gpt4 book ai didi

vb.net - VB.NET Rijndael 托管加密或 AES 的安全性如何?

转载 作者:行者123 更新时间:2023-12-01 07:43:06 35 4
gpt4 key购买 nike

我正在使用 this code 的稍微修改版本.创建任务关键型应用程序。将被加密的文件非常重要。这必须从头开始,因为还有一些其他的事情必须与此一起完成。

这有多安全?破解这个加密是不可能的吧?

很抱歉,这里有一个工作链接。 http://www.codeproject.com/Articles/12092/Encrypt-Decrypt-Files-in-VB-NET-Using-Rijndael

Imports System
Imports System.IO
Imports System.Security
Imports System.Security.Cryptography


'*************************
'** Global Variables
'*************************

Dim strFileToEncrypt As String
Dim strFileToDecrypt As String
Dim strOutputEncrypt As String
Dim strOutputDecrypt As String
Dim fsInput As System.IO.FileStream
Dim fsOutput As System.IO.FileStream



'*************************
'** Create A Key
'*************************

Private Function CreateKey(ByVal strPassword As String) As Byte()
'Convert strPassword to an array and store in chrData.
Dim chrData() As Char = strPassword.ToCharArray
'Use intLength to get strPassword size.
Dim intLength As Integer = chrData.GetUpperBound(0)
'Declare bytDataToHash and make it the same size as chrData.
Dim bytDataToHash(intLength) As Byte

'Use For Next to convert and store chrData into bytDataToHash.
For i As Integer = 0 To chrData.GetUpperBound(0)
bytDataToHash(i) = CByte(Asc(chrData(i)))
Next

'Declare what hash to use.
Dim SHA512 As New System.Security.Cryptography.SHA512Managed
'Declare bytResult, Hash bytDataToHash and store it in bytResult.
Dim bytResult As Byte() = SHA512.ComputeHash(bytDataToHash)
'Declare bytKey(31). It will hold 256 bits.
Dim bytKey(31) As Byte

'Use For Next to put a specific size (256 bits) of
'bytResult into bytKey. The 0 To 31 will put the first 256 bits
'of 512 bits into bytKey.
For i As Integer = 0 To 31
bytKey(i) = bytResult(i)
Next

Return bytKey 'Return the key.
End Function


'*************************
'** Create An IV
'*************************

Private Function CreateIV(ByVal strPassword As String) As Byte()
'Convert strPassword to an array and store in chrData.
Dim chrData() As Char = strPassword.ToCharArray
'Use intLength to get strPassword size.
Dim intLength As Integer = chrData.GetUpperBound(0)
'Declare bytDataToHash and make it the same size as chrData.
Dim bytDataToHash(intLength) As Byte

'Use For Next to convert and store chrData into bytDataToHash.
For i As Integer = 0 To chrData.GetUpperBound(0)
bytDataToHash(i) = CByte(Asc(chrData(i)))
Next

'Declare what hash to use.
Dim SHA512 As New System.Security.Cryptography.SHA512Managed
'Declare bytResult, Hash bytDataToHash and store it in bytResult.
Dim bytResult As Byte() = SHA512.ComputeHash(bytDataToHash)
'Declare bytIV(15). It will hold 128 bits.
Dim bytIV(15) As Byte

'Use For Next to put a specific size (128 bits) of bytResult into bytIV.
'The 0 To 30 for bytKey used the first 256 bits of the hashed password.
'The 32 To 47 will put the next 128 bits into bytIV.
For i As Integer = 32 To 47
bytIV(i - 32) = bytResult(i)
Next

Return bytIV 'Return the IV.
End Function

加密和解密
'****************************
'** Encrypt/Decrypt File
'****************************

Private Enum CryptoAction
'Define the enumeration for CryptoAction.
ActionEncrypt = 1
ActionDecrypt = 2
End Enum

Private Sub EncryptOrDecryptFile(ByVal strInputFile As String, _
ByVal strOutputFile As String, _
ByVal bytKey() As Byte, _
ByVal bytIV() As Byte, _
ByVal Direction As CryptoAction)
Try 'In case of errors.

'Setup file streams to handle input and output.
fsInput = New System.IO.FileStream(strInputFile, FileMode.Open, _
FileAccess.Read)
fsOutput = New System.IO.FileStream(strOutputFile, _
FileMode.OpenOrCreate, _
FileAccess.Write)
fsOutput.SetLength(0) 'make sure fsOutput is empty

'Declare variables for encrypt/decrypt process.
Dim bytBuffer(4096) As Byte 'holds a block of bytes for processing
Dim lngBytesProcessed As Long = 0 'running count of bytes processed
Dim lngFileLength As Long = fsInput.Length 'the input file's length
Dim intBytesInCurrentBlock As Integer 'current bytes being processed
Dim csCryptoStream As CryptoStream
'Declare your CryptoServiceProvider.
Dim cspRijndael As New System.Security.Cryptography.RijndaelManaged
'Setup Progress Bar
pbStatus.Value = 0
pbStatus.Maximum = 100

'Determine if ecryption or decryption and setup CryptoStream.
Select Case Direction
Case CryptoAction.ActionEncrypt
csCryptoStream = New CryptoStream(fsOutput, _
cspRijndael.CreateEncryptor(bytKey, bytIV), _
CryptoStreamMode.Write)

Case CryptoAction.ActionDecrypt
csCryptoStream = New CryptoStream(fsOutput, _
cspRijndael.CreateDecryptor(bytKey, bytIV), _
CryptoStreamMode.Write)
End Select

'Use While to loop until all of the file is processed.
While lngBytesProcessed < lngFileLength
'Read file with the input filestream.
intBytesInCurrentBlock = fsInput.Read(bytBuffer, 0, 4096)
'Write output file with the cryptostream.
csCryptoStream.Write(bytBuffer, 0, intBytesInCurrentBlock)
'Update lngBytesProcessed
lngBytesProcessed = lngBytesProcessed + _
CLng(intBytesInCurrentBlock)
'Update Progress Bar
pbStatus.Value = CInt((lngBytesProcessed / lngFileLength) * 100)
End While

'Close FileStreams and CryptoStream.
csCryptoStream.Close()
fsInput.Close()
fsOutput.Close()

我已经将主要代码从那里粘贴到这里。

最佳答案

如前所述,没有什么是不可能破解的,您只能遵循最佳实践,使任何潜在的攻击者尽可能地难以破解。

实际上,您链接到的代码不再被视为最先进的(如果曾经是)。它通过散列密码来创建对称加密 key 。这很糟糕,因为密码通常没有足够的熵来阻止基于字典的复杂攻击。此外,它不使用任何 salt或等价物,所以很容易用预先计算的表来解决这个问题。

只要有可能,您应该使用安全的 PRNG(伪随机数生成器)生成对称 key 。如果没有特别需要涉及密码,请不要这样做。如果绝对必须是密码,请使用来自 PKCS5 的 PBKDF2或替代方案,如 bcrypt 或 scrypt。

IV 还应始终从安全的 PRNG 生成,并且尽可能不要重复使用。也不需要从密码中派生它,如您链接的示例所示。
IV 是公开信息,这意味着您可以安全地发布它 - 但它必须保持不可预测和随机 - 否则您很容易受到某些 dedicated attacks 的影响。除非您使用的是 Authenticated Encryption 模式,例如 GCM。

如果您不熟悉这些主题并有疑问,我强烈建议您咨询专家。如果要保护的数据如您所说的一样重要,那么额外的钱应该花得很好。如果在该领域没有经验,那么在手工制定自己的解决方案时,您可能会忽略一些重要的事情。

关于vb.net - VB.NET Rijndael 托管加密或 AES 的安全性如何?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9243034/

35 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com