Izinga Lokubethela Elithuthukisiwe(AES) iyi-algorithm ye-symmetric encryption. I-AES iyindinganiso yemboni kusukela manje njengoba ivumela i-128 bit, i-192 bit kanye ne-256 bits encryption. Ukubethela kwe-Symmetric kuyashesha uma kuqhathaniswa nokubethela kwe-asymmetric futhi kusetshenziswa ezinhlelweni ezifana nesistimu yedathabheyisi. Okulandelayo kuyithuluzi eliku-inthanethi lokwenza ukubethela kwe-AES kanye nokukhipha noma yimuphi umbhalo ongenalutho noma iphasiwedi.
Ithuluzi linikeza izindlela eziningi zokubethela kanye nokubhala ngemfihlo njenge Imodi ye-ECB, CBC, CTR, CFB ne-GCM. I-GCM ibhekwa njengevikeleke kakhulu kunemodi ye-CBC futhi yamukelwa kabanzi ngenxa yokusebenza kwayo.
Ukuze uthole ulwazi oluthe xaxa ngokubethela kwe-AES, vakashela le ncazelo ku-AES Encryption. Ngezansi kunefomu lokuthatha okokufaka kokubethela nokususa ukubethela.
Noma yiliphi inani lokhiye oyimfihlo olifakayo, noma esilikhiqizayo aligcinwa kuleli sayithi, leli thuluzi linikezwa nge-HTTPS URL ukuze kuqinisekiswe ukuthi noma yibaphi okhiye abayimfihlo abanakwebiwa.
Izici Eziyinhloko
- I-Symmetric I-algorithm engukhiye: Kusetshenziswa ukhiye ofanayo kukho kokubili ukubethela nokususa ukubethela.
- Vimba i-Cipher: I-AES isebenza kumabhulokhi anosayizi ongashintshi wedatha. Usayizi webhulokhi ojwayelekile ungamabhithi ayi-128.
- Ubude Obubalulekile: I-AES isekela ubude obuyinhloko be-128, 192, kanye namabhithi angu-256. Uma ukhiye umude, ukubethela kunamandla.
- Ezokuphepha: I-AES ithathwa njengevikeleke kakhulu futhi isetshenziswa kabanzi kumaphrothokholi ahlukahlukene wokuvikela nezinhlelo zokusebenza.
Imigomo Nemibandela Yokubethela ye-AES
Ngokubhala ngemfihlo, ungafaka umbhalo ongenalutho noma iphasiwedi ofuna ukuyibhala ngemfihlo. Manje khetha imodi ye-block cipher yokubethela.
Izindlela Ezihlukene Ezisekelwayo Zokubethela kwe-AES
I-AES inikeza izindlela eziningi zokubethela njenge-ECB, CBC, CTR, OFB, CFB nemodi ye-GCM.
-
I-ECB(Electronic Code Book) iyindlela elula yokubethela futhi ayidingi i-IV ukuze ibethelwe. Umbhalo ongenalutho wokufakwayo uzohlukaniswa ube amabhulokhi futhi ibhulokhi ngayinye izobethelwa ngokhiye onikeziwe futhi ngaleyo ndlela amabhulokhi wombhalo ongenalutho afanayo abethelwe abe amabhulokhi wombhalo we-cipher afanayo.
-
Imodi ye-CBC(Cipher Block Chaining) ituswa kakhulu, futhi iwuhlobo oluthuthukisiwe lokubethelwa kwe-block cipher. Kudinga i-IV ukwenza umlayezo ngamunye uhluke okusho ukuthi amabhulokhi wombhalo angenalutho afanayo abethelwe abe amabhulokhi wombhalo we-cipher ahlukene. Ngakho-ke, ihlinzeka ngokubethela okuqinile uma kuqhathaniswa nemodi ye-ECB, kodwa ihamba kancane uma iqhathaniswa nemodi ye-ECB. Uma ingekho i-IV efakiwe khona-ke okuzenzakalelayo kuzosetshenziswa lapha kumodi ye-CBC futhi lokho kushintshela ku-byte esekelwe ku-zero[16].
-
Imodi ye-CTR(Ikhawunta) ye-CTR (CM) yaziwa nangokuthi imodi yokubala ephelele (ICM) kanye nemodi ye-integer counter (SIC) enezigaba ezihlukene. I-Counter-mode ishintsha i-block cipher ibe i-cipher yokusakaza. Imodi ye-CTR inezici ezifanayo ne-OFB, kodwa futhi ivumela indawo yokufinyelela okungahleliwe phakathi nokukhishwa kwemfihlo. Imodi ye-CTR ifaneleka kahle ukusebenza emshinini wokwenza izinto eziningi, lapho amabhulokhi angabethelwa ngokuhambisana.
-
I-GCM(Galois/Counter Mode) iyindlela yokusebenza ye-symmetric-key block cipher esebenzisa i-hashing yendawo yonke ukunikeza ukubethela okuqinisekisiwe. I-GCM ibhekwa njengevikeleke kakhulu kunemodi ye-CBC ngoba inokuqinisekisa okwakhelwe ngaphakathi nokuhlola ubuqotho futhi isetshenziswa kabanzi ekusebenzeni kwayo.
Ukupheda
Kumamodi we-AES i-CBC ne-ECB, i-padding ingaba i-PKCS5PADDING kanye ne-NoPadding. Nge-PKCS5Padding, iyunithi yezinhlamvu engu-16-byte izokhiqiza okukhiphayo okungu-32-byte (ukuphindaphinda okulandelayo okungu-16).
I-AES GCM PKCS5Padding ifana ne-NoPadding ngoba i-GCM iyimodi yokusakaza-bukhoma engadingi ukupheda. I-ciphertext ku-GCM inde kuphela njengombhalo ongenalutho. Ngakho-ke, i-nopadding ikhethwa ngokuzenzakalelayo.
Usayizi Wokhiye we-AES
I-algorithm ye-AES inosayizi webhulokhi we-128-bit, kungakhathaliseki ukuthi ubude bakho bokhiye bungamabhithi angu-256, 192 noma angu-128. Uma imodi ye-symmetric cipher idinga i-IV, ubude be-IV kufanele bulingane nosayizi webhulokhi we-cipher. Ngakho-ke, kufanele ngaso sonke isikhathi usebenzise i-IV yamabhithi angu-128 (amabhayithi angu-16) nge-AES.
Ukhiye Oyimfihlo we-AES
I-AES inikeza amabhithi angu-128, amabhithi angu-192 namabhithi angu-256 kasayizi oyimfihlo wokubhala ngemfihlo. Uma ukhetha amabhithi angu-128 okubethela, khona-ke ukhiye oyimfihlo kufanele ube ngamabhithi angu-16 ubude namabhithi angu-24 no-32 ku-192 kanye namabhithi angu-256 osayizi wokhiye ngokulandelanayo. Isibonelo, uma usayizi wokhiye engu-128, khona-ke ukhiye oyimfihlo ovumelekile kufanele ube nezinhlamvu ezingu-16 i.e., 16*8=128 bits.