I'm developing a php system where all data is encrypted by a key derived from the user's password. I've already been able to derive the key, but to encrypting data with AES requires the key and IV. That is where my doubt was born: In this case, I suppose I should store IV to decrypt the data later. Where do I store? In the database or in a file on the server? Or is it not correct to store the IV and is there another way to get the same IV for the same key?
1条回答 默认 最新
dongzhijing8202 2017-10-07 21:06关注Don't derive an IV from the same source that you derive the key from. You should use a randomly generated IV for each encryption operation and simply store the IV with the ciphertext.
It is common to simply prepend the IV to the ciphertext so that it can be retrieved easily when the data needs to be decrypted. The IV does not need to be secret, so the above method is completely secure.
To reiterate, because it is important, do not derive the IV from a KDF or similar, always randomly generate a new IV for each encryption operation.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2017-10-07 20:58回答 1 已采纳 Don't derive an IV from the same source that you derive the key from. You should use a randomly g
- 2019-03-08 12:04回答 1 已采纳 You are defining a 64-character key; that those 64 characters are hex digits is neither here nor t
- 2018-06-08 13:42回答 1 已采纳 Okay, I managed to get the go output to match your other outputs, but I'm not 100% clear on all of
- 2021-02-27 17:20玩弄命运的博客 小编典典与带外接收者共享password(a char[])和salt 所byte[]选择...然后从此信息中得出一个好的密钥:/* Derive the key, given password and salt. */SecretKeyFactory factory = SecretKeyFactory.getInstance("P...
- 2017-12-08 19:21回答 1 已采纳 It is your NodeJS code that is incorrect. CTR mode requires an IV, calling crypto.createCipher is
- 2017-04-18 03:45回答 1 已采纳 As suggested in comments, i searched "hybrid cryptography" . And this example has solved my proble
- 2018-10-12 09:06回答 1 已采纳 Finally figured out the solution as per following link : https://gist.github.com/odan/c1dc2798ef9
- 2022-03-03 22:37扶我起来我还要写代码的博客 理解了原理和Java实现的流程,再写应用代码进一步辅助验证,最后走一走源码流程中的相关细节,做最终验证;最后,再了解一下性能更好、安全性更高的ECDH(基于椭圆曲线来实现的Diffie-Hellman)
- 2019-03-14 11:39回答 1 已采纳 base64_decode(base64_encode($appKey)) I believe you use the key in php as string bytes, not as a
- 2017-05-10 07:11回答 1 已采纳 C# has AES encryption built in. but before using it you need to go through Decrypt string in C#
- 2016-11-13 16:03回答 1 已采纳 At first glance I see three issues here: First: you are not using the same mode: in java you have
- 2021-09-02 14:58Yooh_Lee的博客 好像没什么人关注这个硬件AES,我来简单看下使用方式 简介 这个AES硬件几乎支持AES的所有加解密模式,并且支持2个DMA,一个输入一个输出。 AES主要的特性 支持128和256位密钥,带32位...密钥派生和解密同时进行,计
- 2014-01-28 14:32回答 1 已采纳 You're using CBC-mode in PHP and ECB in C# so after the first block things will go wrong. You need
- 2022-11-30 22:58Generalzy的博客 对称加密的特点是,在加密和解密时使用相同的密钥,或是使用两个可以简单地相互推算的密钥。这一个或一组密钥需要在两个或多个成员之间共享,以便维持专属的通讯联系。对称加密的优点是速度快,缺点是需要共享密钥,...
- 2023-11-14 11:43享乐主的博客 本文主要介绍虚拟化加密磁盘密钥设置的理论基础:开源密钥设置方案TKS1
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 请问有会的吗,用MATLAB做
- ¥15 phython如何实现以下功能?查找同一用户名的消费金额合并—
- ¥15 ARIMA模型时间序列预测用pathon解决
- ¥15 孟德尔随机化怎样画共定位分析图
- ¥18 模拟电路问题解答有偿速度
- ¥15 CST仿真别人的模型结果仿真结果S参数完全不对
- ¥15 误删注册表文件致win10无法开启
- ¥15 请问在阿里云服务器中怎么利用数据库制作网站
- ¥60 ESP32怎么烧录自启动程序,怎么查看客户esp32板子上程序及烧录地址
- ¥50 html2canvas超出滚动条不显示