块密码和流密码
据我所知,分组密码在软件中比通常基于硬件的流密码更受欢迎。但是,为什么密钥不能在流密码中重复使用呢?是因为可能形成的模式吗?
I understand that block ciphers are more popular in software as opposed to stream ciphers which are typically hardware based. However, why can't a key be reused in stream ciphers? Is it because of patterns that may form?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
流密码是一种在给定的输入位序列上工作的加密系统。大多数流密码的工作原理是从密钥生成一长串看似随机的位,然后将其与要加密的数据组合(通过按位异或)。这是一次性本的(粗略)模拟。
分组密码是一种通用的加密元素,它在“块”上工作,“块”是具有固定长度的位序列(例如,AES)。分组密码是分组的排列;键选择我们正在讨论的排列。单独的分组密码无法处理任意长的消息;分组密码和数据必须在称为操作模式(通常也称为“链接模式”)的精心构造中使用”)。
分组密码有一种称为“CTR”的链接模式,即“计数器模式”:在这种模式下,分组密码用于加密计数器的连续值(计数器具有块的大小)。然后将所得的加密块连接起来,产生仅取决于密钥的任意长的位序列。然后将该序列与要加密的数据进行异或即可。换句话说,CTR 模式将分组密码转变为流密码。另一种流行的链接模式是 CBC,它不适合流密码模型。
对于流密码,必须不惜一切代价避免为两个不同的消息重复使用相同的依赖于密钥的位序列;这将产生臭名昭著的“两次密码本”,它很容易被破解(通过利用两个加密消息中的冗余)。对于 CTR 模式下的分组密码,这意味着重复使用相同的计数器值。这就是 CTR 模式需要随机初始值 (IV) 的原因,它是您开始加密时使用的计数器值。通过选择具有足够大块的新随机 IV,您可以非常高的概率避免您使用的计数器值序列中的任何重叠。
IV 的概念并不特定于分组密码;一些流密码也使用IV(例如eSTREAM组合中的IV)。当流密码具有 IV 时,重用密钥没有问题 - 前提是您使用正确的 IV(即,在可能的 IV 的完整空间中,使用密码学上强的 RNG 生成的 IV,具有统一的概率)。然而,其他一些流密码没有 IV,特别是广泛使用的 RC4。重复使用相同的密钥意味着重复使用完全相同的生成位序列,这是不好的。
请注意,除 CTR 之外的某些链接模式也需要 IV,对于使用给定密钥加密的每条消息来说,IV 应该是唯一的。分组密码并不能减轻这种需要。
A stream cipher is an encryption system which works over a given sequence of input bits. Most stream ciphers work by generating from the key a long sequence of random-looking bits, which are then combined (by bitwise XOR) with the data to encrypt. This is a (crude) emulation of one-time pad.
A block cipher is a generic cryptographic element which works over "blocks" which are sequences of bits with a fixed length (e.g. 128 bits for AES). The block cipher is a permutation of the blocks; the key selects which permutation we are talking about. A block cipher alone cannot process an arbitrary long message; the block cipher and the data must be used within an elaborate construction called a mode of operation (also often called a "chaining mode").
There is a chaining mode for block ciphers called "CTR" as "counter mode": in this mode, the block cipher is used to encrypt successive values of a counter (the counter having the size of a block). The resulting encrypted blocks are then concatenated, resulting in an arbitrarily long sequence of bits which depend only on the key. It suffices then to XOR that sequence with the data to encrypt. In other words, CTR mode turns a block cipher into a stream cipher. Another popular chaining mode is CBC, which does not fit the model of a stream cipher.
With stream ciphers, what must be avoided at all costs is reusing the same key-dependent sequence of bits for two distinct messages; this would yield the infamous "two-times pad" which can be broken quite easily (by exploiting redundancies in the two encrypted messages). With a block cipher in CTR mode, this translates to reusing the same counter values. This is why CTR mode requires a random Initial Value (IV) which is the counter value you begin encryption with. By choosing a new random IV, with sufficiently large blocks, you avoid with very high probability any overlap in the sequences of counter values that you use.
The concept of IV is not specific to block ciphers; some stream ciphers also use an IV (e.g. the one in the eSTREAM portfolio). When a stream cipher has an IV, reusing the key is no problem -- provided that you use proper IV (i.e. IV generated with a cryptographically strong RNG in the complete space of possible IV, with uniform probability). However, some other stream ciphers do not have an IV, in particular the widely used RC4. Reusing the same key would mean reusing the exact same sequence of generated bits, and that's bad.
Note that some chaining modes other than CTR also need an IV, which should be unique for each message encrypted with a given key. Block ciphers do not alleviate the need for that.
因为当重用流密码中的密钥时,流密码
一般功能是加密=(明文+密钥)%2
模 2 被视为异或
因此,重复使用密钥进行加密功能将导致密文在一定长度后自行重复
因此每次加密操作时都会使用随机生成器来生成密钥
就像 LFSR 每次生成随机密钥
还使用一次性垫
because when reusing the key in stream cipher the stream cipher
general function is encryption=(plaintext+key)%2
and modulo 2 is considered xor
so reusing the key for encryption function will cause the cipher text to repeat it self after some length
so a random generators are used to produce key every time in the encryption operation
like LFSR to produce random key every time
one time pad is also used
分组密码:分组密码就像逐块加密消息一样。
在消息加密后,它会逐块分解。
流密码:流密码就像原始消息的一点一点加密。
Block cipher: Block cipher is like encrypting a message block by block.
It's breaking the block by block then after encryption of the message.
Stream cipher: Stream cipher is like a bit by bit encryption of the original message.