C#.Net 中的 3DES 密钥大小很重要
下面的代码在 c#.NET 中工作正常
byte[] key = Encoding.ASCII.GetByte("012345678901234567890123"); //24characters
byte[] plainText = Encoding.ASCII.GetBytes("lasaa");
TripleDES des = TripleDES.Create();
des.Key = key;
des.Mode = CipherMode.CBC;
ICryptoTransform ic = des.CreateEncryptor();
byte[] enc = ic.TransformFinalBlock(plainText, 0, plainText.Length);
MessageBox.Show(UTF8Encoding.UTF8.GetString(enc));
我的问题是...
- 我如何指定 KeySize?如果我使用
des.KeySize=128或192或256它给出
指定的密钥对于该算法来说不是有效的大小
- 如果我通过添加更多字符(例如:40 个字符)来更改密钥中的字符长度,则 。它给出了错误
指定的密钥对于该算法来说不是有效的大小
我想知道为什么会发生这种情况?
Below Code is Working Fine in c#.NET
byte[] key = Encoding.ASCII.GetByte("012345678901234567890123"); //24characters
byte[] plainText = Encoding.ASCII.GetBytes("lasaa");
TripleDES des = TripleDES.Create();
des.Key = key;
des.Mode = CipherMode.CBC;
ICryptoTransform ic = des.CreateEncryptor();
byte[] enc = ic.TransformFinalBlock(plainText, 0, plainText.Length);
MessageBox.Show(UTF8Encoding.UTF8.GetString(enc));
My questions regarding above are...
- How can I specify KeySize? if i use
des.KeySize=128or192or256it gives
Specified key is not a valid size for this algorithm
- If I change character length in key by adding more (ex:40 chars). It gives error
Specified key is not a valid size for this algorithm
I want to know why is this happen?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
3DES 密钥的长度为 128 或 192 位。请注意,在内部,该算法将仅使用 128(分别为 192)位中的 112(分别为 168)位;然而,密钥本身在编码为字节、存储和交换时必须具有 16 或 24 字节的长度。尝试设置不具有这两个长度之一的密钥会触发错误,当您尝试使用 40 字节密钥时会观察到该错误。
您不应该尝试设置“密钥大小”:您在设置密钥时已经决定了。当您设置
TripleDES.Key属性时,TripleDES类会看到您为其提供了一个 24 字节密钥,因此将自行设置KeySize属性更改为 192。(3DES 加密的输出是二进制的,而不是字符串的 UTF-8 编码。您的最终
UTF8Encoding.UTF8.GetString(enc)很可能会抗议。)A 3DES key has length 128 or 192 bits. Note that, internally, the algorithm will use only 112 (respectively 168) bits out of those 128 (respectively 192) bits; however, the key itself, as encoded into bytes, stored and exchanged, must have length 16 or 24 bytes. Trying to set a key which does not have one of those two lengths triggers an error, which you observe when you try to use a 40-byte key.
You should not try to set the "key size": you already decide that when you set the key. When you set the
TripleDES.Keyproperty, theTripleDESclass sees that you give it a 24-byte key, and thus will set itself theKeySizeproperty to 192.(The output of 3DES encryption is binary, not UTF-8 encoding of a string. Chances are that your final
UTF8Encoding.UTF8.GetString(enc)will protest.)TripleDES 的密钥大小为 168 位。所以你需要 21 个字节。如果你想使用字符串作为键,你真的应该首先对其进行哈希处理。在这种情况下,您可以使用任意长度的字符(越多越好),然后将哈希输出修剪为您的密钥大小。例如,如果您使用 SHA-256 从中获得 32 个字节,则使用 21 个他们。
The key size for TripleDES is 168 bits. So you'll need 21 bytes. If you want to use a string for the key you really should hash it first. In which case you can use any length of characters (the more the better) and then trim the hashed output to your key size. E.g. if you use SHA-256 from which you'll get 32 bytes, use 21 of them.
这是我用来完成此“修剪”的一些代码
Here is some code that I used to accomplish this "trim"
我认为这里的问题是 192 位是 C# 中 3DES 支持的最大密钥大小(我假设在其他地方)
http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetryalgori...
您是否尝试过将密钥设置为16 字节/字符值?
唯一支持的其他大小似乎是 128 位。如果你想要更强大的东西,你将不得不使用不同的算法,Aes/Rijndael。
如果你在 Wikipedia 上查找 TDES,似乎最大密钥大小是 168 位,所以我不是确定微软是如何实现它的。
我怀疑为了简洁起见,您的示例中省略了它,但您可能应该用大量的盐来散列您的密钥。在加密命名空间中有几种用于此目的的 RNG/HSH 算法。
I think the problem here is that 192bits is the maximum key size supported for 3DES in C# (and elsewhere I assume)
http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgori...
Have you tryed setting the key to a 16 byte/char value?
The only other supported size seems to be 128bits. If you want somthing stronger you'll have to use a different algorithm, Aes/Rijndael.
If you look TDES up on Wikipedia, it seems the maximum key size is 168bits so I'm not sure how Microsoft have implemented it.
I suspect it was omitted from your example for brevity but you should probably hash your key from a good dose of salt. There are several RNG/HSH algorithms for this in the crypto namespace.