HMAC解决方案中密钥的使用(最佳/最佳实践)是什么? [英] What to use (best/good practice) for the secret key in HMAC solution?
问题描述
我正在根据另一家公司向我提供的规范实施类似HMAC的解决方案。散列参数和密钥的使用不是问题,密钥本身的分布也不是问题,因为我们处于密切联系和密切的地理位置。
然而 - 真正的秘密密钥价值的最佳做法是什么?
由于两家公司正在合作,看起来像是
c9ac56dd392a3206fc80145406517d02
用Rijndael算法生成并且
Daisy Daisy给我你的答案do
都是非常安全的(在这种情况下)作为用于添加到散列的密钥?
HMAC的加密强度取决于基础散列函数的密码强度,散列输出的大小和siz e和密钥的质量。
这意味着完全随机的密钥(每个位随机生成)比字符集更好。
密钥的最佳大小等于块大小。如果密钥太短,则通常用零填充(这不是随机的)。如果密钥太长,则使用其散列函数。哈希输出的长度无论如何都是块大小。
使用可见字符作为关键字使得关键字更易于猜测,因为可见字符的组合少得多允许每个可能的位组合。例如:
ASCII中有95个可见字符(256个组合)。如果块大小为16字节(HMAC_MD5),则有95 ^ 16 = = 4.4 * 10 ^ 31个组合。但是对于16个字节有3.4 * 10 ^ 38个可能性。攻击者知道密钥只包含可见的ASCII字符,因此知道他比需要考虑每个可能的位组合需要大约10 000 000次的时间。
总结我建议使用加密伪随机数字生成器来生成密钥,而不是使用自己的密钥。
编辑:
正如martinstoeckli所建议的,如果您不得不使用密钥派生函数从文本密码生成指定长度的字节密钥。这比将纯文本转换为字节并将这些字节直接用作密钥要安全得多。尽管如此,没有比由随机字节组成的密钥更安全的了。
I am implementing a HMAC-like solution based upon specifications provided to me by another company. The hashing parameters and use of the secret key is not an issue, and neither is the distribution of the key itself, since we are in close contact and close geographical location.
However - what is best practice for the actual secret key value?
Since both companies are working together, it would seem that
c9ac56dd392a3206fc80145406517d02
generated with a Rijndael algorithm and
Daisy Daisy give me your answer do
are both pretty much equally secure (in this context) as a secret key used to add to the hash?
Citing Wikipedia page on HMAC:
The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and on the size and quality of the key.
This means that completely random key, where every bit is randomly generated, is far better than set of characters.
The optimum size of the key is equal to block size. If the key is too short then it is padded usually with zeroes (which are not random). If the key is too long then its hash function is used. The length of hash output is anyway block size.
Use of visible characters as a key makes the key easier to guess as there are far less combinations of visible characters than if we allow for every possible combination of bits. For example:
There are 95 visible characters in ASCII (out of 256 combinations). If the block size is 16 bytes (HMAC_MD5) then there are 95^16 ~= 4.4*10^31 combinations. But for 16 bytes there are 3.4*10^38 possibilities. Attacker knowing that the key consists only of visible ASCII characters knows that he requires around 10 000 000 times less time than if he had to consider every possible combination of bits.
Summarizing I recommend use of cryptographic pseudo-random number generator to generate secret keys instead of coming up with your own keys.
Edit:
As martinstoeckli suggested if you have to you can use key-derivation-function to generate byte key of specified length from text password. This is much safer than converting plain text to bytes and using these bytes as a key directly. Nevertheless, there is nothing more secure than key consisting of random bytes.
这篇关于HMAC解决方案中密钥的使用(最佳/最佳实践)是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
