我需要一种方法来取12位数字并将其加密到不同的12位数字(除了0123456789之外没有其他字符)。然后在稍后我需要能够将加密的号码解密回原始号码。
重要的是,如果2个加密数字是有序的,则不明显。因此,例如,如果我加密0000000000001,加密时它应该看起来完全不同于000000000002.它不一定是世界上最安全的东西,但越安全越好。
我一直在四处寻找,但没有找到任何看起来非常合适的东西。从我所看到的某种类型的XOR可能是最简单的方法,但我不知道该怎么做。
谢谢, 吉姆
答案 0 :(得分:5)
我最终解决了这个问题,感谢你们在维基百科页面http://en.wikipedia.org/wiki/Format-preserving_encryption中使用“来自前缀密码的FPE”。我将给出以下基本步骤,希望将来对某人有所帮助。
注意 - 我相信任何专家都会告诉你这是一个黑客攻击。这些数字似乎是随机的,它足以满足我的需要,但如果安全性是一个大问题,请使用其他东西。我相信专家可以指出我所做的事情。发布此内容的唯一目的是因为在搜索问题的答案时我会发现它很有用。也只能在无法反编译的情况下使用它。
我打算发布步骤,但解释得太多了。我只是发布我的代码。这是我仍然需要清理的概念代码证明,但你会明白这一点。请注意,我的代码特定于12位数字,但调整其他代码应该很容易。按照我的方式,Max可能是16。
public static string DoEncrypt(string unencryptedString)
{
string encryptedString = "";
unencryptedString = new string(unencryptedString.ToCharArray().Reverse().ToArray());
foreach (char character in unencryptedString.ToCharArray())
{
string randomizationSeed = (encryptedString.Length > 0) ? unencryptedString.Substring(0, encryptedString.Length) : "";
encryptedString += GetRandomSubstitutionArray(randomizationSeed)[int.Parse(character.ToString())];
}
return Shuffle(encryptedString);
}
public static string DoDecrypt(string encryptedString)
{
// Unshuffle the string first to make processing easier.
encryptedString = Unshuffle(encryptedString);
string unencryptedString = "";
foreach (char character in encryptedString.ToCharArray().ToArray())
unencryptedString += GetRandomSubstitutionArray(unencryptedString).IndexOf(int.Parse(character.ToString()));
// Reverse string since encrypted string was reversed while processing.
return new string(unencryptedString.ToCharArray().Reverse().ToArray());
}
private static string Shuffle(string unshuffled)
{
char[] unshuffledCharacters = unshuffled.ToCharArray();
char[] shuffledCharacters = new char[12];
shuffledCharacters[0] = unshuffledCharacters[2];
shuffledCharacters[1] = unshuffledCharacters[7];
shuffledCharacters[2] = unshuffledCharacters[10];
shuffledCharacters[3] = unshuffledCharacters[5];
shuffledCharacters[4] = unshuffledCharacters[3];
shuffledCharacters[5] = unshuffledCharacters[1];
shuffledCharacters[6] = unshuffledCharacters[0];
shuffledCharacters[7] = unshuffledCharacters[4];
shuffledCharacters[8] = unshuffledCharacters[8];
shuffledCharacters[9] = unshuffledCharacters[11];
shuffledCharacters[10] = unshuffledCharacters[6];
shuffledCharacters[11] = unshuffledCharacters[9];
return new string(shuffledCharacters);
}
private static string Unshuffle(string shuffled)
{
char[] shuffledCharacters = shuffled.ToCharArray();
char[] unshuffledCharacters = new char[12];
unshuffledCharacters[0] = shuffledCharacters[6];
unshuffledCharacters[1] = shuffledCharacters[5];
unshuffledCharacters[2] = shuffledCharacters[0];
unshuffledCharacters[3] = shuffledCharacters[4];
unshuffledCharacters[4] = shuffledCharacters[7];
unshuffledCharacters[5] = shuffledCharacters[3];
unshuffledCharacters[6] = shuffledCharacters[10];
unshuffledCharacters[7] = shuffledCharacters[1];
unshuffledCharacters[8] = shuffledCharacters[8];
unshuffledCharacters[9] = shuffledCharacters[11];
unshuffledCharacters[10] = shuffledCharacters[2];
unshuffledCharacters[11] = shuffledCharacters[9];
return new string(unshuffledCharacters);
}
public static string DoPrefixCipherEncrypt(string strIn, byte[] btKey)
{
if (strIn.Length < 1)
return strIn;
// Convert the input string to a byte array
byte[] btToEncrypt = System.Text.Encoding.Unicode.GetBytes(strIn);
RijndaelManaged cryptoRijndael = new RijndaelManaged();
cryptoRijndael.Mode =
CipherMode.ECB;//Doesn't require Initialization Vector
cryptoRijndael.Padding =
PaddingMode.PKCS7;
// Create a key (No IV needed because we are using ECB mode)
ASCIIEncoding textConverter = new ASCIIEncoding();
// Get an encryptor
ICryptoTransform ictEncryptor = cryptoRijndael.CreateEncryptor(btKey, null);
// Encrypt the data...
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, ictEncryptor, CryptoStreamMode.Write);
// Write all data to the crypto stream to encrypt it
csEncrypt.Write(btToEncrypt, 0, btToEncrypt.Length);
csEncrypt.Close();
//flush, close, dispose
// Get the encrypted array of bytes
byte[] btEncrypted = msEncrypt.ToArray();
// Convert the resulting encrypted byte array to string for return
return (Convert.ToBase64String(btEncrypted));
}
private static List<int> GetRandomSubstitutionArray(string number)
{
// Pad number as needed to achieve longer key length and seed more randomly.
// NOTE I didn't want to make the code here available and it would take too longer to clean, so I'll tell you what I did. I basically took every number seed that was passed in and prefixed it and postfixed it with some values to make it 16 characters long and to get a more unique result. For example:
// if (number.Length = 15)
// number = "Y" + number;
// if (number.Length = 14)
// number = "7" + number + "z";
// etc - hey I already said this is a hack ;)
// We pass in the current number as the password to an AES encryption of each of the
// digits 0 - 9. This returns us a set of values that we can then sort and get a
// random order for the digits based on the current state of the number.
Dictionary<string, int> prefixCipherResults = new Dictionary<string, int>();
for (int ndx = 0; ndx < 10; ndx++)
prefixCipherResults.Add(DoPrefixCipherEncrypt(ndx.ToString(), Encoding.UTF8.GetBytes(number)), ndx);
// Order the results and loop through to build your int array.
List<int> group = new List<int>();
foreach (string key in prefixCipherResults.Keys.OrderBy(k => k))
group.Add(prefixCipherResults[key]);
return group;
}
答案 1 :(得分:2)
你所谈论的有点像一次性垫。一个与明文长度相同的键,然后对每个单独的字符进行模数运算。
A xor B = C
C xor B = A
或换句话说
A xor B xor B = A
只要您不在多个不同的输入上使用相同的密钥B(例如,每次加密时B必须是唯一的),那么从理论上讲,您永远无法恢复原始{{1不知道A是什么。如果您多次使用相同的B,则所有投注均已关闭。
评论后续:
你不应该以比你开始时更多的位数结束。 xor只是翻转位,它没有任何进位功能。结束6位数只是奇怪的......至于代码:
B为简单起见,这只是一个数组。对于实际数据,您可以在每个字节或每个字的基础上工作,并按顺序xor每个块。您可以使用比输入短的键字符串,但这样可以更容易地对密钥进行反向工程。理论上,您可以使用单个字节来执行xor'ing,但之后您基本上实现了rot-13的位级等效。
答案 2 :(得分:1)
简单加密的另一种方法是,您可以从10开始对每个数字进行子结构。
例如 初始数字:123456
10-1 = 9 10-2 = 8 10-3 = 7 等
你会得到的 987654
您可以将其与XOR结合使用,以实现更安全的加密。
答案 3 :(得分:0)
例如,您可以添加数字的数字,其中包含数字常量(214354178963 ......无论如何)并应用“〜”运算符(反向所有位)这不安全,但请确保您可以解密您的数字。
答案 4 :(得分:0)
任何拥有反射器或ildasm的人都可以破解这种加密算法。
我不知道您的业务需求是什么,但您必须知道。
答案 5 :(得分:0)
如果在要求中有足够的蠕动空间可以接受16个十六进制数字作为加密端,只需将12位十进制数字解释为64位明文并使用64位分组密码,如Blowfish,Triple-DES或IDEA