简体繁体 English

我应在iOS Android应用上使用哪种加密方法：AES128或3DES

[英]What encryption method should I use on iOS Android Apps: AES128 or 3DES

原文 2011-09-27 13:29:28 2 2 android/ iphone/ ios/ encryption/ public-key-encryption

I have been given the choice by a client of AES128 or 3DES encryption. 客户端给我选择了AES128或3DES加密。

I have to roll it out on both iOS and Android. 我必须在iOS和Android上都推出它。

Which will be easier to do? 哪个会更容易做到？

Are there libraries for both iOS and Android? 是否有适用于iOS和Android的库？

Full or Partial answer would be great (ie if you only know about one platform) 全部或部分答案将是不错的选择（即，如果您只知道一个平台）

2 个解决方案

Prefer AES128 over 3DES. 在3DES上优先使用AES128。 3DES provides an effective key size of 112 bits, while AES 128 uses 128 bits of key space. 3DES提供的有效密钥大小为112位，而AES 128使用128位的密钥空间。

http://en.wikipedia.org/wiki/Aes128 http://en.wikipedia.org/wiki/Aes128

http://en.wikipedia.org/wiki/Triple_DES http://en.wikipedia.org/wiki/Triple_DES

Please read this article in its entirety, and feel free to come back to post further comments or new questions. 请完整阅读本文，并随时返回发表更多评论或新问题。

Cryptographic Right Answers 密码正确答案

In particular, the very first question answered is: 特别是，回答的第一个问题是：

Encrypting data: Use AES in CTR (Counter) mode, and append an HMAC. 加密数据：在CTR（计数器）模式下使用AES，然后附加HMAC。

AES is about as standard as you can get, and has done a good job of resisting cryptologic attacks over the past decade. AES尽可能地成为标准，并且在过去十年中很好地抵抗了密码攻击。 Using CTR mode avoids the weakness of ECB mode, the complex (and bug-prone) process of padding and unpadding of partial blocks (or ciphertext stealing), and vastly reduces the risk of side channel attacks thanks to the fact that the data being input to AES is not sensitive. 使用CTR模式可避免ECB模式的弱点，即部分块的填充和取消填充（或密文窃取）的复杂过程（以及容易出错的过程），并且由于输入了数据，因此大大降低了旁道攻击的风险对AES不敏感。 However, because CTR mode is malleable, you should always add an HMAC to confirm that the encrypted data has not been tampered with. 但是，由于CTR模式是可延展的，因此您应始终添加HMAC来确认加密数据未被篡改。

And the very next question answered is: 回答的下一个问题是：

AES key length: Use 256-bit AES keys. AES密钥长度：使用256位AES密钥。

Theoretically speaking, 128-bit AES keys should be enough for the forseeable future; 从理论上讲，在可预见的将来，128位AES密钥应该足够了。 but for most applications the increased cost of using 256-bit keys instead of 128-bit keys is insignificant, and the increased key length provides a margin of security in case a side channel attack leaks some but not all of the key bits. 但是对于大多数应用程序而言，使用256位密钥而不是128位密钥的增加成本微不足道，并且增加的密钥长度提供了安全余量，以防侧信道攻击泄漏了部分但不是全部密钥位。

[EDIT 1] Also, the fact that you've applied a "public-key-encryption" tag to your question implies that your understanding of cryptography could be better. [编辑1]另外，您对问题应用了“公共密钥加密”标签这一事实意味着您对密码学的理解可能会更好。 Please also read chapter 5 of Security Engineering (PDF) by Ross Anderson; 还请阅读Ross Anderson撰写的Security Engineering （PDF）的第5章； it's free and very accessible. 它是免费的，并且非常易于访问。