强加密(即 AES)和非强加密(即经典 zip)之间是否存在非线性差异
AES 和其他现代加密算法被认为是强大的,有时人们会看到诸如“不建议使用经典的 zip 加密,因为它不再被认为是强大的”这样的引用。但它们之间真的存在非线性差异吗?例如,如果两者都产生具有高熵的序列,是否意味着使用非常长的密码(512 位或更多),它们都会变得难以区分,因为理论上我们可以用十亿年的计算机时间来破解 AES,并用 1 来破解 zip /10 那个时候?
AES and other modern encryption algorithm are considered strong and sometimes one can see quotes like "it's not recommended to use classic zip encryption since it is no longer considered strong". But is there a really non-linear difference between them? For example, if both produce sequences with high entropy, does it mean that with a very long password (512 bit and more) they both become indistinguishably strong since lets say theoretically we can break AES for example with billion year computer time and zip with 1/10 of that time?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
是的。当人们谈论“强”加密时,他们指的是一种加密方案,其中没有已知的技术可以比暴力密钥搜索明显更好地恢复明文。 “重大”在这里是一个重要的词:针对 256 位 AES 的攻击,复杂度为 2^119。这大大减少了搜索空间,但 256 位 AES 仍然被认为很强大,因为它在计算上根本无法实现。
相比之下,对经典 pkzip 加密的攻击低至 2^27。这比对 AES 的攻击简单得多,实际上很难想象;称其为非线性根本不恰当。一个是微不足道的,另一个是不可能的。
Yes. When people talk about "strong" encryption, they refer to an encryption scheme where there are no known techniques to recover plaintext that are significantly better than a brute-force key search. "Significant" is an important word here: there is an attack on 256-bit AES with a complexity of 2^119. That's an enormous reduction in the search space, but 256-bit AES is still considered strong because it's simply computationally unfeasible to pull off.
In comparison, the attacks on classic pkzip encryption are as low as 2^27. That's so much simpler than the attack on AES that it's actually quite difficult to visualise; calling it non-linear simply doesn't do it justice. One is trivial, the other impossible.