我应该如何创建我的DES密钥?为什么一个7个字符的字符串不够用? [英] How should I create my DES key? Why is an 7-character string not enough?
问题描述
byte [] 我的加密工作。如果我使用7位数的密码,它不会。 现在,原谅我,如果我错了,但是因为ASCII字符是7位,因此8 * 7 = 56bits?
对我来说似乎不正确。如果我想使用一个密钥,为什么我不能通过我的密钥的密码哈希,即一个MD5哈希?
我确定这是非常简单,但是我不能清楚地了解发生了什么。
每个算法被设计为接受某个键长度。关键是作为算法的一部分使用,因此不能随心所欲。
常用的关键字是:
- DES:56位密钥
- AES:128-256位密钥(常用值为128,192和256)
- RSA(不对称加密):1024,2048,4096位键
一个数字, code> 1234567 只是一个4字节的变量。关键是预期是一个字节数组,例如1234567(可隐式转换为C中的一个)或{'1','2','3' ,'4','5','6','7'}。
如果你想将你的盐密钥的MD5哈希传递给DES,你应该使用一些关键的压缩技术。例如,您可以使用前7个字节(有些不太理想),或在MD5哈希(使用已知的常量密钥)上执行DES加密,并将除最后一个字节之外的所有字节作为DES操作的关键。
编辑:我在说的DES是根据NIST发布的标准的实现。它可能是(如上所述),您的特定API期望对密钥的长度有不同的要求,并从中得到最终的7个字节的密钥。
I'm having a bit of difficulty getting an understand of key length requirements in cryptography. I'm currently using DES which I believe is 56 bits... now, by converting an 8 character password to a byte[] my cryptography works. If I use a 7 digit password, it doesn't.
Now, forgive me if I'm wrong, but is that because ASCII characters are 7 bits, therefor 8 * 7 = 56bits?
That just doesn't seem right to me. If I want to use a key, why can I not just pass in a salted hash of my secret key, i.e. an MD5 hash?
I'm sure this is very simple, but I can't get a clear understanding of what's going on.
Each algorithm is designed to accept a certain key length. The key is used as part of the algorithm, and as such, can't be whatever your heart desires.
Common key sizes are:
- DES: 56bit key
- AES: 128-256bit key (commonly used values are 128, 192 and 256)
- RSA (assymetric cryptography): 1024, 2048, 4096 bit key
A number, such as 1234567 is only a 4-byte variable. The key is expected to be a byte array, such as "1234567" (implicitly convertible to one in C) or `{ '1', '2', '3', '4', '5', '6', '7' }.
If you wish to pass the MD5 hash of your salted key to DES, you should use some key compression technique. For instance, you could take the top 7 bytes (somewhat undesirable), or perform DES encryption on the MD5 hash (with a known constant key), and take all but the last byte as the key for DES operation.
edit: The DES I'm talking about here is the implementation per the standard released by NIST. It could so be (as noted above), that your specific API expects different requirements on the length of the key, and derives the final 7-byte key from it.
这篇关于我应该如何创建我的DES密钥?为什么一个7个字符的字符串不够用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
