在Cortex-m3上实现AES或DES算法
DES
It was once a predominant symmetric-key algorithm for the encryption of electronic data.
AES
For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
那DES和AES选择哪一个呢?
根据资料,DES较老,AES的速度和可靠性方面更好些,所以选择AES吧。
另一个角度,为什么UDP包在Wifi网络上是不加密的呢?
As far as I understand, WiFi networks that require no password send traffic through the air unencrypted. Those that require a password encrypt each connection uniquely, even if they’re all using the same password.
If this is true, I don’t understand why. Requiring a password for access and encrypting connections seem like totally separate issues.
合理解释了这个问题。因为连进同一个路由器的设备在链路层上是没有任何加密的,所以我们要在应用层上加上加密步骤。
AES的实现
步骤 | 解释 |
---|---|
substitution | 字符替代 |
permutation | 字符打乱,分散 |
10 rounds for 128-bit key
加密
步骤 | 解释 |
---|---|
Key expansion | 生成 Key Schedule, expanding a short key into a larger key, whose parts are used during the different iterations. |
SubBytes | |
ShiftRow | |
MixColumnz | |
Add Round Keys |
解密
步骤 | 解释 |
---|---|
Inverse Shift Row | |
Inverse SubBytes | |
Add Round Key | |
Inverse Mix Column |
补充:
The last round for encryption does not involve the “Mix columns” step. The last round for decryption does not involve the “Inverse mix columns” step.
使用CBC mode. 但是当前的应用的话,使用ECB mode也没有什么问题。在Github上找到了一个范例,在Mac OSX上编译成功了。下一步再把代码移植到Cortex-M3环境。