algorithm - Is the RijndaelManaged Class in C# equ

2020-06-30 05:42发布

问题:

I am asking this question to confirm whether the RijndaelManaged class in C# is equivalent to AES encryption. From what I have been reading, RijndaelManaged was the algorithm of choice to implement AES encyrption. Can someone confirm this please?

Is RijndaelManaged algorithm safe to be used for a web project? Thanks :)

回答1:

The AES algorithm was selected in a competition held by NIST between 1997 and 2000. The winner was an algorithm called Rijndael.

NIST specified that the AES algorithm was to have a 128-bit block size. As Rijndael supports block sizes of 128, 160, 192, 224, and 256 bits, the final AES specification differs from the original Rijndael specification in that regard. In other words, "AES" and "Rijndael" are the same algorithm, except "AES" is restricted to a block size of 128 bits.

Block size has nothing to do with key size though. The algorithm in question supports 128, 192, and 256-bit keys. Longer keys are not necessarily "stronger", because AES has certain theoretical weaknesses. Either way, 128-bit keys are plenty long enough for the foreseeable future.

As EkoostikMartin said, AES is unbreakable to date. But cryptography is hard, and even professionals don't get it right every time. Using raw cryptographic primitives without knowing exactly what you're doing will likely result in something bad. To put it another way, the cipher is very rarely the weakest link in the "security chain".



回答2:

If you want to use AES, just use the AesManaged class - http://msdn.microsoft.com/en-us/library/system.security.cryptography.aesmanaged%28v=vs.100%29.aspx

The RijndaelManaged class you referenced does not exactly fit into the AES specs, mostly since it gives options as far as block sizes. AesManaged uses the 128-bit block size as specified.

As far as being "safe" for a web project, well its a very strong encryption method (it's never been broken as far as I know), but like anything it must be used correctly.



回答3:

There are a few differences, notably the ability to change the block size as well as key size. (AES uses a fixed block size of 128 as far as I know)
If you're using CFB in Rijndael the block size will adjust to the feedback size, meaning that you cannot guarantee a block size of 128.

In order to ensure equivalency you will have to use a block size of 128, and either avoid CFB or ensure that the feedback size is also 128.

Another thing to note: if you are using a static IV with CFB then your cipher will be deterministic. Avoid this as the prefixed IV can then be easily identified and used to decrypt your data.

(sorry to raise an old thread, but this information wasn't on here)