简单的数字到数字(或数字到十六进制)加密算法,可最大限度地减少字符数
我需要加密一个数字,并且这个加密值将提供给要求密钥的客户,因此我想最大限度地减少数字数量并使它们全部可打印。
所以我希望结果全部是数字或全部是十六进制字符。
我当前使用的加密方法(对于非数字)将字符转换为十六进制(每个十六进制数字 2 个)。这使得字符数加倍。我还考虑过将输入视为十六进制(因此每对数字都被视为十六进制对,但是输入 0123 和 123 之间存在歧义(当解密前导“0”丢失时)。
有什么建议吗?
I need to encrypt a number and I and this encrypted value will be given to a customer ask a key so I want to minimize the number of digits and make them all printable.
So I'd like the result to be either all number or all Hex characters.
The current encryption method I'm using (for non numbers) converts the characters to hex (2 hex digits each). That doubles the number of characters. I also considered just treating the input as hex (so each pair of numbers is treated as a Hex pair, but then you have ambiguity between an input of 0123 and 123 (when decrypting that leading '0' is lost.
Any suggestions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
不要混淆两个不同的问题。使用任何安全加密算法(我推荐 AES-256),然后使用 base64 编码(如果输出必须是可打印的。
如果您想将其限制为另一组(例如小写字母),请使用适当的基数(例如 hexavigesimal )
Don't conflate two different issues. Use any secure encryption algorithm (I recommend AES-256), and then use base64 encoding if the output has to be printable.
If you want to restrict it to another set (e.g. lower-case letters), use the appropriate base (e.g. hexavigesimal)
如果要求您打印一张带有“许可证密钥”的卡,他们必须手动输入,那么我认为加密所需的值并不是最好的解决方案。数据太多了。
我认为更好的解决方案是对他们注册的用户名/电子邮件地址使用简单的哈希算法,将结果哈希为 128 位值(16 字节),然后使用 Base-32 将其转换为字母 AZ 和数字 2-7(大约有 26 个字符)。
Base32 的优点是它不区分大小写(就像 Base 64 一样),并且您不会混淆“i”和“1”(等等)。
If the requirement is that you print out a card with the "license key" on it, that they have to manually type in then I think encrypting the required values is not the best solution. There'll just be too much data.
I think a better solution is to use a simple hash algorithm on their username/email address that they've registered with to hash the result to a 128-bit value (16 bytes) and then use Base-32 to convert that into the letters A-Z and digits 2-7 (which would come out at around 26 characters).
Base32 has the advantage that it's not case-sensitive (like base 64 is) and you don't get confusion between "i" and "1" (etc).
我想出了一个简单的拼凑:
如果位数是奇数,那么我会在占位符十六进制(F)字符前面添加前缀。然后,当我解密时,如果我看到占位符(F),那么我就知道它是一个占位符(b/c 只允许数字作为该函数的输入)
I figured out a simple kludge:
If the # of digits is odd then I prefix a placeholder Hex(F) character. Then when I decrpypt, if I see that placeholder (F) then I know it was a place holder (b/c only numbers are allowed as input to this function)
看来您混淆了加密和编码。它们是完全不同的关注点。因为您没有提供有关所需安全性的足够信息来说明有关适当加密的任何信息,所以我假设您正在谈论编码。对于编码来说,输入是否加密实际上并不重要。唯一的区别是加密的输入几乎肯定不能被压缩,因此任何压缩都应该在加密之前完成。
对于编码,最简单的方法是将输入视为一个大数(you),选择一组符号并将该数字编码为以 N 为基数,其中 N 是所选集合的大小。由于生成的代码是供人类输入的,因此您需要避免使用具有相似形状的多个字符(1、l、I / o、O、0、D / 5、S),选择取决于所使用的字体。
内置一些错误检测也非常有用。创建良好错误检测的一个简单方法是将良好哈希函数的一些位添加到数字中。例如(伪代码):
如果您有一个错误模型,您可以做得更好,但假设随机错误模型已经尽善尽美,可以检测到 96% 以上的错误,仅添加一个 base32 字符。
It seems that you are confusing encryption and encoding. They are completely separate concerns. Because you don't provide nearly enough information about required security to say anything about appropriate encryption I'll assume that you are talking about encoding. For encoding, it actually doesn't matter if the input is encrypted or not. The only difference is that an encrypted input almost certainly can't be compressed, so any compression should be done before encryption.
For encoding, the simplest approach is to consider the input as a large number (you ), pick a set of symbols and encode the number as base-N where N is the size of the chosen set. Because the resulting code is intended for human entry, you'll want to avoid having multiple characters with similar shapes (1,l,I / o,O,0,D / 5,S), the choice is dependent on the font used.
It's also very useful to have some error detection built in. A simple way to create good error detection is to add some bits of a good hash function to the number. For example (in pseudocode):
You can do better than that if you have an error model, but assuming random error model it's as good as it gets, detecting more than 96% of all errors, adding only one base32 character.