AES-128 和 AES-512 与 php 的 mcrypt 有什么区别?
What is the difference of AES-128 and AES-512 with php's mcrypt?
我对使用 php 的 mcrypt 的 AES-128 和 AES-512 的区别感到困惑。区别只是密钥的长度(32 和 64 个字符),或者区别在于使用的算法,例如 MCRYPT_RIJNDAEL_128?如果差异是后者,AES-512 的算法应该如何?
在 AES 中,-xxx 是密钥长度 - 但是我相信 PHP 支持的三种 AES 密码是 AES-128、AES-192 和 AES-256
首先没有AES-512。 AES 指定了密钥长度 128、192 和 256。接下来请注意不要将 Rijndael 与 AES 混用! AES 基于 Rijndael,但后者也提供了块长度的选择。此块长度在 PHP 中可以使用常量 MCRYPT_RIJNDAEL_128、MCRYPT_RIJNDAEL_192、MCRYPT_RIJNDAEL_256.
进行更改
最后,请避免使用mcrypt。有更好的选择,即 openssl:
If you're writing code to encrypt/encrypt data in 2015, you should use openssl_encrypt() and openssl_decrypt(). The underlying library (libmcrypt) has been abandoned since 2007, and performs far worse than OpenSSL (which leverages AES-NI on modern processors and is cache-timing safe).
Also, MCRYPT_RIJNDAEL_256 is not AES-256, it's a different variant of the Rijndael block cipher. If you want AES-256 in mcrypt, you have to use MCRYPT_RIJNDAEL_128 with a 32-byte key. OpenSSL makes it more obvious which mode you are using (i.e. 'aes-128-cbc' vs 'aes-256-ctr').
来源和进一步阅读:https://secure.php.net/manual/de/function.mcrypt-encrypt.php#117667
我对使用 php 的 mcrypt 的 AES-128 和 AES-512 的区别感到困惑。区别只是密钥的长度(32 和 64 个字符),或者区别在于使用的算法,例如 MCRYPT_RIJNDAEL_128?如果差异是后者,AES-512 的算法应该如何?
在 AES 中,-xxx 是密钥长度 - 但是我相信 PHP 支持的三种 AES 密码是 AES-128、AES-192 和 AES-256
首先没有AES-512。 AES 指定了密钥长度 128、192 和 256。接下来请注意不要将 Rijndael 与 AES 混用! AES 基于 Rijndael,但后者也提供了块长度的选择。此块长度在 PHP 中可以使用常量 MCRYPT_RIJNDAEL_128、MCRYPT_RIJNDAEL_192、MCRYPT_RIJNDAEL_256.
最后,请避免使用mcrypt。有更好的选择,即 openssl:
If you're writing code to encrypt/encrypt data in 2015, you should use openssl_encrypt() and openssl_decrypt(). The underlying library (libmcrypt) has been abandoned since 2007, and performs far worse than OpenSSL (which leverages AES-NI on modern processors and is cache-timing safe).
Also, MCRYPT_RIJNDAEL_256 is not AES-256, it's a different variant of the Rijndael block cipher. If you want AES-256 in mcrypt, you have to use MCRYPT_RIJNDAEL_128 with a 32-byte key. OpenSSL makes it more obvious which mode you are using (i.e. 'aes-128-cbc' vs 'aes-256-ctr').
来源和进一步阅读:https://secure.php.net/manual/de/function.mcrypt-encrypt.php#117667