Xiyimo xa le Henhla xa Vuhlayiseki(AES) . i algorithm ya ku fihla ya symmetric. AES i mpimanyeto wa indasitiri tani hi leswi yi pfumelelaka 128 bit, 192 bit na 256 bits encryption. Symmetric encryption yi hatlisa loko yi pimanisiwa na asymmetric encryption naswona yi tirhisiwa eka tisisiteme to fana na database system. Leswi landzelaka i xitirhisiwa xa inthanete xo endla ku fihla ka AES na ku pfula xihundla xa tsalwa rihi na rihi ro olova kumbe phaswedi.
Xitirhisiwa lexi xi nyika tindlela to tala ta ku fihla na ku pfula ku fana na ECB, CBC, CTR, CFB na movha wa GCM. GCM yi tekiwa yi sirhelelekile ku tlula movha wa CBC naswona yi amukeriwa ngopfu hikwalaho ka matirhelo ya yona.
Ku kuma vuxokoxoko byo tala hi ku fihla ka AES, endzela nhlamuselo leyi eka AES Encryption. Laha hansi ku na fomo yo teka swingheniso swa ku fihla na ku pfula.
Nhlayo yihi na yihi ya xilotlelo xa xihundla leyi u yi nghenisaka, kumbe leyi hi yi tumbuluxaka a yi hlayisiwi eka sayiti leyi, xitirhisiwa lexi xi nyikiwa hi ku tirhisa URL ya HTTPS ku tiyisisa leswaku swilotlelo swihi na swihi swa xihundla a swi nge yiviwi.
Swihlawulekisi Swa Nkoka
- Xiyimo xa xiyimo xa le henhla Algorithm ya Xilotlelo: Xilotlelo lexi fanaka xi tirhisiwa eka ku fihla na ku pfula.
- Xisirhelelo xa Xibokisana: AES yi tirha eka tibloko ta data ta sayizi leyi nga cinciki. Vukulu bya xibokisana lebyi tolovelekeke i 128 wa tibiti.
- Ku leha ka Nkoka: AES yi seketela ku leha ka swilotlelo swa 128, 192, na 256 wa tibiti. Loko xilotlelo xi lehe, ku fihla ka yona ku tiya.
- Vuhlayiseki: AES yi tekiwa yi sirhelelekile swinene naswona yi tirhisiwa ngopfu eka tiphrothokholi to hambana ta vuhlayiseki na switirhisiwa.
Mimpimanyeto & Theminoloji ya Vuhlayiselo bya AES
Eka ku fihla, u nga nghenisa tsalwa ro olova kumbe phaswedi leyi u lavaka ku yi fihla. Sweswi hlawula movha wa block cipher wa ku fihla.
Tindlela to hambana leti seketeriwaka ta AES Encryption
AES yi nyika tindlela to tala ta ku fihla ku fana na ECB, CBC, CTR, OFB, CFB na movha wa GCM.
-
ECB(Electronic Code Book) i ndlela yo olova swinene yo fihla naswona a yi lavi IV eka ku fihla. Tsalwa ro olova ro nghenisa ri ta avanyisiwa hi swibokisana naswona xibokisana xin’wana na xin’wana xi ta pfaleriwa hi xilotlelo lexi nyikiweke naswona hikokwalaho swibokisana swa matsalwa yo olova leswi fanaka swi pfaleriwile eka swibokisana swa matsalwa ya xihundla lama fanaka.
-
CBC(Cipher Block Chaining) mode yi bumabumeriwa swinene, naswona i xivumbeko xa xiyimo xa le henhla xa block cipher encryption. Swi lava IV ku endla leswaku rungula rin’wana na rin’wana ri va ro hlawuleka leswi vulaka leswaku swibokisana swa matsalwa yo olova leswi fanaka swi pfaleriwile eka swibokisana swa matsalwa ya xihundla leswi nga fani. Hikwalaho, yi nyika ku fihla loku tiyeke swinene loko ku pimanisiwa na movha wa ECB, kambe yi nonoka nyana loko yi pimanisiwa na movha wa ECB. Loko ku nga ngheniwi IV kutani default yi ta tirhisiwa laha eka movha wa CBC naswona sweswo swi default eka byte leyi simekiweke eka zero[16].
-
CTR(Counter) Mode ya CTR (CM) yi tlhela yi tiviwa tanihi movha wa xibalo xa tinhlayo leti heleleke (ICM) na movha wa xibalo xa tinhlayo leti heleleke leti avaneke (SIC). Counter-mode yi hundzula block cipher yi va stream cipher. Mode ya CTR yina swihlawulekisi leswi fanaka na OFB, kambe yitlhela yi pfumelela nhundzu ya random-access hi nkarhi wa decryption. Mode ya CTR yi lulamerile swinene ku tirha eka muchini wa tiphurosesa to tala, laha tibloko ti nga pfaleriwa hi ku fambisana.
-
GCM(Galois/Mode ya Xibalo) i ndlela ya ntirho ya symmetric-key block cipher leyi tirhisaka hashing ya misava hinkwayo ku nyika vuhlayiseki lebyi tiyisisiweke. GCM yi tekiwa yi sirhelelekile ku tlula movha wa CBC hikuva yi na vuhlayiseki lebyi akiweke endzeni na ku kamberiwa ka vutshembeki naswona yi tirhisiwa ngopfu eka matirhelo ya yona.
Ku padding
Eka ti mode ta AES CBC na ECB, padding yingava PKCS5PADDING na NoPadding. Hi PKCS5Padding, ntambhu ya 16-byte yi ta humesa vuhumelerisi bya 32-byte (ku tala loku landzelaka ka 16).
AES GCM PKCS5Padding i xifaniso xa NoPadding hikuva GCM i ndlela yo khuluka leyi nga laviki ku padding. Tsalwa ra xihundla eka GCM ri lehe ntsena ku fana na tsalwa ro olova. Hikwalaho, nopadding hi ku tiyimisela yi hlawuriwile.
Vukulu bya Xilotlelo xa AES
Algorithm ya AES yi na sayizi ya 128-bit block, ku nga khathariseki leswaku ku leha ka xilotlelo xa wena i 256, 192 kumbe 128 bits. Loko movha wa cipher wa symmetric wu lava IV, ku leha ka IV ku fanele ku ringana na sayizi ya block ya cipher. Hikwalaho, u fanele ku tshama u tirhisa IV ya 128 wa tibiti (16 wa tibayiti) na AES.
Xilotlelo xa Xihundla xa AES
AES yi nyika 128 wa tibiti, 192 wa tibiti na 256 wa tibiti ta sayizi ya xilotlelo xa xihundla xa ku fihla. Loko u hlawula 128 wa tibiti ta ku fihla, kutani xilotlelo xa xihundla xi fanele ku va xa 16 wa tibiti hi ku leha na 24 na 32 wa tibiti eka 192 na 256 wa tibiti ta sayizi ya xilotlelo hi ku landzelelana. Xikombiso, loko sayizi ya xilotlelo yi ri 128, kutani xilotlelo xa xihundla lexi tirhaka xi fanele ku va xa swihlawulekisi swa 16 i.e., 16*8=128 wa tibiti