Cocoa Touch 上的 AES 加密
最近我一直在开发一个需要AES加密的应用程序。 我正在使用一个 AES 加密库,它有这样的调用:
- (NSData*)encryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
我明白数据和密钥的用途,但 iv 或初始化向量让我感到困惑。 有人介意向我解释一下这个的重要性/它是什么以及 AES 的正确初始化向量是什么样子吗?
另外,如果有人能为我指明学习基本程序加密的正确方向,以及任何使用 C 库或 Cocoa 框架学习加密的好书或教程,我将不胜感激。
Recently I have been developing an app that needs AES encryption.
I am using a AES encryption library that has a call like this:
- (NSData*)encryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
I understand what the data and key are for but the iv or initialization vector is confusing me.
Would somebody mind explaining to me the importance of this / what it is and what a proper initialization vector for AES would look like?
Also I would appreciate it if someone could point me in the right direction for learning basic programatic cryptography, any good books or tutorials out there for learning encryption using C libraries or Cocoa frameworks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
iv“应该”是随机的数据字符串,为了简单起见,您可以提取数据 /dev/random。它基本上是动摇加密的随机盐。 http://en.wikipedia.org/wiki/Initialization_vector 有更多关于具体什么是四.使用您的密钥跟踪您的 iv,因为它也用于解密。
每个应用程序实例化的初始化向量应该是随机的,但您的密钥通常是持久的或从 SSL 证书获取。
我建议您查看安全转换编程指南使用 SSL 证书进行加密和解密,初始化向量位于后台,因为它们通常是低级别的,应该从管理密钥而不是 IV 的抽象高级级别来查看。
The iv "should" be a random string of data, you could pull data /dev/random for simplicity. It basically is the random salt that shakes up the encryption. http://en.wikipedia.org/wiki/Initialization_vector has more information on specifically what is an IV. Keep track of your iv with your key because it is used in decryption as well.
Your initialization vector should be random per application instantiation but your key is typically persistent or obtained from an SSL Certificate.
I recommend taking a look at the a Security Transforms Programming Guide which uses SSL certificates for encryption and decryption, the initialization vectors are in the background because typically they are low level and should be viewed from an abstracted high level of managing keys not IVs.