aes-gcm

来源： https://stackoverflow.com/questions/63961511/java-large-file-aes-encryption-is-very-slow

来源： https://stackoverflow.com/questions/57611999/encrypt-payload-using-a-key-and-iv-by-aes-gcm-nopadding-algorithm-in-node-js-and

问题 I'm trying to encrypt a file in AES-GCM mode with 'openssl' th/ command line openssl enc -aes-256-gcm -p -iv 000000000000000000000000 -K 00000000000000000000000000000000000000000000000000000000000000 -nosalt -in file.raw -out file.enc` Encryption works but I could not find a way to retrieve a resulting GCM tag. Is there a way to get it? In this document (link) I found "Note that it is now even possible to use authenticated mode like CCM or GCM" but still there is none info how to do that. Or

问题 I have run a simple test to measure the AES-GCM performance in Java 9 , by encrypting byte buffers in a loop. The results were somewhat confusing. The native (hardware) acceleration seems to work - but not always. More specifically, When encrypting 1MB buffers in a loop, the speed is ~60 MB/sec for the first ~50 seconds. Then it jumps to 1100 MB/sec, and stays there. Does JVM decide to activate the hardware acceleration after 50 seconds (or 3GB of data)? can it be configured? Where can I read

问题 I am implementing a scheme with cipher in GCM mode in node.js. I have to append/prepend GCM tag to the ciphertext in order to check the integrity. However, I am not sure how big the tag will be! On crypto++ wiki, I read that the size could vary and that it's actually a parameter of the GCM mode. Citing from the wiki, emphasis mine: The parameters which must be supplied and used by both parties are: key and key size iv and iv size tag size However, in node documentation, there is nothing about

问题 What's the padding mode for AES/GCM? I understood it can be NoPadding, as in ECB mode it can be PKCS5Padding, how about in GCM mode? in JCE interface, we need provide "algorithm/mode/padding" (Reference). So I used the following code to get the instance and it works in JDK but failed in IBM SDK which says cannot find provider for supporting AES/GCM/PKCS5Padding Cipher.getInstance("AES/GCM/PKCS5Padding"); What's real use case for padding? 回答1: GCM is a streaming mode which means that the

问题 So my question for you stackoverflow geniuses is: if there a way (native, library, framework, whatever..) to encrypt data with AES (preferably 128 but could be 256 too) using a strong Authenticated encryption algorithm , let's say GCM mode ? Question is short, I have done some research and I only found one library that seems to support it ( RNCryptor ) but it also seems to use password to crypt instead of keys (like you provide a password and the library made the key) and I don't like that a

问题 I'd like to use TLSv1.2 with TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 in Java 7. I've added -Ddeployment.security.TLSv1.2=true to the VM arguments and I'd like to know how to add the cipher suite mentioned above. 回答1: Hints provided by @ dave_thompson_085. Java 7 JSSE (the SSL/TLS provider) does not implement GCM ciphersuites, only Java 8 does. A thirdparty provider like BouncyCastle might. Also remember all Oracle/Sun JREs support AES-256 suites (and more-than-128-bit symmetric encryption

问题 I'd like to use TLSv1.2 with TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 in Java 7. I've added -Ddeployment.security.TLSv1.2=true to the VM arguments and I'd like to know how to add the cipher suite mentioned above. 回答1: Hints provided by @ dave_thompson_085. Java 7 JSSE (the SSL/TLS provider) does not implement GCM ciphersuites, only Java 8 does. A thirdparty provider like BouncyCastle might. Also remember all Oracle/Sun JREs support AES-256 suites (and more-than-128-bit symmetric encryption

问题 I have the following code in Java: public static void deriveKeyAndIV(String password) throws Exception { SecureRandom random = new SecureRandom(); if (salt == null) { salt = new byte[HASH_BYTE_SIZE / 8]; // use salt size at least as long as hash random.nextBytes(salt); } if (ivBytes == null) { ivBytes = new byte[HASH_BYTE_SIZE / 8]; random.nextBytes(ivBytes); } PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE); SecretKeyFactory skf =