我将如何一次解密多个消息?
tldr;在Java中,使用AES密码学,如何将加密消息包装在一起以单个解密调用进行解密?
我在Android聊天应用程序中使用了AES加密,在解密多个消息(使用相同键)时,该程序变得非常慢到我必须使用多线程的点,以免冻结系统。
我知道有一种方法可以将加密消息打包在一起,以一次将它们全部解密,这应该更快,但是我在Java/Kotlin中找不到有关如何执行此操作的任何东西。我认为这样做的唯一方法是将明文与定界人士一起附加并进行加密,但是我需要更改数据库以存储包含大文本字段的单个记录,而我的教授明确表示无法进行更改。在第4周之后,现在是第6周。还有其他方法可以通过已经加密的消息列表来实现这一目标?
编辑 - 这是每条消息调用的解密函数:
private String decrypt(String strToDecrypt, String secretKey, String username) {
try {
byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
IvParameterSpec ivspec = new IvParameterSpec(iv);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(secretKey.toCharArray(), username.getBytes(), 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKeySpec newSecretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, newSecretKey, ivspec);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
} catch (Exception e) {
System.out.println("Error while decrypting: " + e.toString());
}
return null;
}
TLDR; In Java using AES cryptography, how do I pack encrypted messages together to decrypt with a single decryption call?
I am using AES cryptography in an android chat application, and when decrypting multiple messages (using the same key), the program becomes very slow to the the point where I have to use multithreading so it does not freeze the system.
I understand there is a way to pack encrypted messages together to decrypt them all at once which should be much faster, but I cannot find anything online about how to do this in Java/Kotlin. The only way I can think to do this is append the plaintext together with delimiters and encrypt it, but I would need to change my database to store a single record that contains a large text field, and my professor explicitly stated that changes cannot be made after week 4, and it is week 6. Is there any other way I can achieve this with a list of already encrypted messages?
Edit - Here is the decryption function that is called for each message:
private String decrypt(String strToDecrypt, String secretKey, String username) {
try {
byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
IvParameterSpec ivspec = new IvParameterSpec(iv);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(secretKey.toCharArray(), username.getBytes(), 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKeySpec newSecretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, newSecretKey, ivspec);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
} catch (Exception e) {
System.out.println("Error while decrypting: " + e.toString());
}
return null;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
基于密码的密钥推导功能设计为昂贵(以防止蛮力),但是您正在为每个解密提供昂贵的功能。
密钥推导将占主导您的运行时间。 AES部分可能很小。由于
secretkey和用户名对于多个消息而言可能是相同的,因此,只要秘密键和用户名保持相同,您应该派生一次并使用缓存键。Password-based key derivation functions are designed to be expensive (to prevent brute-forcing), yet you are preforming that expensive function on every decrypt.
The key derivation will predominate your run time. The AES portion is likely tiny. Since
secretKeyandusernameare likely to be the same for multiple messages, you should derive the key once and use the cached key as long as the secret key and username remain the same.