如何通过可重现的操作从 4 个字节生成 8 个字节?

发布于 2024-10-02 23:25:47 字数 221 浏览 7 评论 0原文

我有 4 字节的数据,需要一个 8 字节的数组来进行安全操作。我应该从 4 字节字节数组中生成这 8 个字节,并且这应该是可重现的。

我正在考虑使用精确的字节数组并添加 4 个额外字节,并以已知序列用初始数组的 AND、OR、XOR... 填充它们。我不确定这是否是一个好主意。我只需要这 4 个字节中的一个 8 字节数组,并且操作应该是可重现的(相同的 8 个字节与相同的给定 4 个字节)。请举一个C#的例子

I've 4 bytes of data and need an 8 bytes array for a security operation. I should produce these 8 bytes form the 4 bytes byte array and this should be reproducible.

I was thinking of using exact byte array and adding 4 extra bytes and fill them with AND, OR, XOR... of the initial array in a known sequence. I'm not sure if it's a good idea. I just need an 8 byte array from this 4 bytes and the operation should be reproducible (same 8 bytes with same given 4 bytes). Please give an example in C#

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

木格 2024-10-09 23:25:47

为什么不直接用另外 4 个字节的零填充现有的 4 个字节呢?或者重复原来的4个字节。例如:

static byte[] Pad(byte[] input)
{
    // Alternatively use Array.Resize
    byte[] output = new byte[input.Length + 4];
    Buffer.BlockCopy(input, 0, output, 0, input.Length);
    return output;
}

static byte[] Repeat(byte[] input)
{
    byte[] output = new byte[input.Length * 2];
    Buffer.BlockCopy(input, 0, output, 0, input.Length);
    Buffer.BlockCopy(input, 0, output, input.Length, input.Length);
    return output;
}

我相信这两个都满足您最初的标准...但我怀疑您正在寻找其他东西。如果是这种情况,您需要明确说明您的需求。

编辑:正如我在评论中所说,你基本上没有在这里添加任何真正的安全性 - 填充将使这一点更清楚,IMO。另一方面,如果您确实想要通过模糊实现某种安全性,您可以找到一个允许播种的随机数生成器,并将其用作起点。例如:

// Don't use this - see below. Just the concept...
int seed = BitConverter.ToInt32(input, 0); // TODO: Cope with endianness
Random rng = new Random(seed);
byte[] output = new byte[8];
Buffer.BlockCopy(input, 0, output, 0, 4);
for (int i = 4; i < 8; i++) {
    output[i] = (byte) rng.Next(256);
}

现在,我得到上述评论的原因是您可能需要一种保证在 .NET 版本之间不会更改的算法。例如,查找诸如 Mersenne Twister 之类的代码。

Why not just pad the existing 4 bytes with another 4 bytes of zeroes? Or repeat the original 4 bytes. For example:

static byte[] Pad(byte[] input)
{
    // Alternatively use Array.Resize
    byte[] output = new byte[input.Length + 4];
    Buffer.BlockCopy(input, 0, output, 0, input.Length);
    return output;
}

static byte[] Repeat(byte[] input)
{
    byte[] output = new byte[input.Length * 2];
    Buffer.BlockCopy(input, 0, output, 0, input.Length);
    Buffer.BlockCopy(input, 0, output, input.Length, input.Length);
    return output;
}

Both of these fulfil your original criteria, I believe... but I suspect you're looking for something else. If that's the case, you need to be explicit about what you need.

EDIT: As I've said in the comments, you're basically not adding any real security here - padding will make that clearer, IMO. On the other hand, if you do want some security-through-obscurity, you could find a random number generator that allows seeding, and use that as a starting point. For example:

// Don't use this - see below. Just the concept...
int seed = BitConverter.ToInt32(input, 0); // TODO: Cope with endianness
Random rng = new Random(seed);
byte[] output = new byte[8];
Buffer.BlockCopy(input, 0, output, 0, 4);
for (int i = 4; i < 8; i++) {
    output[i] = (byte) rng.Next(256);
}

Now, the reason I've got the comment above is that you probably need an algorithm which is guaranteed not to change between versions of .NET. Find code to something like the Mersenne Twister, for exmaple.

情仇皆在手 2024-10-09 23:25:47

有多种方法可以对分组密码进行填充。

这篇维基百科文章涵盖了一些更被接受的解决方案:http://en.wikipedia.org /wiki/Padding_(cryptography)#Padding_methods

除非有任何其他考虑,我将使用 PKCS#7 填充。

There are multiple methods of doing padding for block ciphers.

This Wikipedia article covers some of the more accepted solutions: http://en.wikipedia.org/wiki/Padding_(cryptography)#Padding_methods

Barring any other considerations, I would use PKCS#7 padding.

忆沫 2024-10-09 23:25:47

怎么样

bytes.Concat(bytes)

How about

bytes.Concat(bytes)
寄人书 2024-10-09 23:25:47

我会非常小心的。如果安全操作需要 64 位数据,可能是因为它需要那么多数据。如果您使用已知的可重现公式从 32 位创建 64 位,您仍然只有 32 位的数据。

如果安全性不受您所拥有的数据的影响,您只需用 1 或 0 填充剩余的四个字节即可。但你真的应该尝试获取 8 个字节的“真实”数据。

I would be very careful. If a security operation requires 64 bits worth of data it is probably because it requires that much data. If you create your 64 bits from 32 bits with a known reproducible formula you will still only have 32 bits worth of data.

If the security is not affected by the data you have you can just fill the the remaining four bytes with ones or zeros. But you should really try to get 8 bytes of "real" data.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文