英文:
Need aes cipher function allow input [6]byte
问题
背景
需要一个能够对[6]byte进行编码和解码的密码。标准函数aes.NewCipher
不允许这样做,因为它的块大小定义为16字节。
不能简单地将6字节填充到16字节。我需要将[6]byte打印为条形码,并在远程使用条形码进行编码和解码。
代码
以下代码可以在Go Playground中运行:
// You can edit this code!
// Click here and start typing.
package main
import (
"bytes"
"crypto/aes"
"fmt"
)
func main() {
plain := []byte("4512wqdeqwbuobouihodqwbuo")[:6]
encrypt := make([]byte, 6)
plain2 := make([]byte, 6)
cipher, err := aes.NewCipher([]byte("4512wqdeqwbuobouihodqwbuo")[:16])
if err != nil {
fmt.Println(err)
return
}
cipher.Encrypt(encrypt, plain)
cipher.Decrypt(plain2, encrypt)
if bytes.Compare(plain, plain2) != 0 {
fmt.Println("can't be", plain, plain2, encrypt)
}
}
错误信息:
crypto/aes: input not full block
问题
- 有没有第三方函数可以满足我的需求?
- 或者标准函数是否可以以某种方式实现这一点?
- 用位移和异或实现这个特定函数是不是太简单了,还有其他方法吗?
- 对于新的需求,我已经用位移实现了这个函数。
英文:
background
There is a need for a cipher can encode and decode [6]byte.
std function aes.NewCipher not allowed this, because it's definition of blocksize is 16 bytes.
Can't simply padding 6 bytes to 16 bytes. I need print [6]byte as barcode and use barcode for remote and decode in remote.
code
this can run in go playground
// You can edit this code!
// Click here and start typing.
package main
import (
"bytes"
"crypto/aes"
"fmt"
)
func main() {
plain := []byte("4512wqdeqwbuobouihodqwbuo")[:6]
encrypt := make([]byte, 6)
plain2 := make([]byte, 6)
cipher, err := aes.NewCipher([]byte("4512wqdeqwbuobouihodqwbuo")[:16])
if err != nil {
fmt.Println(err)
return
}
cipher.Encrypt(encrypt, plain)
cipher.Decrypt(plain2, encrypt)
if bytes.Compare(plain, plain2) != 0 {
fmt.Println("can't be", plain, plain2, encrypt)
}
}
error:
crypto/aes: input not full block
question
- Is there a third party function can match my require?
- Or std functions can achieve this in some way?
- It's naive to implement this specified function by bit-shift and xor, is there more?
- For new, I have implement this function with bit-shift.
答案1
得分: 1
有一个需要编码和解码[6]byte的密码的需求。
编码(以不同的格式显示数据)和加密(提供机密性)是有区别的。密码用于加密。此外,我假设您想要加密数据以保护机密性。
理论上,有一些方式不需要填充。请参考不同的操作模式。有一些模式(如CTR、OFB等)不需要填充,有效地将块密码转换为流密码。
甚至有专门的流密码,如Salsa或ChaCha。
因此,您可以将6个字节的明文加密为6个字节的密文。
当您需要发送与明文相同数量的加密数据时,存在两个问题:
-
为了在多次加密中保持数据的机密性,每个密码都需要一些初始状态(IV),可以是随机的或计数器。关键是不能重复使用相同的密钥和IV。因此,在正常情况下,此计数器或状态将与加密数据一起发送。使用某些静态向量可以破解加密(部分或完全)。这就是为什么评论中的人们无法给出简单答案的原因。没有附加传输数据的适当加密。
-
另一个问题是数据完整性。如果在传输过程中修改了密文(无论是有意还是无意),接收方无法检测到数据已被修改。我假设对于6个字节,无论如何都没有完整性控制,所以也许这不是您关心的问题。
使用位移和异或之类的简单方法来实现这个指定的函数是天真的,还有其他更好的方法。
是的,您可以使用静态IV向量加密数据,但这不是我们理解的正确加密方式,因此如果知道多个消息或初始信息,数据可以完全解密。
使用像异或、矩阵操作等简单方法也可能暴露密钥本身。
英文:
> There is a need for a cipher can encode and decode [6]byte.
There's a difference between encoding (display data in a different format) and encryption (providing confidentiality). Ciphers are used for encryption. Further I assume you want to encrypt data for the confidentiality reasons.
> Is there a third party function can match my require?
> Or std functions can achieve this in some way?
In theory - there are ways where padding is not required. Please see different modes of operation. There are modes (CTR, OFB, ..) where the padding is not needed effectively turning the block cipher into a stream cipher.
There are even dedicated stream ciphers, such as Salsa or ChaCha.
So - now you could encrypt 6 bytes of the plaintext into 6 bytes of the ciphertext.
There are two issues when you require sending the same amount of encrypted data as the plaintext:
-
to keep data confidential while reusing the same key for multiple encryptions, each of the ciphers need some initial state (IV), which can be random or a counter. It is imperative that the same Key and IV are not reused. So under normal circumstances this counter or state is sent along the encrypted data. Using some static vector allow to break the encryption (partly or completely). That's the reason people in the comment cannot give you simple answer. There is no proper encryption without additional data transmitted.
-
Another issue is with data integrity. Without transmitting additional bytes if the ciphertext is modified in transmission (intentionally or not), receiving party has no means to detect the data has been modified. I assume with 6 bytes there is no integrity control anyway, so maybe this is not your concern.
> It's naive to implement this specified function by bit-shift and xor, is there more?
Yes, you can encrypt data using a static IV vector, but this is not properly encrypted as we understand it, so the knowing multiple messages or initial information, the data could be completely decrypted.
Using something simple like XOR, matrix operations, ... could as well reveal the key itself.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论