Does anyone know a c++ library that uses advanced encryption standard encryption that can achieve encryption and decryption (using counter mode) in just two lines of codes. No need of padding or buffering the plaintexts the library will take care of all this. I have had a look at crypto++, openssl and libtom开发者_如何学JAVAcrypt but in these it seems I need to write codes to buffer and pad the plaintexts which I don't want. In brief, I need something along these lines:
ciphertext = encrypt(ctr_mode(),plaintext,key)
plaintext = decrypt(ctr_mode(),ciphertext,key)
Thanks!
I don't know how strict your requirement that the cipher text be simple AES counter mode, but Google's KeyCzar, provides exactly the kind of interface you are looking for, with more security than what you've described.
They have Python, Java, and C++ implementations available. Additionally, the library also takes care of a lot of other encryption best-practices, including some you might not have been aware of (e.g. probabalistic encryption, key versioning, etc.)
I would not lightly dismiss the extra security provided by KeyCzar. With the scheme you've described, you run into very big trouble if you ever reuse a key. So, in order to make sure you never reuse keys, you will likely have to do a lot of extra key management, which is generally considered one of the hardest parts of any cryptosystem. It's very easy to have your whole cryptosystem fall apart due to sloppy key management!
If you're interested, I can describe further the problems with re-using keys when you are using a deterministic encryption scheme like counter mode.
Well, perhaps I need need to worry about the key reuse but I am not convinced because the situation is as follows:
Some data of any length (data1) comes in; this is fed to the encryption algorithm. Let the secret key be sec_key. The algorithm uses the function encrypt(data1, sec_key, CTR_mode) to encrypt data1. The algorithm will deal with segmenting data1 into a specific block size (maybe I could specify it as 256) and pad if needed. I do not need to worry about these because I expect the library to take care of this.
Now, comes another data, data2. Again, we use the function encrypt(data2,sec_key,CTR_mode). I guess I don't need to worry about the key being reused because, in the end, the IV will be different each time causing the output of each block (in counter mode) to be different.
For the decrypting part the same thing: We know the sec_key and the data. As we feed the ciphertext into the function decrypt(ciphertext,sec_key,CTR_mode) we obtain the original data.
Note: CTR_mode == counter mode
精彩评论