加密CryptoJS和解密与php：什么是使用IV？ [英] Encrypting with CryptoJS and decrypt with php: What is the use of the IV?

问题描述

我正在寻找一种方法，加密CryptoJS中的密码，然后在php中解密。我已经看过关于同一主题的其他帖子，但是我需要一个人解释所有的IV和关键的东西。

I am looking for a way, to encrypt a password in CryptoJS and then decrypt it in php. I have looked at other posts concerning the same subject, but I need someone to explain all that IV and key stuff.

我的CryptoJS加密代码：

My CryptoJS encryption code:

password = document.getElementById("usrp").value;
password = CryptoJS.AES.encrypt(password, <?php echo '"'.$_SESSION['adk'].'"'; ?>);

推荐答案

IV

您正在使用需要IV的CBC操作模式。如果您对所有密文使用静态IV，那么您将错过加密的重要属性，即语义安全性。如果您使用相同的IV，攻击者可能会观察您的密文，并确定是否使用相同的密钥发送相同的明文，因为密文将相同。

IV

You're using the CBC mode of operation which requires an IV. If you use a static IV for all your ciphertexts then you miss out on an important property of encryption which is semantic security. If you use the same IV, attackers may observe your ciphertext and determine whether you sent the same plaintext with the same key, because the ciphertext will be the same.

为了防止那你可以为你所做的每个加密生成一个随机的IV。四，不必是秘密，但必须是不可预测的。由于它不必是秘密的，您可以简单地将其添加到密文中，并在解密之前将其分解，或以其他方式发送。解密过程中需要使用IV。否则，第一个块将与原始明文不同。

To prevent that, you can generate a random IV for each encryption you do. The IV doesn't have to be secret, but it has to be unpredictable. Since it doesn't have to be secret, you can simply prepend it to the ciphertext and slice it off before decryption or send it otherwise in a structured fashion. You need to use IV during decryption. Otherwise, the first block will be different from the original plaintext.

请记住，CryptoJS' WordArray.random（）在内部使用不加密安全的 Math.random（）。最好使用更好的随机源。您可以从我的项目中使用此代码替换该功能适用​​于使用WebCrypto API的半现代浏览器：

Keep in mind that CryptoJS' WordArray.random() uses Math.random() internally which is not cryptographically secure. It would be better to use a better randomness source. You can use this drop in replacement from my project of that function for semi-modern browsers which uses the WebCrypto API:

(function(C){
    var WordArray = C.lib.WordArray;
    var crypto = window.crypto;
    var TypedArray = Int32Array;
    if (TypedArray && crypto && crypto.getRandomValues) {
        WordArray.random = function(nBytes){
            var array = new TypedArray(Math.ceil(nBytes / 4));
            crypto.getRandomValues(array);
            return new WordArray.init(
                    [].map.call(array, function(word){
                        return word
                    }),
                    nBytes
            );
        };
    } else {
        console.log("No cryptographically secure randomness source available");
    }
})(CryptoJS);

并使用如下：

var iv = CryptoJS.lib.WordArray.random(128/8);

钥匙

钥匙很棘手，因为它需要保密。基本方法是：

Key

The key is trickier, because it needs to be kept confidential. The basic way is:

让用户键入服务器上也存在的密码，并从密码中导出密钥，例如使用CryptoJS还提供的PBKDF2 。只要您使用TLS，开发人员就不会更改代码，就完全安全。

Let the user type in the password that is also present on the server and derive the key from the password by for example using PBKDF2 which CryptoJS also provides. Perfectly secure as long as you use TLS and the developers don't change the code.

这篇关于加密CryptoJS和解密与php：什么是使用IV？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！