如何使IvParameterSpec随机但仍然解密 [英] How to make IvParameterSpec random but still decrypt

问题描述

对于Java中的加密... http：//cwe.mitre。 org / data / definitions / 329.html 表示初始化向量应该每次都是不同的，但是如果我使用不同的IV进行解密而不是我用于加密的那个，我会得到垃圾字符而不是数据I

For Encryption in Java... the article at http://cwe.mitre.org/data/definitions/329.html states that the Initialization Vector should be different each time, but if I use a different IV to decrypt than the one I used to encrypt, I get garbage characters instead of the data I expected.

在一台服务器上加密的正确方法是什么，而在另一台服务器上进行解密而不必在服务器之间来回传递IV？

What is the proper way to encrypt on one server and decrypt on another without having to communicate the IV back and forth in between servers?

常见的技术似乎是对一个字节数组进行硬编码，但据说这是不安全的。

The common technique seems to be to hardcode a byte array, but supposedly that's insecure???

推荐答案

相信一个IV就像一个盐 - 这不是一个秘密，它只是用来引入一个额外的随机元素，以便使用相同密钥加密的相同消息每次都会出现不同的。

I believe an IV is like a salt - it's not a secret, it's just used to introduce an extra element of randomness so that the same message encrypted with the same key still comes out differently each time.

所以你可以传输用于加密的IV作为加密值的一部分，就像你把盐和哈希一样存储在一个散列值。

So you can transmit the IV used to encrypt as part of the encrypted value, just like you'd store the salt along with a hash for a hashed value.

当然，我可能完全不正确...

Of course, I could be completely incorrect...

这篇关于如何使IvParameterSpec随机但仍然解密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！