手动实施3DES(学术性)
[英]Manual implementation of 3DES (academic)
问题描述
For a course I am taking we are manually implementing the 3DES scheme, which is pretty straight-forward on paper (Two key, with EDE encryption). 
对于我正在学习的课程,我们将手动实现3DES方案,这在纸面上非常简单(两键,带有EDE加密)。 I have chosen Java as the implementation language but have run into an issue with how it handles encryption/decryption with differing keys. 我选择Java作为实现语言,但是遇到了如何处理具有不同密钥的加密/解密的问题。 I keep receiving a javax.crypto.BadPaddingException error when attempting to apply the second round (ie "decryption" with K2). 尝试应用第二轮时,我一直收到javax.crypto.BadPaddingException错误(即,使用K2进行“解密”)。 The default DES Cipher uses PKCS5Padding and I assume this is the problem, but I'm not sure how to work around it. 默认的DES密码使用PKCS5Padding,我认为这是问题所在,但是我不确定如何解决。 My code for encryption is below (I hope it is not too straight-forward, less I overlooked something simple). 我的加密代码如下(我希望它不太简单,除非我忽略了一些简单的东西)。 Thank you in advance. 先感谢您。
Key Definition (pretty basic and I will look to improve it as I've seen some different approaches while browsing around) 关键定义(相当基本,我将在浏览时看到一些不同的方法,希望对此加以改进)
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecretKey sk_1 = kgen.generateKey();
SecretKey sk_2 = kgen.generateKey();
byte[] raw_1 = sk_1.getEncoded();
byte[] raw_2 = sk_2.getEncoded();
spec_1 = new SecretKeySpec(raw_1, "DES"); //key 1
spec_2 = new SecretKeySpec(raw_2, "DES"); //key 2
cipher = Cipher.getInstance("DES"); //standard mode is ECB which is block-by-block w/PKCS5Padding
cipher2 = Cipher.getInstance("DES");
protected byte[] get3DESEncryption(byte[] plaintext) throws Exception{
byte[] output = new byte[plaintext.length];
System.out.println("output len init: " + output.length);
cipher.init(Cipher.ENCRYPT_MODE, spec_1);
cipher2.init(Cipher.DECRYPT_MODE, spec_2);
//first encryption round, key 1 used
output = cipher.doFinal(plaintext);
//second "encryption" round, key 2 used but decrypt run
output = cipher2.doFinal(output);
//third encryption round, key 1 used
output = cipher.doFinal(output);
//return ciphertext
return output;
}
1 个解决方案
解决方案1
2 2012-10-09 04:03:45
The problem is that you should not use any padding on second (decrypting) and third (encrypting) steps. 问题是您不应在第二步(解密)和第三步(加密)上使用任何填充。 When you actually apply EDE you should pad only the plain text. 实际应用EDE ,应仅填充纯文本。
A transformation is of the form:
"algorithm/mode/padding" or "algorithm" (in the latter case, provider-specific default values for the mode and padding scheme are used).
So, you should explicitly tell it not to use padding on cipher2 & cipher3 (you did not created the latter one yet). 因此,您应该明确告诉它不要在cipher2和cipher3上使用填充(您尚未创建后者)。
Thus, you should have three cipher objects: 因此,您应该具有三个密码对象:
- cipher1 DES/ECB/PKCS5Padding cipher1 DES / ECB / PKCS5Padding
- cipher2 DES/ECB/NoPadding cipher2 DES / ECB / NoPadding
- cipher3 DES/ECB/NoPadding cipher3 DES / ECB / NoPadding
[EXTRA HINT] [额外提示]
For decryption you should initialize the ciphers differently and you should reorder the ciphers as well. 对于解密,您应该以不同的方式初始化密码,并且还应该重新排序密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.