如何在Node中创建一个简单的加密端点,以便只返回加密文本以供将来解密?

huangapple go评论80阅读模式
英文:

How to create a simple encryption endpoint in node such that only the encrypted text can be returned back for future decryption?

问题

我需要实现一个API端点,它只接受查询参数中的id,然后将其加密值发送回来。为此,我查看了Node中的crypto模块,但发现它有点复杂。我不明白的一件事是我应该如何使用iv?我计划将加密key存储在环境变量中,以便可以使用相同的key解密每个id。那么,我是否也应该将iv存储在环境变量中?这是一个好的做法吗?

我看到一些API实际上会为每个请求随机生成一个iv,并将其与加密文本一起返回,以便用户以后可以将它们一起用于解密。但对于我的用例,我不能将两个单独的数据返回给用户。我可以将iv连接到加密文本中,但对于某些值,加密文本本身对我的用例来说太长了。关于我的情况,您有什么建议,可能是最好的方法?

英文:

I need to implement an api endpoint that just takes a id in query param, then sends its encrypted value back. For that I was looking into the crypto module in node, and I found it a bit complex. One thing that I donot get is how am I suppose to use the iv? I plan to store the encryption key in the env such that every id can be decrypted using that same key. So, should I also store the iv in the env? Is that a good practice?

I have seen some apis actually randomly generates iv for each request, and return it alongside the encrypted text, such that the user can send them both later for decryption. But for my usecase, I cannot send two separate data back to the user. I can concat iv in the encrypted text, but for some values, the encrypted text in itself is too long for my use case. Any suggestion on what might be the best approach for my case?

答案1

得分: 1

初始化向量对于防止攻击者使用暴力方法来解密数据发生数据泄露后非常重要,即在数据库已被复制/盗用的情况下。

总之,如果您使用相同的密钥但没有使用 IV 两次加密相同的密码,您将获得相同的加密字符串输出。通过添加 IV,您将获得相同密码的不同输出,但必须将 IV 与加密数据一起存储,参见Cipher Block Chaining。这使得解密已泄露的密码数据库变得更加困难,因为攻击者无法使用常见密码的字典来测试匹配数据中的密钥。在关系数据库中,IV 通常称为“盐”,例如,在 Postgres 中,您应该在存储每个密码时生成一个新的盐,如下所示:

UPDATE user SET password = crypt('new password', gen_salt('md5'));

对于您的用例,我不确定您是否需要 IV,这取决于加密数据的预期用途和/或存储方式。如果您决定不需要 IV,可以使用以下任一方式之一省略它:

1:传递 null 而不是 IV:

const cipher = createCipheriv('aes-192-ccm', key, null);

2:(自 Node 10 起不推荐使用)使用 createCipher 函数:

const cipher = crypto.createCipher('aes-192-ccm', key);
英文:

Initialisation vectors are important to prevent attackers using brute force methods to decrypt data after a breach has occurred, i.e. in the event the DB has been copied/stolen.

In summary, if you encrypted the same password twice, with the same key, but without an IV, you will get the same encrypted string output. By adding an IV you will get a different output with the same password, but you have to store the IV along with the encrypted data, see Cipher Block Chaining. This makes it much harder to decrypt breached password databases as the attacker cannot use dictionaries of common passwords to test keys for a match within the data. In relational databases an IV is typically called a 'salt', in Postgres for example, you should generate a new salt when storing each password, like so:

UPDATE user SET password = crypt('new password', gen_salt('md5'));

For your use case I'm not certain if you need an IV, it depends on how the encrypted data is supposed to be used and/or stored. If you decide you don't need one, you can just omit it either of these ways:

1: Pass null instead of an IV:

const cipher = createCipheriv('aes-192-ccm', key, null);

2: (Deprecated since Node 10) Use the createCipher function:

const cipher = crypto.createCipher('aes-192-ccm', key);

huangapple
  • 本文由 发表于 2023年1月10日 23:07:09
  • 转载请务必保留本文链接:https://go.coder-hub.com/75071938.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定