I'm developing a php system where all data is encrypted by a key derived from the user's password. I've already been able to derive the key, but to encrypting data with AES requires the key and IV. That is where my doubt was born: In this case, I suppose I should store IV to decrypt the data later. Where do I store? In the database or in a file on the server? Or is it not correct to store the IV and is there another way to get the same IV for the same key?
1条回答 默认 最新
dongzhijing8202 2017-10-07 21:06关注Don't derive an IV from the same source that you derive the key from. You should use a randomly generated IV for each encryption operation and simply store the IV with the ciphertext.
It is common to simply prepend the IV to the ciphertext so that it can be retrieved easily when the data needs to be decrypted. The IV does not need to be secret, so the above method is completely secure.
To reiterate, because it is important, do not derive the IV from a KDF or similar, always randomly generate a new IV for each encryption operation.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2017-10-07 20:58回答 1 已采纳 Don't derive an IV from the same source that you derive the key from. You should use a randomly g
- 2019-03-08 12:04回答 1 已采纳 You are defining a 64-character key; that those 64 characters are hex digits is neither here nor t
- 2018-06-08 13:42回答 1 已采纳 Okay, I managed to get the go output to match your other outputs, but I'm not 100% clear on all of
- 2021-02-27 17:20玩弄命运的博客 小编典典与带外接收者共享password(a char[])和salt 所byte[]选择...然后从此信息中得出一个好的密钥:/* Derive the key, given password and salt. */SecretKeyFactory factory = SecretKeyFactory.getInstance("P...
- 2017-12-08 19:21回答 1 已采纳 It is your NodeJS code that is incorrect. CTR mode requires an IV, calling crypto.createCipher is
- 2017-04-18 03:45回答 1 已采纳 As suggested in comments, i searched "hybrid cryptography" . And this example has solved my proble
- 2018-10-12 09:06回答 1 已采纳 Finally figured out the solution as per following link : https://gist.github.com/odan/c1dc2798ef9
- 2022-03-03 22:37扶我起来我还要写代码的博客 理解了原理和Java实现的流程,再写应用代码进一步辅助验证,最后走一走源码流程中的相关细节,做最终验证;最后,再了解一下性能更好、安全性更高的ECDH(基于椭圆曲线来实现的Diffie-Hellman)
- 2019-03-14 11:39回答 1 已采纳 base64_decode(base64_encode($appKey)) I believe you use the key in php as string bytes, not as a
- 2017-05-10 07:11回答 1 已采纳 C# has AES encryption built in. but before using it you need to go through Decrypt string in C#
- 2016-11-13 16:03回答 1 已采纳 At first glance I see three issues here: First: you are not using the same mode: in java you have
- 2021-09-02 14:58Yooh_Lee的博客 好像没什么人关注这个硬件AES,我来简单看下使用方式 简介 这个AES硬件几乎支持AES的所有加解密模式,并且支持2个DMA,一个输入一个输出。 AES主要的特性 支持128和256位密钥,带32位...密钥派生和解密同时进行,计
- 2014-01-28 14:32回答 1 已采纳 You're using CBC-mode in PHP and ECB in C# so after the first block things will go wrong. You need
- 2022-11-30 22:58Generalzy的博客 对称加密的特点是,在加密和解密时使用相同的密钥,或是使用两个可以简单地相互推算的密钥。这一个或一组密钥需要在两个或多个成员之间共享,以便维持专属的通讯联系。对称加密的优点是速度快,缺点是需要共享密钥,...
- 2023-11-14 11:43享乐主的博客 本文主要介绍虚拟化加密磁盘密钥设置的理论基础:开源密钥设置方案TKS1
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
- ¥15 java写代码遇到问题,求帮助
- ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
- ¥15 有了解d3和topogram.js库的吗?有偿请教
- ¥100 任意维数的K均值聚类
- ¥15 stamps做sbas-insar,时序沉降图怎么画
- ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
- ¥15 关于#Java#的问题,如何解决?
- ¥15 加热介质是液体,换热器壳侧导热系数和总的导热系数怎么算
- ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计