问题
I just want to confirm my understanding of how AES works.
If company#1 is encrypting the data, and sending this data to company#2 to decrypt, and let's presume that one of them uses C# and the other Java.
As long as both are using the same shared secret key, is there anything else setting/configuration wise both parties should agree upon to make sure the data is correctly encryption and decrypted?
回答1:
There is a lot that both have to agree upon:
- shared secret key
- How long is it? (Is key padding required?)
- Is the actual key derived from another key or password with an additional salt?
- Which key derivation function is used and what are their parameters? PBKDF2, bcrypt, scrypt, ...
- Is the IV derived together with the key? (usually by requesting key size + IV size output from the key derivation function)
- cipher characteristics:
- block cipher like AES, Triple DES, Twofish, Rijndael, ...
- cipher parameters such as block size in case it is variable
- mode of operation like CBC, CTR, CFB, ...
- for IV-based modes: How is the IV generated? Is it generated randomly and put into the container format or is it derived together with the key from a password and therefore doesn't need to be put into the ciphertext container?
- for nonce-based modes like CTR: How big is the nonce (sometimes referred to as IV)?
- for parametrized modes like CFB: How big is a segment?
- padding mode like PKCS#7 padding (which is also referred to as PKCS#5 padding), ZeroPadding, ...
- block cipher like AES, Triple DES, Twofish, Rijndael, ...
- authentication (if any):
- as mode of operation like GCM, EAX, SIV, ...
- as separate encrypt-then-MAC/MAC-then-encrypt/encrypt-and-MAC scheme with a MAC like HMAC-SHA256, CMAC, HKDF, GHASH, ...
- encoding of each component like Hex, Base32, Base64 or simply binary (no encoding)
- Is everything encoded together into a textual format from the finished binary format or are the components encoded separately and concatenated together?
- format:
- Where to put IV/nonce/salt (if any)? (usually before the actual ciphertext)
- Where to put authentication tag (if any)? (usually after the actual ciphertext)
- Is Cryptographic Message Syntax applicable?
来源:https://stackoverflow.com/questions/31734161/aes-encryption-using-c-sharp-and-decryption-in-java