从加密和明文数据中查找 AES 密钥
如果我有一条明文消息 M 及其加密的等效消息 E,并且我知道它已使用 256 位 AES 密钥加密,是否有办法计算出该密钥?如果 M 足够长,有没有办法做到这一点?
If I have a plaintext message M along with its encrypted equivalent E, and I know that it has been encrypted with a 256-bit AES key, is there a way to work out the key? Are there ways to do it, if M is long enough?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
理论上是的。
事实上没有。
您需要在执行加密的同一台计算机上运行软件,并通过缓存分析攻击系统:
“2005 年 4 月,DJ Bernstein 宣布了一次缓存定时攻击,他用该攻击破坏了使用 OpenSSL 的自定义服务器。 AES 加密。定制服务器旨在提供尽可能多的计时信息(服务器报告加密操作所需的机器周期数),而攻击需要超过 2 亿个选定的明文。”
或者我想你可以使用超级计算机来强制破解它。我不知道这需要多长时间,因此只有当加密密钥从未更改时才会出现问题。该算法可在公共领域使用,但您仍然会受到实现的束缚,因为它们会对结果产生影响。
In theory yes.
In reality no.
You'll need either to have software running on the same machine that is performing the encryption and attack the system through cache analysis:
"In April 2005, D.J. Bernstein announced a cache-timing attack that he used to break a custom server that used OpenSSL's AES encryption. The custom server was designed to give out as much timing information as possible (the server reports back the number of machine cycles taken by the encryption operation), and the attack required over 200 million chosen plaintexts."
Or I would imagine that you could use a supercomputer to force crack it. I wouldn't know how long that would take though and so it would only be an issue if the encryption key was never changed. The algorithm is available in the public domain, but you'll still be tied to the implementation as they would have a bearing on the result.
不,没有(有效的)方法可以做到这一点。
AES 的设计甚至可以抵抗选定的明文攻击。
因此,暴力是唯一的出路。
No, there is no (efficient) way to do this.
AES is designed to be even resistent against selected plaintext attacks.
Thus brute-force is the only way to go.