Java 对同一字符串返回不同的 CRC32 结果
Java returning different CRC32 results on same string
我正在玩 RC4 和 CRC32 试图模拟位翻转攻击,我对 Java 中 CRC32 的行为摸不着头脑。据我所知,这应该是基于多项式计算的确定性结果。然而,我所看到的是,无论文本是否实际更改,CRC 都会以不可预测的方式更改。 Java文档简单地说明了字节数组上的 update():用指定的字节数组更新 CRC-32 校验和。,对于 getValue():Returns CRC-32 值。 这里是否涉及某种我没有考虑的盐或 PRF(我不这么认为)?
输出:
run:
Ciphertext = [B@34e51b72, and CRC = 232697804
Now ciphertext = [B@34e51b72, and CRC = 1990877612
Now ciphertext = [B@34e51b72, and CRC = 1720857375
Now ciphertext = [B@34e51b72, and CRC = 4144065286
Now ciphertext = [B@34e51b72, and CRC = 1992352640
BUILD SUCCESSFUL (total time: 1 second)
代码:
package rc4_crc32;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.zip.CRC32;
public class RC4_CRC32 {
public static void main(String[] args) throws Exception{
byte[] key, ciphertext;
CRC32 c = new CRC32();
javax.crypto.Cipher r;
r = Cipher.getInstance("RC4");
key = "1@m@L33tH@x0r!".getBytes("ASCII");
SecretKeySpec rc4Key = new SecretKeySpec(key, "RC4");
r.init(Cipher.ENCRYPT_MODE, rc4Key);
ciphertext = r.update("Secret!".getBytes("ASCII"));
c.update(ciphertext);
System.out.println("Ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
ciphertext[0] = (byte)0x2c;
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
}
}
update() 用于递增计算字节序列的校验和。您的代码计算了在同一 CRC32 对象上提供给 update() 的所有密文的 连接 的 crc32。
尝试
c.reset()
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
我正在玩 RC4 和 CRC32 试图模拟位翻转攻击,我对 Java 中 CRC32 的行为摸不着头脑。据我所知,这应该是基于多项式计算的确定性结果。然而,我所看到的是,无论文本是否实际更改,CRC 都会以不可预测的方式更改。 Java文档简单地说明了字节数组上的 update():用指定的字节数组更新 CRC-32 校验和。,对于 getValue():Returns CRC-32 值。 这里是否涉及某种我没有考虑的盐或 PRF(我不这么认为)?
输出:
run:
Ciphertext = [B@34e51b72, and CRC = 232697804
Now ciphertext = [B@34e51b72, and CRC = 1990877612
Now ciphertext = [B@34e51b72, and CRC = 1720857375
Now ciphertext = [B@34e51b72, and CRC = 4144065286
Now ciphertext = [B@34e51b72, and CRC = 1992352640
BUILD SUCCESSFUL (total time: 1 second)
代码:
package rc4_crc32;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.zip.CRC32;
public class RC4_CRC32 {
public static void main(String[] args) throws Exception{
byte[] key, ciphertext;
CRC32 c = new CRC32();
javax.crypto.Cipher r;
r = Cipher.getInstance("RC4");
key = "1@m@L33tH@x0r!".getBytes("ASCII");
SecretKeySpec rc4Key = new SecretKeySpec(key, "RC4");
r.init(Cipher.ENCRYPT_MODE, rc4Key);
ciphertext = r.update("Secret!".getBytes("ASCII"));
c.update(ciphertext);
System.out.println("Ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
ciphertext[0] = (byte)0x2c;
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());
}
}
update() 用于递增计算字节序列的校验和。您的代码计算了在同一 CRC32 对象上提供给 update() 的所有密文的 连接 的 crc32。
尝试
c.reset()
c.update(ciphertext);
System.out.println("Now ciphertext = " + ciphertext + ", and CRC = " + c.getValue());