IV工作像盐 [英] Does IV work like salt

问题描述

在AES中，我的理解是，盐是使密码更加安全的东西，不会添加到加密文本中。但是， IV 是用于加密第一个消息块的东西，将被加入到加密文本中。

In AES, my understanding is that salt is the stuff to make the passphrase more secure and it wont be added into encrypted text. But IV is the stuff used to encrypt the first block of message and will be added into the encrypted text.

我有什么问题吗？

推荐答案

AES本身不直接使用盐（或者确实是IV）。

AES itself does not directly use a salt (or indeed, an IV).

当您使用盐与AES结合使用时，当您使用基于密码的加密（PBE）时。在该方案中，使用人类可记忆的密码与盐组合以产生AES密钥。使用盐，以便相同的密码不总是产生相同的密钥;然而，由于收件人必须能够生成正确的密钥，所以必须与加密数据一起传输盐。

A situation when you might use a salt in combination with AES is when you are using Password Based Encryption (PBE). In this scheme, a human-memorizable password is used, in combination with a salt, to generate an AES key. A salt is used so that the same password does not always generate the same key; however, because the recipient must be able to generate the correct key, the salt must be transmitted along with the encrypted data.

如果您使用AES，则需要IV某些块密码模式，如CBC。在这种情况下，它用于确保相同密钥下的相同明文数据不总是加密到相同的密文。再次，收件人需要IV来正确解密数据，所以它必须与加密的数据一起传输。

An IV is required if you are using AES in certain block cipher modes, like CBC. In this case, it used to ensure that the same plaintext data under the same key does not always encrypt to the same ciphertext. Again, the IV is required by the recipient to correctly decrypt the data, so it must be transmitted along with the encrypted data.

所以，如果你使用PBE与AES以CBC模式作为基础密码，您将期望同时发送PBE盐和CBC IV以及加密数据。

So, if you are using PBE with AES in CBC mode as the underlying cipher, you would expect to have to send both a PBE salt and a CBC IV along with the encrypted data.

这篇关于IV工作像盐的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！