Java加密ivSpec是否随机? [英] Java encryption ivSpec random or not?
问题描述
我正在尝试发送一个加密的文本与每个HttpResponse,当我得到下一个HttpRequest加密的文本,我解密它做一些东西:)与它。
我很好奇关于密钥和ivSpec(或nonce)的存储/检索的最佳实践,但特别看看由@sherif所发布的代码关于@VoidPointer的建议,请参阅如何加密Java中的String ,
b)如果是这样,我们是否将生成的ivSpec存储在某些数据库中,并在需要使用该协议进行解密时查找它?
c)如果是,我们如何查找?当需要解密加密字符串时,如何从db中选择正确的ivSpec?
d)一个建议是发送ivParameter以及加密的字符串!本身(这可能是 @sherif的实现发生的情况)!) 。如果我们选择这样做,我如何修改@sherif提供的类来解密并分离iv参数和加密字符串,而不是在初始化解密密码时提供iv参数?
A。如果不更改向量,则每次加密相同的字符串时,都会得到相同的加密结果。
通过每次更改IV,您可以使每个加密输出看起来都不同(即使是相同的输入)。
将它当作您使用密码时所使用的盐。
所以在正常情况下,最好使用随机的iv 。
B& C。你需要看看IV,是的。但将其存储到数据库中并不是很有用。你已经有一个秘密存储的信息:这是密码。 IV只是在这里增加随机性,不需要保留,推出输出。
D。发送它是通常的方式去。
一种方法是在输出开始时连接它。 (输出= IV +加密数据)。然后在解密之前首先分割输入(IV = 32个第一个字节的输入)并解密其余的(crypt_data_to_decrpt =字节32之后的输入)
另一种方法是常数IV和开头的随机部分:
你只需使用一个NUL字符串作为IV。
然后加密32个字节的纯随机垃圾
然后加密您的输入。 (当使用良好的加密方法时,应始终产生不同的加密输出,因为开始是不同的)。
对于解密,您使用相同的空IV,然后解密所有内容。你一开始就忽略32bytes。你拆分,只有32位之后的字节。这是你解密的输出。
I am trying to send an encrypted text with each HttpResponse and when I get the next HttpRequest with the encrypted text, I decrypt it and do some stuff :) with it.
I am curious about the best practices surrounding the storage/retrievel of the keys and ivSpec's (or nonce's) in general, but specifically looking at the code posted by @sherif based on @VoidPointer 's suggestions in How to encrypt String in Java,
a) Do we have to initialize ivSpec with random bytes for each string that I want to encrypt?
b) If so, do we store the generated ivSpec in some db and look it up when I need to decrypt using that?
c) If so, how do we look it up? When an encrypted string needs to be decrypted how do we pick the correct ivSpec from db?
d) One suggestion is to send ivParameter along with the encrypted string! itself (which is probably what is happening with @sherif 's implementation!). If we chose to do so, how can I modify the class provided by @sherif to decrypt and separate the iv parameter and encrypted string instead of providing the iv parameter while initializing decrypt cipher?
A. If you do not change the vector, each time you encrypt the same string, you get the same encrypted result. By changing the IV each time, you make it so that every single encrypted output looks different (even if it's the same input). Think of it as a the "salt" you use when you are hashing a password.
so under normal circumstances it would be desirable to use a random iv.
B&C. You need to look the IV up, yes. But storing it into a DB isn't very useful. You already have a piece of information that you keep stored secretly: that's the password. IV is just here to increase randomness, no need to keep it, push it out with the output.
D. Sending it is the usual way to go.
One way is to concatenate it at the beginning of the ouput. (output = IV + encrypted data). Then before decrypting first split the input (IV = 32 first bytes of input) and decrypt the rest (crypt_data_to_decrpt = input after byte number 32)
Another way is to have a constant IV and a random part at the beginning: you simply use a string of NUL byte as an IV. Then you encrypt 32 bytes of pure random garbage Then you encrypt your input. (When using a good encryption method, this should always produce a different encrypted output because the beginning was different). For decryption, you use the same empty IV, then you decrypt everything. You ignore the 32bytes at the beginning. You split and only take the bytes after the 32nd. That's your decrypted output.
这篇关于Java加密ivSpec是否随机?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
