问题
I am trying to write Java code which will do AES-256 encryption/decryption using 1024 byte key. I looked into Internet for the implementation and there are many way to implement.
I took a look at the following tutorials:
- http://karanbalkar.com/2014/02/tutorial-76-implement-aes-256-encryptiondecryption-using-java/
- https://gist.github.com/bricef/2436364
but didn't find what steps are the required. So my question is What I need to to start encryptiopn/decryption. Isn't specifying algorithm (AES-256) and secret key is enough? What are the APIs I have to call?
Also I am planning to write a utility class with two method exposed to encrypt and decrypt. I am planning to initialize all these setting in constructor. So suggest me the best way to put this class in my Spring web app.
回答1:
AES is only defined for 128, 192 and 256 bit keys. These are called AES-128, AES-192 and AES-256 respectively. So you can't use a 1024 byte key with AES.
The AES block size (what you described as "size in which data is grouped for encoding") is always 128 bits for AES. Rijndael, a subset of which became AES, supports 256 bit blocks in addition to 128 bit blocks. Neither Rijndael nor AES have been defined for 1024 byte keys.
If you have such large key material you can reduce it to 256 bits using a hash like SHA-256, or a proper KDF like HKDF. Obviously this will reduce the security level to 256 bits, but that's still plenty. The reason why AES is not defined for larger keys is that a conventional computer will never be able to brute-force a 256 bit key. See How much would it cost in U.S. dollars to brute force a 256 bit key in a year? on crypto.se.
来源:https://stackoverflow.com/questions/25922682/implementing-aes-256-with-1024-byte-key