Fatal编程技术网
  • python/
  • Python 每次返回不同加密文本的AES加密方法

Python 每次返回不同加密文本的AES加密方法

python hash

Python 每次返回不同加密文本的AES加密方法,python,hash,aes,sha,Python,Hash,Aes,Sha,我一直在研究一个纯粹的概念验证代码,该代码源于Diffie-Hellman密钥对交换,通过对这些密钥进行SHA-256加密,然后将其用作AES-256文本加密的密钥。我写它只是为了个人使用。我知道素数和秘密需要更长的时间 我唯一有问题的代码是AES-256加密。当它显示加密文本并能够对其解密时,它似乎可以工作,但经过仔细检查,加密文本在每次运行程序时都会发生变化?我觉得这很奇怪,因为程序能够加密给定的纯文本,生成加密文本,然后使用给定的密钥解密。但是,每次使用相同的明文和密钥运行程序时,此加密文

我一直在研究一个纯粹的概念验证代码,该代码源于Diffie-Hellman密钥对交换,通过对这些密钥进行SHA-256加密,然后将其用作AES-256文本加密的密钥。我写它只是为了个人使用。我知道素数和秘密需要更长的时间

我唯一有问题的代码是AES-256加密。当它显示加密文本并能够对其解密时,它似乎可以工作,但经过仔细检查,加密文本在每次运行程序时都会发生变化?我觉得这很奇怪,因为程序能够加密给定的纯文本,生成加密文本,然后使用给定的密钥解密。但是,每次使用相同的明文和密钥运行程序时,此加密文本都会更改

请看下面的代码

from __future__ import print_function
import hashlib
from Crypto.Cipher import AES
from Crypto import Random
from base64 import b64encode, b64decode
 
# Variables
sharedPrime = 3721728827    # p
sharedBase = 2097383831     # g
 
p1Secret = 927391    # a
p2Secret = 193749    # b
 
# Begin
print( "\n--------------------------------------------\n" )
print( "Publicly Shared Variables:")
print( "    Publicly Shared Prime (p): " , sharedPrime )
print( "    Publicly Shared Base (g):  " , sharedBase )

print( "\nPrivate Variables:")
print( "    Private key a (a): " , p1Secret )
print( "    Private key b (b):  " , p2Secret )
print( "\n--------------------------------------------\n" )

# Person1 Sends Person2 A = g^a mod p
A = (sharedBase**p1Secret) % sharedPrime
print("Public Keys Sent Over Public Chanel: ")
print("    A = g^b mod p")
print("    Person1 Sends Over Public Chanel: " , A )
 
# Person2 Sends Person1 B = g^b mod p
B = (sharedBase ** p2Secret) % sharedPrime
print("    B = g^a mod p")
print("    Person2 Sends Over Public Chanel: ", B )
 
print( "\n--------------------------------------------\n" )
print( "Privately Calculated Shared Secret: " )
# P1 Computes Shared Secret: s = B^a mod p
p1SharedSecret = (B ** p1Secret) % sharedPrime
print( "    s = B^a mod p")
print( "    Person1 Shared Secret: ", p1SharedSecret )
 
# P2 Computes Shared Secret: s = A^b mod p
p2SharedSecret = (A**p2Secret) % sharedPrime
print( "    s = A^b mod p")
print( "    Person2 Shared Secret: ", p2SharedSecret )
print( "\n--------------------------------------------\n" )

# Converts DH secret to SHA256
print( "Converting shared key to SHA-256 key")
secretbyte = str(p1SharedSecret).encode()
print( "    Shared secret to bytes: ", secretbyte)
shaV = hashlib.sha256(secretbyte).hexdigest()

print( "    SHA-256 key: ", shaV)
key32 = shaV[0:32]
print( "    SHA-256 key to AES-256 32bit secret key: ", key32)
print( "\n--------------------------------------------\n" )

#Begin AES-256 encryption
print( "Using SHA-256 32bit key for AES-256 encryption")
class AESCipher(object):
    def __init__(self, key):
        self.block_size = AES.block_size
        self.key = hashlib.sha256(secretbyte).digest()

    def encrypt(self, plain_text):
        plain_text = self.__pad(plain_text)
        iv = Random.new().read(self.block_size)
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        encrypted_text = cipher.encrypt(plain_text.encode())
        return b64encode(iv + encrypted_text).decode("utf-8")

    def decrypt(self, encrypted_text):
        encrypted_text = b64decode(encrypted_text)
        iv = encrypted_text[:self.block_size]
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        plain_text = cipher.decrypt(encrypted_text[self.block_size:]).decode("utf-8")
        return self.__unpad(plain_text)

    def __pad(self, plain_text):
        number_of_bytes_to_pad = self.block_size - len(plain_text) % self.block_size
        ascii_string = chr(number_of_bytes_to_pad)
        padding_str = number_of_bytes_to_pad * ascii_string
        padded_plain_text = plain_text + padding_str
        return padded_plain_text

    @staticmethod
    def __unpad(plain_text):
        last_character = plain_text[len(plain_text) - 1:]
        return plain_text[:-ord(last_character)]

#Accept user input for encryption
message = input("Please enter message you want to be encrypted: ")
encMessage = AESCipher(key32)
encrypted = encMessage.encrypt(message)
print("Your encrypted message is: \n", encrypted)
print("Person 2 will now decrypt this message using the shared public key")

decrypted = encMessage.decrypt(encrypted)
print("Your decrypted message is: \n", decrypted)
代码生成
72538667a2065257993b531746b9d92527cfe3caecc1457c4842e6a6caffe472的SHA-256键,然后我将其截断为32个字符以生成
72538667a2065257993b531746b9d925的AES-256键。然后,我输入的任何明文都将被成功编码和解码,但是,即使输入相同的密钥和明文,加密文本每次都会更改。我做错什么了吗?
只要你的密文每次都能成功解密,你就不必担心密文会有所不同

您的代码使用CBC链接模式,这种模式很常见,每次加密时都会生成不同的初始化向量,以避免相同的明文在加密后看起来相同(这将部分破坏加密点,因为攻击者现在知道它是否是相同的明文)



图片来源:(公共领域)