加密算法如何知道它们是否具有正确的密钥 [英] How do encryption algorithms know if they have the right key
问题描述
例如,我想发送 plainText = new byte [] {2,5 ,1,6,7} 到bob。
如果我使用AES加密或另一个熟知的算法,那么我将具有:
cipherText = Aes.Encrypt(plainText,key,iv); //现在我有一些密码文本,如果没有密钥和iv向量,对任何人都不可读。
如果有人想要解密该消息,那么他们将必须执行以下操作:
newPlainText = Aes.Decrypt(cipherText,key,iv);
现在我的问题是AES如何知道您输入的是正确的键?我认为有一个算法是不安全的,它不会立即进行暴力攻击。换句话说,如果黑客知道你使用AES,它可以继续尝试很多密码,直到方法Aes.Decrypt 也不例外。现在考虑这个算法:
让我说我想发送相同的字节数组 {2,5,1,6,7} 到bob。我的加密算法可能如下所示:
password is =securePassword;
在我的纯文本上,并对XOR运算符对每个字符的ASCII值进行密码验证。例如,第一个字节将为 2 Xor(ASCII值为's')然后下一个值将为 5 Xor(ASCII值为'e ')最后我会得到 {2 Xor's',5 Xor'e',1 Xor'c',6 Xor'u',7 Xor 'r'} 这个算法的好处是,如果你有正确的键,你永远不会现在!
使用这个算法,不可能知道你是否有写密钥,这使得我不可能相信破译它。如果您使用熟知的算法,如果您的密码不长,您将立即进行暴力攻击。
* 所以我的问题是众所周知的对称加密算法如AES是否知道你输入的是正确的密钥?有一个算法,你不知道你是否提供正确的密钥将不会更安全吗? *
加密算法不知道输入键是否正确或不!该算法只需使用任意密钥进行精细解密;如果您使用错误的密钥,它将最终会被垃圾丢弃。使用加密的应用程序可能能够在完成后检测到这一点,因为解密的消息可能会有无效的填充或其他方式的格式错误,但是AES本身永远不会抛出异常。
您所描述的算法是一次性填充。它的致命缺点是它的密钥必须至少与消息一样长,并且永远不能重复使用 - 如果相同的密钥与两个消息一起使用,则两个消息 A⊕K 和 B⊕K 可以被异或在一起产生 A⊕K⊕B⊕K = A⊕B - 现在已经从消息中删除了密钥,并且可能会猜测这些消息是从哪里。
I know it is a bad idea to try to implement your own encryption algorithms. Here is one reason why I think it is not:
For example let's say I want to send plainText = new byte[]{2,5,1,6,7} to bob.
If I use AES encryption or another well know algorithm then I will have:
cipherText = Aes.Encrypt(plainText, key, iv); // now I have some cipher text that is not readable to anyone if they do not have the key and iv vector.
if someone wants to decrypt that message then they will have to do something like:
newPlainText = Aes.Decrypt(cipherText, key, iv);
Now my question is how does AES knows if you entered the right key? I think it will be more secure to have an algorithm where it is not prompt to brute force attacks. In other words if the hacker knows you used AES it can keep trying a lot of passwords until the method Aes.Decrypt thorws no exception. Now consider this algorithm:
lets say I want to send the same byte array {2,5,1,6,7} to bob. My encryption algorithm may look like:
password is = "securePassword";
I will iterate though each byte on my plain text and do the Xor operator on the ASCII value of each character on the password. For instance the first byte will be 2 Xor (ASCII value of 's') then the next value will be 5 Xor (ASCII value of 'e') at the end I will end up with {2 Xor 's', 5 Xor 'e', 1 Xor 'c', 6 Xor 'u', 7 Xor 'r'} The nice thing about this algorithm is that you will never now if you have the right key!
with this algorithm it is not possible to know if you have the write key which makes it impossible I believe to decipher it. If you use the well know algorithms you are prompt to a brute force attack if your password is not to long.
*So my question is how does well known symmetric encryption algorithms such as AES knows if you entered the right key? Having an algorithm where you don't know if you supply the right key will not be more secure? *
The encryption algorithm doesn't know whether the input key is correct or not! The algorithm works just fine decrypting with any key; it'll just end up with garbage if you use the wrong key. The application using the encryption may be able to detect this once it's done, because the decrypted message will probably have invalid padding or will be malformed in other ways, but AES itself will never "throw an exception".
The algorithm you're describing is a one-time pad. Its fatal flaw is that its keys must be at least as long as the message, and can never be reused -- if the same key is used with two messages, then the two messages A ⊕ K and B ⊕ K can be XORed together to yield A ⊕ K ⊕ B ⊕ K = A ⊕ B -- the key has now been removed from the messages, and it may be possible to guess what the messages are from this.
这篇关于加密算法如何知道它们是否具有正确的密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
