.Net AES 加密 - 普遍接受的 Pad 设置
我有一个处理 AES 加密数据的 .Net Web 服务。我的服务的消费者与我就密钥/IV 对达成一致,这样我们就可以安全地传递数据。我有一个使用 PHP 的消费者,它使用 mcrypt 进行加密。 mcrypt 用 NULL 填充。我没有设置垫(无),因此无法解密字符串。我将填充更改为零并且能够解密 mcrypt 值。
我想更改我的网络服务以使用普遍接受的垫设置。并告诉我所有的消费者使用该垫设置。但是,我似乎找不到通用的打击垫设置。我还读过一些文章,其中谈到一些垫设置“不太安全”。同样糟糕的是,我看到一些关于某些打击垫设置无法可靠地跨系统转换的帖子。
是否存在普遍接受的、安全且可靠的 AES 加密密码设置?
请告诉我。
I have a .Net web service that processes AES encrypted data. The consumers of my service agree on a key/IV pair with me and that way we can pass data securely. I have a consumer using PHP that is using mcrypt to encrypt. mcrypt is padding with NULLs. I was not setting a pad (NONE) and therefore not able to decrypt the strings. I changed my padding to Zero and was able to decrypt the mcrypt values.
I want to change my web service to use a universally accepted pad setting. And tell all my consumers to use that pad setting. However, I can't seem to find that universal pad setting. I have also read a few post that talk about some pad settings being "less secure". And equally bad, I have seen some post about some pad settings not translating across systems reliably.
Is there a universally accepted, secure and reliable pad setting for AES encryption?
Please let me know.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不是真的。有PKCS padding,Zeros,Ansi X923,ISO10126,都是得到良好支持和公认的标准。您和您的 WWW 服务只需就使用内容达成一致,就像您就密码块模式、IV 值等达成一致一样(即,如果需要,请将其作为协议的一部分)。
Not realy. There is PKCS padding, Zeros, Ansi X923, ISO10126, all are well supported and accepted standards. You and your WWW service just have to aggree on what to use, just as you agree on the cipher block mode, IV value and so on and so forth (ie. make it part of the protocol if needed).