 /
现在,这些ID是连续的。我想隐藏它们是连续的(数据库ID)的事实。
这些页面上的东西不是最高机密,或者是这样的东西,但它应该在某些其他随机的对象中,只要增加该URL中的ID,就可以轻松地窥探其他随机对象。
所以使用某种双向数字加密,URL ID根本就不是连续的,而且需要一段时间才能找到更多的这些对象。 (另外,请求被限制)
我想保留这个数字而不是一个任意字符串的唯一原因是这个更改是一个总的替换,而且事情只会在没有其他代码更改的情况下工作。
此外,我不能只生成新的随机数据库ID。我必须在应用程序中处理这个加密/解密。
这取决于你想要的加密方式。对于不是很安全的(在加密的意义上 - 如果你真的不期待严重的攻击,可能很适合日常使用),那么使用固定密钥的XOR将会起作用。只要知道它将容易受到一些相当基本的密码分析。
如果你想要真正的加密,你可能必须使用像RC4这样的流密码。您可以抓取32位密钥流,并将其与您的值进行异或加密。只要您为每个值获得新的32位密钥流即可。
然而,RC4有一些注意事项,因此请先阅读。 / p>
在这种情况下,块密码不会是您的朋友,因为它们都具有64位或更多的块大小。这意味着你需要将你的32位整数填充到64位,你会得到64位回退...但是你不能选择要保留的32位。您将无法仅使用一半的位解密。如果你很乐意移动到longes,那么你可以使用3DES或Blowfish。
这一切都取决于你正在加密什么,为什么,所以很难给出确定答案至少,我希望这能给出从哪里开始的想法。
I need some pointers or a practical example on how to encrypt an int to another int, and a secret key would be required to decrypt the value.
Something like:
encrypt(1, "secret key") == 67123571122
decrypt(67123571122, "secret key") == 1
This guy asks pretty much the same question: Symmetric Bijective Algorithm for Integers
however me being a total encryption "n00b" I would like some more practical examples, in python if possible.
I understand I need to use some kind of block cipher, but I'm pretty lost on the part about keeping the encrypted result still be numeric and somewhat short (maybe a long instead of an int)
Any pointers? Thanks
UPDATE-
Why do I want to do this?
I have a web service where each "object" gets a URL, e.g.:
example.com/thing/123456/
Right now, those IDs are sequential. I want to hide the fact that they're sequential (database IDs).
The stuff on those pages is not "top secret" or anything like that, but it shouldn't be as easy for someone to snoop in some other random' object as just incrementing that ID in the URL.
So with some kind of two-way numeric encryption, the URL IDs will not be sequential at all, and it would take someone quite a bit of time to find more of these objects. (Additionally, requests are throttled)
And the only reason I want to keep this numeric instead of an arbitrary string is so that the change is a total drop-in replacement, and things will just work without any other code changes.
Also, I can't just generate new random database IDs. I have to handle this encrypt/decrypt in the application.
It depends how cryptographically secure you want to be. For not-very-secure (in the crypto sense - probably fine for everyday use if you don't really expect serious attack) then XOR with a fixed secret key will work. Just be aware that it will be vulnerable to some fairly basic cryptanalysis.
If you want real encryption, you'll probably have to use a stream cipher like RC4. You can grab 32 bits of keystream and XOR it with your value to encrypt it. As long as you get a new 32 bits of keystream for each value you'll be fine.
RC4 has some caveats, however, so read up on it first.
Block ciphers will not be your friend in this case as they all have block sizes of 64 bits or more. This means you need to pad your 32 bit integer to 64 bits and you'll get 64 bits back out...but you can't choose which 32 to keep. You won't be able to decrypt it with only half the bits. If you're happy to move to longs then you can use 3DES or Blowfish.
It all depends on exactly what you are encrypting and why, so it's hard to give a definitive answer. I hope this gives an idea of where to start, at least.
这篇关于对称整数到整数加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
