對(duì)稱(chēng)密碼體制

1、云南大學(xué)數(shù)學(xué)與統(tǒng)計(jì)學(xué)實(shí)驗(yàn)教學(xué)中心實(shí)驗(yàn)報(bào)告云南大學(xué)數(shù)學(xué)與統(tǒng)計(jì)學(xué)實(shí)驗(yàn)教學(xué)中心實(shí)驗(yàn)報(bào)告課程名稱(chēng)：計(jì)算機(jī)網(wǎng)絡(luò)實(shí)驗(yàn)學(xué)期：2012-2013學(xué)年第二學(xué)期成績(jī)：指導(dǎo)教師： 陸正福學(xué)生姓名：盧富毓 學(xué)生學(xué)號(hào)：20101910072實(shí)驗(yàn)名稱(chēng)：對(duì)稱(chēng)密碼體制實(shí)驗(yàn)要求： 必做實(shí)驗(yàn)學(xué)時(shí)：4學(xué)時(shí)實(shí)驗(yàn)編號(hào)： No.13實(shí)驗(yàn)日期：2013/3/28完成日期：2013/6/6學(xué)院：數(shù)學(xué)與統(tǒng)計(jì)學(xué)院專(zhuān)業(yè) ： 信息與計(jì)算科學(xué)年級(jí)： 2010級(jí)一、實(shí)驗(yàn)?zāi)康模和ㄟ^(guò)實(shí)驗(yàn)掌握AES加密實(shí)驗(yàn)的構(gòu)造算法，以及其重要思想。二、實(shí)驗(yàn)內(nèi)容： 查閱資料，實(shí)現(xiàn)AES密碼體制的編碼算法、譯碼算法、子密鑰生成算法三、實(shí)驗(yàn)環(huán)境Win7、Eclipse四、實(shí)驗(yàn)過(guò)

2、程（請(qǐng)學(xué)生認(rèn)真填寫(xiě)）：實(shí)驗(yàn)過(guò)程、結(jié)果以及相應(yīng)的解釋?zhuān)?. 預(yù)備知識(shí)密碼學(xué)中的高級(jí)加密標(biāo)準(zhǔn)（Advanced Encryption Standard，AES），是一種對(duì)稱(chēng)加密的方法。本實(shí)驗(yàn)使用Java平臺(tái)來(lái)編寫(xiě)的，雖然在java中已經(jīng)很好的實(shí)現(xiàn)了AES等安全機(jī)制，但是為了了解如何實(shí)現(xiàn)，還是寫(xiě)了一個(gè)AES加密的java程序。2. 實(shí)驗(yàn)過(guò)程A、 原理分析：大多數(shù)AES計(jì)算是在一個(gè)特別的有限域完成的。AES加密過(guò)程是在一個(gè)44的字節(jié)矩陣上運(yùn)作，這個(gè)矩陣又稱(chēng)為“體（state）”，其初值就是一個(gè)明文區(qū)塊（矩陣中一個(gè)元素大小就是明文區(qū)塊中的一個(gè)Byte）。（Rijndael加密法因支持更大的區(qū)塊，其矩陣行

3、數(shù)可視情況增加）加密時(shí)，各輪AES加密循環(huán)（除最后一輪外）均包含4個(gè)步驟：AddRoundKey 矩陣中的每一個(gè)字節(jié)都與該次回合金鑰（round key）做XOR運(yùn)算；每個(gè)子密鑰由密鑰生成方案產(chǎn)生。SubBytes 通過(guò)一個(gè)非線性的替換函數(shù)，用查找表的方式把每個(gè)字節(jié)替換成對(duì)應(yīng)的字節(jié)。ShiftRows 將矩陣中的每個(gè)橫列進(jìn)行循環(huán)式移位。MixColumns 為了充分混合矩陣中各個(gè)直行的操作。這個(gè)步驟使用線性轉(zhuǎn)換來(lái)混合每列的四個(gè)字節(jié)。最后一個(gè)加密循環(huán)中省略MixColumns步驟，而以另一個(gè)AddRoundKey取代。B、 具體代碼如下：/如6.2，若是將每一行看做是一個(gè)對(duì)象的話/具體實(shí)現(xiàn)的整體

4、結(jié)構(gòu)思想如此下圖結(jié)果如下：/得到結(jié)果與真實(shí)結(jié)果一樣。說(shuō)明正確具體代碼如下：由于所寫(xiě)代碼過(guò)多，所以，本代碼附在最后！五、實(shí)驗(yàn)總結(jié)1遇到的問(wèn)題及分析：遇到問(wèn)題：其實(shí)這次編寫(xiě)程序遇到的問(wèn)題還是蠻多的！例如S盒子的生成、逆S盒子的生成，算法中的每一步輪轉(zhuǎn)，密鑰生成，密鑰長(zhǎng)度等都遇到了問(wèn)題。由于時(shí)間倉(cāng)促，這里就不一一舉出來(lái)了。分析并解決：-通過(guò)圖書(shū)館查詢(xún)相應(yīng)資料以及課本查閱得到了一些解決。同時(shí)在網(wǎng)上查找到了一使用C+編寫(xiě)的程序代碼以及算法理論。得到了解決。2體會(huì)和收獲。編程實(shí)現(xiàn)了AES，個(gè)人感覺(jué)AEs實(shí)現(xiàn)起來(lái)還是比較困難的（對(duì)于我來(lái)說(shuō)）因?yàn)樗虚g的矩陣操作復(fù)雜。當(dāng)然收獲就是能有一定能力來(lái)編寫(xiě)這樣的一個(gè)程

5、序了。六、參考文獻(xiàn)計(jì)算機(jī)網(wǎng)絡(luò)課本。七、教師評(píng)語(yǔ)：附錄：AES代碼*Aes.java*package AES;/* * AES字節(jié)數(shù)組加密算法類(lèi) */public class Aes private int Nb;/ 以32位為單位的字長(zhǎng)private int Nk;/ 以32位為單位的密鑰長(zhǎng)度private int Nr;/ 輪數(shù)private byte key;/ 密鑰private byte Sbox;/ S盒矩陣private byte iSbox;/ s盒逆矩陣private byte w;/ 密鑰調(diào)度表private byte Rcon;/ 輪常數(shù)表private byte Stat

6、e;/ 狀態(tài)矩陣/* * 構(gòu)造方法 * param keySize * param keyBytes */public Aes(int keySize, byte keyBytes, int Nb) SetNbNkNr(keySize, Nb);this.key = new bytethis.Nk * 4;this.key = keyBytes;BuildSbox();BuildInvSbox();BuildRcon();KeyExpansion();/* * 生成Rcon輪常數(shù)矩陣 */private void BuildRcon() this.Rcon = new byte1004;Rco

7、n00 = 0x00;/ Rcon10=0x01;for (int i = 1; i 100; i+) Rconi0 = gfmultby02(Rconi - 10);/* * 設(shè)置Nb,Nk,Nr * param keysize */private void SetNbNkNr(int keysize, int Nb) this.Nb = Nb;switch (keysize) case KEYSIZE.Bit128:this.Nk = 4;this.Nr = 10;break;case KEYSIZE.Bit192:this.Nk = 6;this.Nr = 12;break;case K

8、EYSIZE.Bit256:this.Nk = 8;this.Nr = 14;break;/* * 生成S盒矩陣 */private void BuildSbox() this.Sbox = new byte /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */* 0 */ 0x63, 0x7c, 0x77, 0x7b, (byte) 0xf2, 0x6b, 0x6f,(byte) 0xc5, 0x30, 0x01, 0x67, 0x2b, (byte) 0xfe,(byte) 0xd7, (byte) 0xab, 0x76 ,/* 1 */ (byte) 0xca, (

9、byte) 0x82, (byte) 0xc9, 0x7d,(byte) 0xfa, 0x59, 0x47, (byte) 0xf0, (byte) 0xad,(byte) 0xd4, (byte) 0xa2, (byte) 0xaf, (byte) 0x9c,(byte) 0xa4, 0x72, (byte) 0xc0 ,/* 2 */ (byte) 0xb7, (byte) 0xfd, (byte) 0x93, 0x26, 0x36,0x3f, (byte) 0xf7, (byte) 0xcc, 0x34, (byte) 0xa5,(byte) 0xe5, (byte) 0xf1, 0x7

10、1, (byte) 0xd8, 0x31, 0x15 ,/* 3 */ 0x04, (byte) 0xc7, 0x23, (byte) 0xc3, 0x18,(byte) 0x96, 0x05, (byte) 0x9a, 0x07, 0x12,(byte) 0x80, (byte) 0xe2, (byte) 0xeb, 0x27,(byte) 0xb2, 0x75 ,/* 4 */ 0x09, (byte) 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a,(byte) 0xa0, 0x52, 0x3b, (byte) 0xd6, (byte) 0xb3,0x29, (by

11、te) 0xe3, 0x2f, (byte) 0x84 ,/* 5 */ 0x53, (byte) 0xd1, 0x00, (byte) 0xed, 0x20,(byte) 0xfc, (byte) 0xb1, 0x5b, 0x6a, (byte) 0xcb,(byte) 0xbe, 0x39, 0x4a, 0x4c, 0x58, (byte) 0xcf ,/* 6 */ (byte) 0xd0, (byte) 0xef, (byte) 0xaa, (byte) 0xfb,0x43, 0x4d, 0x33, (byte) 0x85, 0x45, (byte) 0xf9, 0x02,0x7f,

12、0x50, 0x3c, (byte) 0x9f, (byte) 0xa8 ,/* 7 */ 0x51, (byte) 0xa3, 0x40, (byte) 0x8f, (byte) 0x92,(byte) 0x9d, 0x38, (byte) 0xf5, (byte) 0xbc,(byte) 0xb6, (byte) 0xda, 0x21, 0x10, (byte) 0xff,(byte) 0xf3, (byte) 0xd2 ,/* 8 */ (byte) 0xcd, 0x0c, 0x13, (byte) 0xec, 0x5f,(byte) 0x97, 0x44, 0x17, (byte) 0

13、xc4, (byte) 0xa7,0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 ,/* 9 */ 0x60, (byte) 0x81, 0x4f, (byte) 0xdc, 0x22, 0x2a,(byte) 0x90, (byte) 0x88, 0x46, (byte) 0xee,(byte) 0xb8, 0x14, (byte) 0xde, 0x5e, 0x0b, (byte) 0xdb ,/* a */ (byte) 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,(byte) 0xc2, (byte) 0xd3, (

14、byte) 0xac, 0x62,(byte) 0x91, (byte) 0x95, (byte) 0xe4, 0x79 ,/* b */ (byte) 0xe7, (byte) 0xc8, 0x37, 0x6d, (byte) 0x8d,(byte) 0xd5, 0x4e, (byte) 0xa9, 0x6c, 0x56,(byte) 0xf4, (byte) 0xea, 0x65, 0x7a, (byte) 0xae, 0x08 ,/* c */ (byte) 0xba, 0x78, 0x25, 0x2e, 0x1c, (byte) 0xa6,(byte) 0xb4, (byte) 0xc

15、6, (byte) 0xe8, (byte) 0xdd,0x74, 0x1f, 0x4b, (byte) 0xbd, (byte) 0x8b, (byte) 0x8a ,/* d */ 0x70, 0x3e, (byte) 0xb5, 0x66, 0x48, 0x03,(byte) 0xf6, 0x0e, 0x61, 0x35, 0x57, (byte) 0xb9,(byte) 0x86, (byte) 0xc1, 0x1d, (byte) 0x9e ,/* e */ (byte) 0xe1, (byte) 0xf8, (byte) 0x98, 0x11, 0x69,(byte) 0xd9,

16、(byte) 0x8e, (byte) 0x94, (byte) 0x9b,0x1e, (byte) 0x87, (byte) 0xe9, (byte) 0xce, 0x55,0x28, (byte) 0xdf ,/* f */ (byte) 0x8c, (byte) 0xa1, (byte) 0x89, 0x0d,(byte) 0xbf, (byte) 0xe6, 0x42, 0x68, 0x41,(byte) 0x99, 0x2d, 0x0f, (byte) 0xb0, 0x54,(byte) 0xbb, 0x16 ;/* * 生成逆s盒矩陣 */private void BuildInv

17、Sbox() int x, y;this.iSbox = new byte1616;for (int i = 0; i 16; i+) for (int j = 0; j 4) & 0x0f);y = (int) (this.Sboxij & 0x0f);this.iSboxxy = (byte) (16 * i + j);/* * 擴(kuò)展密鑰 */private void KeyExpansion() this.w = new byteNb * (Nr + 1)4;for (int row = 0; row Nk; +row) this.wrow0 = this.key4 * row;this

18、.wrow1 = this.key4 * row + 1;this.wrow2 = this.key4 * row + 2;this.wrow3 = this.key4 * row + 3;byte temp = new byteNb;for (int row = Nk; row 6 & (row % Nk = 4) temp = SubWord(temp);this.wrow0 = (byte) (this.wrow - Nk0 temp0);this.wrow1 = (byte) (this.wrow - Nk1 temp1);this.wrow2 = (byte) (this.wrow

19、- Nk2 temp2);this.wrow3 = (byte) (this.wrow - Nk3 temp3);/* * SubWord方法 * param subWord * return */private byte SubWord(byte subWord) for (int c = 0; c 4) & 0x0f(subWordc & 0x0f);return subWord;/* * RotWord方法 * param rotWord * return */private byte RotWord(byte rotWord) byte temp = rotWord;byte b =

20、new byte4;for (int i = 0; i 4; i+) bi = temp(i + 1) % 4;return b;/* * 輪密鑰加 * param round */private void AddRoundKey(int round) for (int r = 0; r 4; +r) for (int c = 0; c Nb; +c) this.Staterc = (byte) (this.Staterc w(round * Nb)+ cr);/* * SubBytes方法 */private void SubBytes() for (int r = 0; r 4; +r)

21、for (int c = 0; c 4) & 0x0f(this.Staterc & 0x0f);/* * InvSubBytes方法 */private void InvSubBytes() for (int r = 0; r 4; +r) for (int c = 0; c 4) & 0x0f(this.Staterc & 0x0f);/* * 行移位 */private void ShiftRows() byte temp = new byte4Nb;for (int r = 0; r 4; +r) for (int c = 0; c Nb; +c) temprc = this.Stat

22、erc;for (int r = 1; r 4; +r) for (int c = 0; c Nb; +c) this.Staterc = tempr(c + r) % Nb;/* * 逆行移位 */private void InvShiftRows() byte temp = new byte4Nb;for (int r = 0; r 4; +r) for (int c = 0; c Nb; +c) temprc = this.Staterc;for (int r = 1; r 4; +r) for (int c = 0; c Nb; +c) this.Staterc = tempr(c -

23、 r + Nb) % Nb;/* * 列混合 */private void MixColumns() byte temp = new byte4Nb;for (int r = 0; r 4; +r) for (int c = 0; c Nb; +c) temprc = this.Staterc;for (int c = 0; c Nb; +c) this.State0c = (byte) (gfmultby02(temp0c) gfmultby03(temp1c) gfmultby01(temp2c) gfmultby01(temp3c);this.State1c = (byte) (gfmu

24、ltby01(temp0c) gfmultby02(temp1c) gfmultby03(temp2c) gfmultby01(temp3c);this.State2c = (byte) (gfmultby01(temp0c) (gfmultby01(temp1c) gfmultby02(temp2c) gfmultby03(temp3c);this.State3c = (byte) (gfmultby03(temp0c) gfmultby01(temp1c) (gfmultby01(temp2c) gfmultby02(temp3c);/* * 逆列混合 */private void Inv

25、MixColumns() byte temp = new byte4Nb;for (int r = 0; r 4; +r) for (int c = 0; c Nb; +c) temprc = this.Staterc;for (int c = 0; c 7) & 0x01) = 0) / !這里比較大小的時(shí)候注意符號(hào)位return (byte) (b 1);elsereturn (byte) (b 1) (byte) 0x1b);private byte gfmultby03(byte b) return (byte) (gfmultby02(b) gfmultby01(b);private

26、 byte gfmultby09(byte b) return (byte) (gfmultby02(gfmultby02(gfmultby02(b) gfmultby01(b);private byte gfmultby0b(byte b) return (byte) (gfmultby02(gfmultby02(gfmultby02(b) gfmultby02(b) gfmultby01(b);private byte gfmultby0d(byte b) return (byte) (gfmultby02(gfmultby02(gfmultby02(b) gfmultby02(gfmul

27、tby02(b) gfmultby01(b);private byte gfmultby0e(byte b) return (byte) (gfmultby02(gfmultby02(gfmultby02(b) gfmultby02(gfmultby02(b) gfmultby02(b);/* * 加密過(guò)程 * param input * param output */public void Cipher(byte input, byte output) this.State = new byte4Nb;for (int i = 0; i (4 * Nb); i+) this.Statei /

28、 Nbi % Nb = inputi;/ 初始化狀態(tài)矩陣AddRoundKey(0);/ 輪密鑰加for (int round = 1; round Nr; +round) SubBytes();/ S盒變換ShiftRows();/ 行移位MixColumns();/ 列混合AddRoundKey(round);SubBytes();/ S盒置換ShiftRows();/ 行移位AddRoundKey(Nr);/ 輪密鑰加for (int i = 0; i (4 * Nb); i+) outputi = this.Statei / Nbi % Nb;/* * 解密過(guò)程 * param inp

29、uts * param output */public void Invcipher(byte input, byte output) this.State = new byte4Nb;for (int i = 0; i 0; round-) InvShiftRows();/ 逆行移位InvSubBytes();/ 逆S盒置換AddRoundKey(round);/ 輪密鑰加InvMixColumns();/ 逆列混合InvShiftRows();/ 逆行移位InvSubBytes();/ 逆S盒置換AddRoundKey(0);/ 輪密鑰加for (int i = 0; i (4 * Nb)

30、; +i) outputi = this.Statei / Nbi % Nb;/ 輸出結(jié)果*AesCipherAndInvCipher.java*package AES;import java.io.UnsupportedEncodingException;import java.security.InvalidKeyException;/* * 輔助類(lèi) 處理明文字符輸入字節(jié)數(shù)不匹配等問(wèn)題 */public class AesCipherAndInvCipher byte key;/ 密鑰private byte pt;/ 明文字節(jié)數(shù)組private byte ct;private int m

31、ode;private int Nb = 0;private int dataLength;private int blockSize = 4;/ 分組大小32位,4bytespublic AesCipherAndInvCipher(byte kb) this.key = kb;/* * 加密 * param kb * param plainText * return 加密后密文字節(jié)數(shù)組 */private byte Eecrypt(String plainText, byte kb)throws InvalidKeyException try pt = plainText.getBytes(

32、UTF-8);/ 獲取明文字節(jié)數(shù)組 catch (UnsupportedEncodingException e) System.out.println(不支持的編碼類(lèi)型！);e.printStackTrace();dataLength = pt.length;mode = dataLength % blockSize;/ 判斷明文數(shù)組長(zhǎng)度是否與分組長(zhǎng)度匹配ct = new bytemode = 0 ? pt.length : dataLength / blockSize * 4 + 32;/ 密文字節(jié)數(shù)組Nb = dataLength / blockSize;Aes a1 = new Aes(

33、KEYSIZE.Bit128, kb, Nb);Aes a2 = new Aes(KEYSIZE.Bit128, kb, 4);Aes a3 = new Aes(KEYSIZE.Bit128, kb, 4);if (mode = 0) a1.Cipher(pt, ct); else byte b1 = new byteblockSize * Nb;/ 匹配的部分byte b2 = new byte16;/ 剩余部分byte b3 = new byte16;/ 存明文長(zhǎng)度byte c1 = new byteb1.length;byte c2 = new byteb2.length;byte c3

34、 = new byteb3.length;System.arraycopy(pt, 0, b1, 0, b1.length);System.arraycopy(pt, Nb * blockSize, b2, 0, mode);b3 = intToByteArray(dataLength);a1.Cipher(b1, c1);a2.Cipher(b2, c2);a3.Cipher(b3, c3);System.arraycopy(c1, 0, ct, 0, c1.length);System.arraycopy(c2, 0, ct, b1.length, c2.length);System.ar

35、raycopy(c3, 0, ct, b1.length + b2.length, c3.length);return ct;public byte EecryptToBytes(String plainText, byte kb)throws InvalidKeyException byte ct = Eecrypt(plainText, kb);return ct;public String EecryptToString(String plainText, byte kb)throws InvalidKeyException byte ct = Eecrypt(plainText, kb

36、);return BytesToString(ct);/* * 解密 */public String Decrypt(byte ct, byte kb) String s = ;if (mode = 0) byte output = new bytedataLength;Aes a = new Aes(KEYSIZE.Bit128, kb, Nb);a.Invcipher(ct, output);try s = new String(output, UTF-8);System.out.println(解密： + s); catch (UnsupportedEncodingException e

37、) System.out.println(不支持的編碼格式！);e.printStackTrace(); else byte length = new byte16;byte plainText1 = new bytect.length - 32;byte plainText2 = new byte16;Aes a1 = new Aes(KEYSIZE.Bit128, kb, Nb);Aes a2 = new Aes(KEYSIZE.Bit128, kb, 4);Aes a3 = new Aes(KEYSIZE.Bit128, kb, 4);byte c1 = new bytect.lengt

38、h - 32;byte c2 = new byte16;byte c3 = new byte16;System.arraycopy(ct, ct.length - 16, c3, 0, c3.length);System.arraycopy(ct, ct.length - 32, c2, 0, c2.length);System.arraycopy(ct, 0, c1, 0, Nb * blockSize);a3.Invcipher(c3, length);/ 解密明文字節(jié)數(shù)組長(zhǎng)度a2.Invcipher(c2, plainText2);/ 解密剩余的部分a1.Invcipher(c1, pl

39、ainText1);/ 解密匹配的部分int length1 = byteArrayToInt(length);byte output = new bytelength1;System.arraycopy(plainText1, 0, output, 0, plainText1.length);System.arraycopy(plainText2, 0, output, plainText1.length, length1- plainText1.length);try s = new String(output, UTF-8);System.out.println(解密后明文： + s);

40、 catch (UnsupportedEncodingException e) System.out.println(不支持的編碼格式！);e.printStackTrace();return s;public String Decrypt(String cryptText, byte kb) byte ct = StringToBytes(cryptText);return Decrypt(ct, kb);public String Decrypt(Byte ct, byte kb) return Decrypt(ct, kb);/* * int轉(zhuǎn)化為Byte數(shù)組 * * param val

41、ue * return */private static byte intToByteArray(int value) byte b = new byte16;for (int i = 0; i offset) & 0xFF);for (int i = 4; i 16; i+) bi = 0;return b;/* * byte數(shù)組轉(zhuǎn)化為int * * param b * return */private static final int byteArrayToInt(byte b) byte b1 = new byte4;System.arraycopy(b, 0, b1, 0, 4);re

42、turn (b10 24) + (b11 & 0xFF) 16) + (b12 & 0xFF) 8)+ (b13 & 0xFF);/* * 顯示字節(jié)數(shù)組 * * param b */public static void DisplayAsBytes(byte b) for (int i = 0; i b.length; i+) String hex = Integer.toHexString(bi & 0xFF);if (hex.length() = 1) hex = 0 + hex;System.out.print(hex.toUpperCase() + );System.out.println();private static String BytesToString(byte b) String s = ;for (int i = 0; i b.length; i+) String hex = Integer.toHexString(bi & 0xFF);if (hex.length() = 1) hex = 0 + hex;s += hex;return s;private static byte StringToBytes(String cryptText) byte b = new bytecryptText.length() / 2;int a =