快速,简单易用的对称密码,用于Java中的整数加密 [英] Fast, simple to use symmetric cipher for integer encryption in Java
问题描述
Java中有什么用于具有这些属性的整数加密的密码函数?:
What is in Java a cipher function for integer encryption having these properties?:
- 快速
- 对称密钥算法
- 使用简单(即使用几行代码而不包括外部库)
- < s>可以指定输出长度(例如20个字符)
- Fast
- Symmetric-key algorithm
- Simple to use (i.e. a couple of lines of code to use it and no external library to include)
It is possible to specify the output length (e.g. 20 characters)
我只需要使用它来加密/ decrypt integers。
I need to use it only to encrypt/decrypt integers.
推荐答案
没有外部库的要求会将列表减少为DES,3DES和AES。 DES和3DES的块大小为64位,而AES的块大小为128位。有不同的方面,可以检查这个。
The requirement for no external library reduces the list to DES, 3DES and AES. DES and 3DES have a block size of 64 bits whereas AES has a block size of 128 bits. There are different aspects, one can examine this for.
DES和3DES最适合用于最多为56位宽(非全长)的整数,因为填充的结果将是8字节的单个块。如果加密一个完整的long值,那么将添加一个额外的填充块。
DES and 3DES are best used for integers that are at most 56-bit wide (non-full long), because the result will be a single block of 8 byte, because of padding. If you encrypt a full long value, then an additional padding block will be added.
AES将始终为任何长值的int生成一个16字节的密文。
AES will always produce a 16 byte ciphertext for any int of long value.
根据此分析 AES(Rijndael-128)的速度是DES / 3DES的两倍多,密钥大小更大(更安全)。当CPU支持AES-NI时,AES甚至可以比DES或3DES快得多。所有当前的CPU都支持这一点。这是我从 openssl speed 命令获取的当前结果。
According to this analysis AES (Rijndael-128) is more than twice as fast as DES/3DES with a bigger key size (more secure). AES can be even much faster than DES or 3DES when the CPU supports AES-NI. All current CPUs support this. This is my current result for taken from the openssl speed command.
AES为16字节有效负载达到127MB / s而3DES只能达到27MB / s。 这里是要搜索的数据。
AES achieves 127MB/s for 16 byte payloads whereas 3DES only achieves 27MB/s. Here's the data to poke around.
不要将DES用于任何严重的事情,因为它只有56位密钥(带有奇偶校验的64位密钥)。暴力迫使成本为2 56 。 3DES也不是那么好,因为Brute强制成本是 2 112 。 AES的强制成本是2 128 ,2 192 ,2 256 ,具体取决于使用的密钥大小。
Don't use DES for anything serious, because it only has a 56-bit key (64-bit with parity). Brute forcing cost is 256. 3DES is also not that good, because Brute forcing cost is 2112. Brute forcing cost for AES is 2128, 2192, 2256 depending on the used key size.
可能使用AES:
private final String CIPHER_NAME = "AES/ECB/PKCS5Padding";
private final String ALGORITHM_NAME = "AES"; // keySizes 128, 192, 256
// private final String CIPHER_NAME = "DES/ECB/PKCS5Padding";
// private final String ALGORITHM_NAME = "DES"; // keySize 56
// private final String CIPHER_NAME = "DESede/ECB/PKCS5Padding";
// private final String ALGORITHM_NAME = "DESede"; // keySize 168
byte[] encrypt(SecretKey key, long num) {
BigInteger bignum = BigInteger.valueOf(num);
Cipher cipher = Cipher.getInstance(CIPHER_NAME);
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(bignum.toByteArray());
}
long decrypt(SecretKey key, byte[] ct) {
Cipher cipher = Cipher.getInstance(CIPHER_NAME);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] pt = cipher.doFinal(ct);
BigInteger bignum = new BigInteger(pt);
return bignum.longValue();
}
SecretKey keyGen(String algorithm, int keySize) {
KeyGenerator keygen = KeyGenerator.getInstance(algorithm);
keygen.init(keySize);
return keygen.generateKey();
}
运作模式
这里我使用ECB模式。使用它通常不是一个好主意。它存在一个问题,即使用相同的密钥加密相同的明文会产生相同的密文。这可能不是可接受的财产。如果不可接受,那么您需要使用例如带有新随机IV的CBC模式。随着将通过一个额外的块炸掉密文。
Mode of operation
Here I use ECB mode. It is generally not a good idea to use it. It has a problem that encrypting the same plaintext with the same key results in the same ciphertext. This may not be a property that is acceptable. If it is not acceptable, then you need to use for example CBC mode with a new random IV. With will blow up the ciphertext by an additional block.
这篇关于快速,简单易用的对称密码,用于Java中的整数加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
