首先,我不是密码学方面的专家,所以请采取一些适中的答案。
什么是double length 3DES?
三重DES加密涉及具有双长(16字节)的密钥K =(K 大号一个 8字节密文块加密的8字节明文块||ķř )如下:
Y = DES3(K)[X] = DES(K 大号)[DES -1(K ř)[DES(K 大号)[X]]]
解密发生如下:
X = DES -1(K 大号)[DES(K ř)[DES -1(K 大号)[Y]]]
EMV 4.2: Book 2 - Security and Key Management从两者。
这里是一个将如何在Java中实现这一点:
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class Test3DES {
public static void main(String[] args) throws Exception {
//byte length has to be mutiple of 8!
String plaintext = "Attack at dawn!!";
byte[] plainBytes = plaintext.getBytes("UTF-8");
byte[] encrypted = encrypt(plainBytes);
byte[] decrypted = decrypt(encrypted);
System.out.println("Original message: ");
System.out.printf("Text: %s%n", plaintext);
System.out.printf("Raw bytes: %s%n", toHexString(plainBytes));
System.out.println("---");
System.out.println("Encrypted message: ");
System.out.printf("Text: %s%n", new String(encrypted, "UTF-8"));
System.out.printf("Raw bytes: %s%n", toHexString(encrypted));
System.out.println("---");
System.out.println("Decrypted message: ");
System.out.printf("Text: %s%n", new String(decrypted, "UTF-8"));
System.out.printf("Raw bytes: %s%n", toHexString(decrypted));
}
private static String toHexString(byte[] array) {
StringBuilder sb = new StringBuilder();
for (byte b : array) {
sb.append(String.format("%02X ", b));
}
return sb.toString();
}
private static byte[] encrypt(byte[] message) throws Exception {
Cipher encr1, decr2, encr3;
SecretKeySpec kL, kR, tmp;
kL = new SecretKeySpec(new byte[] {0, 1, 2, 3, 4, 5, 6, 7}, "DES");
kR = new SecretKeySpec(new byte[] {8, 9, 10, 11, 12, 13, 14, 15}, "DES");
encr1 = Cipher.getInstance("DES/ECB/NoPadding");
decr2 = Cipher.getInstance("DES/ECB/NoPadding");
encr3 = Cipher.getInstance("DES/ECB/NoPadding");
encr1.init(Cipher.ENCRYPT_MODE, kL);
decr2.init(Cipher.DECRYPT_MODE, kR);
encr3.init(Cipher.ENCRYPT_MODE, kL);
return encr3.doFinal(decr2.doFinal(encr1.doFinal(message)));
}
private static byte[] decrypt(byte[] message) throws Exception {
Cipher decr1, encr2, decr3;
SecretKeySpec kL, kR;
kL = new SecretKeySpec(
new byte[] {0, 1, 2, 3, 4, 5, 6, 7},
"DES"
);
kR = new SecretKeySpec(
new byte[] {8, 9, 10, 11, 12, 13, 14, 15},
"DES"
);
decr1 = Cipher.getInstance("DES/ECB/NoPadding");
encr2 = Cipher.getInstance("DES/ECB/NoPadding");
decr3 = Cipher.getInstance("DES/ECB/NoPadding");
decr1.init(Cipher.DECRYPT_MODE, kL);
encr2.init(Cipher.ENCRYPT_MODE, kR);
decr3.init(Cipher.DECRYPT_MODE, kL);
return decr3.doFinal(encr2.doFinal(decr1.doFinal(message)));
}
}
输出:
Original message:
Text: Attack at dawn!!
Raw bytes: 41 74 74 61 63 6B 20 61 74 20 64 61 77 6E 21 21
---
Encrypted message:
Text: #�Jɚe�P�ϸ5�%t�
Raw bytes: 23 B4 4A C9 9A 65 C5 50 90 CF B8 35 9A 25 74 A2
---
Decrypted message:
Text: Attack at dawn!!
Raw bytes: 41 74 74 61 63 6B 20 61 74 20 64 61 77 6E 21 21
因此,要回答你的问题 - 你正在寻找代码中16字节的密钥大小。在我的代码片段中,密钥由kL
和kR
组成,每个8字节,共16个。
您如何期望在没有大量加密知识背景的情况下查看加密代码? – zaph
这可能是过时的文档,或者他们根本不知道他们在说什么。无论如何,现在不应该使用DES和双密钥3DES,因为它们只提供56位和80位的安全性。我建议使用AES,它具有比任何DES/3DES变体最小的密钥尺寸更好的安全保证。 –