AES 并不等于Rijndael

2019-02-24  本文已影响1人  siriusing

AES 并不等于Rijndael。

php 实现AES 加密解密

AES 的定义:

AES的区块长度固定为128比特,密钥长度则可以是128,192或256比特;

Rijndael使用的密钥和区块长度均可以是128,192或256比特。加密过程中使用的密钥是由Rijndael密钥生成方案产生。

大多数AES计算是在一个特别的有限域完成的。

AES不等于“Rijndael”,AES是Rigndael的子集。

PHP提供了Rijndael 算法的一般实现,PHP mcrypt 无意中做了误导,很多用户认为MCRYPT_RIJNDAEL_256 的256是加密强度,其实他只是设置了算法的block size.

The AES encryption standard is defined as Rjindael encryption (128-bit, 192-bit, or 256-bit) using a block size of 16 bytes.
Chilkat implements the AES encryption standard.

When you specify MCRYPT_RIJNDAEL_256 in PHP, you are NOT setting the encryption strength to 256-bits. You are setting the block size to 256 bits. This is NOT AES encryption. To properly produce 256-bit AES encryption in PHP, you must provide a 32-byte encryption key (which implicitly sets the encryption strength), but the block size must be set to MCRYPT_RIJNDAEL_128 (16 bytes).

在PHP中实现256-bit AES算法,必须提供32位的密匙(设置加密强度),但block size 必须设置为128 bytes.

参考 PHP AES/Rijndael Encryption Confusion

The Rijndael encyrption algorithm is a block cipher. It operates on discrete blocks of data. Padding MUST be added such that the data to be encrypted has a length that is a multiple of the block size.(PHP pads with NULL bytes)

Rijndael 是分组加密算法,需要对数据做填充以使得数据长度是块大小的整数倍

CBC mode requires an initialization vector. The size of the IV (initialization vector) is always equal to the block-size. (It is NOT equal to the key size.) Given that our block size is 128-bits, the IV is also 128-bits (i.e. 16 bytes). Thus, for AES encryption, the IV is always 16 bytes regardless of the strength of encryption.

IV 的size和block-size 一样

上一篇下一篇

猜你喜欢

热点阅读