Ƙimar Rubutun Babba (AES) algorithm ne na sirrin sirri. AES shine ma'auni na masana'antu kamar yadda yake ba da damar 128 bit, 192 bit da 256 bits boye-boye. Rufin simmetric yana da sauri idan aka kwatanta da ɓoyayyen asymmetric kuma ana amfani dashi a cikin tsarin kamar tsarin bayanai. Mai zuwa kayan aiki ne na kan layi don aiwatar da ɓoyayyen AES da ɓarna kowane rubutu a sarari ko kalmar sirri.
Kayan aiki yana ba da hanyoyi masu yawa na ɓoyewa da ɓarna kamar su ECB, CBC, CTR, CFB da yanayin GCM. GCM ana ɗaukarsa mafi aminci fiye da yanayin CBC kuma an karɓe shi sosai don aikin sa.
Don ƙarin bayani kan ɓoye AES, ziyarci wannan bayanin akan Encryption AES. A ƙasa akwai fom ɗin don ɗaukar abubuwan shigar don ɓoyewa da ɓoyewa.
Duk wata ƙimar maɓalli na sirri da kuka shigar, ko muka ƙirƙira ba a adana shi akan wannan rukunin yanar gizon, ana samar da wannan kayan aikin ta hanyar URL na HTTPS don tabbatar da cewa ba za a iya sace duk wani maɓalli na sirri ba.
Mabuɗin Siffofin
- Simmetric Algorithm Maɓalli: Ana amfani da maɓalli iri ɗaya don ɓoyayyen ɓoyewa da ɓarna.
- Toshe Cipher: AES yana aiki akan ƙayyadaddun tubalan bayanai. Matsakaicin girman toshe shine 128 bits.
- Tsawon Maɓalli: AES yana goyan bayan tsawon maɓalli na 128, 192, da 256 bits. Maɓallin ya fi tsayi, yana da ƙarfi da ɓoyewa.
- Tsaro: Ana ɗaukar AES amintacce kuma ana amfani da shi sosai a cikin ka'idojin tsaro da aikace-aikace daban-daban.
Sharuɗɗan boye-boye na AES & Ka'idoji
Don ɓoyewa, zaku iya shigar da bayyanannen rubutu ko kalmar sirri da kuke son rufawa. Yanzu zaɓi hanyar toshe sifa na ɓoyewa.
Hanyoyi daban-daban masu goyan baya na boye-boye AES
AES yana ba da nau'ikan ɓoyewa da yawa kamar ECB, CBC, CTR, OFB, CFB da yanayin GCM.
-
ECB(Littafin Lambar Lantarki) shine mafi sauƙin ɓoyayyen yanayin kuma baya buƙatar IV don ɓoyewa. Za a raba rubutun da ke bayyana a sarari kuma kowane toshe za a rufaffen rufaffen maɓalli tare da maɓalli da aka bayar don haka ana rufaffen tubalan rubutu iri ɗaya cikin tubalan rubutu iri ɗaya.
-
Yanayin CBC(Cipher Block Chaining) ana ba da shawarar sosai, kuma ci gaba ne na toshe ɓoyayyen ɓoyayyen ɓoyayyen ɓoyayyiya. Yana buƙatar IV don sanya kowane saƙo ya zama na musamman ma'ana iri ɗaya bulogin rubutu na fili ana rufaffen rufaffen rufaffiyar rubutu zuwa cikin tubalan rubutu iri ɗaya. Don haka, yana ba da ƙarin ɓoyayyen ɓoyewa idan aka kwatanta da yanayin ECB, amma yana da ɗan hankali idan aka kwatanta da yanayin ECB. Idan ba a shigar da IV ba to za a yi amfani da tsoho a nan don yanayin CBC kuma wannan ya ɓace zuwa byte na tushen sifili[16].
-
Yanayin CTR (Counter) CTR (CM) kuma ana san shi da yanayin ƙidayar lamba (ICM) da yanayin ƙidayar lamba (SIC). Counter-mode yana juya sikirin toshe zuwa madaidaicin rafi. Yanayin CTR yana da halaye iri ɗaya zuwa OFB, amma kuma yana ba da damar mallakar bazuwar shiga yayin yankewa. Yanayin CTR ya dace sosai don aiki akan na'ura mai sarrafawa da yawa, inda za'a iya ɓoye tubalan a layi daya.
-
GCM(Yanayin Galois/Counter) siffa ce ta hanyar toshe maɓalli na simmetric na aiki wanda ke amfani da hashing na duniya don samar da ingantacciyar ɓoyayyen ɓoye. Ana ɗaukar GCM mafi aminci fiye da yanayin CBC saboda yana da ginannen ingantattun ingantattun ingantattun bayanai kuma ana amfani da shi sosai don aikin sa.
Padding
Don yanayin AES CBC da ECB, padding na iya zama PKCS5PADDING da NoPadding. Tare da PKCS5Padding, zaren 16-byte zai samar da fitarwa mai 32-byte (mafi yawa na gaba na 16).
AES GCM PKCS5Padding madaidaici ne ga NoPadding saboda GCM yanayin yawo ne wanda baya buƙatar padding. Rubutun da ke cikin GCM yana da tsayin rubutu kawai. Don haka, nopadding an zaɓi ta tsoho.
Girman Maɓalli na AES
Algorithm na AES yana da girman toshe 128-bit, ba tare da la'akari da ko tsayin maɓallin ku shine 256, 192 ko 128 ba. Lokacin da yanayin siffa mai ma'ana yana buƙatar IV, tsayin IV ɗin dole ne yayi daidai da girman toshewar sifa. Don haka, dole ne koyaushe ku yi amfani da IV na 128 ragowa (16 bytes) tare da AES.
Maɓallin Sirrin AES
AES yana ba da 128 ragowa, 192 ragowa da 256 ragi na girman maɓalli na sirri don ɓoyewa. Idan kana zabar 128 ragowa don ɓoyewa, to dole ne maɓallin sirri ya kasance na 16 ragowa tsayi kuma 24 da 32 bits don 192 da 256 na girman maɓalli bi da bi. Misali, idan girman maɓalli 128 ne, to dole ne ingantacciyar maɓalli na sirri ya kasance na haruffa 16 watau 16*8=128 bits.