问题描述

我正在用 Java 进行基于密码的文件加密；我使用 AES 作为底层加密算法和 PBKDF2WithHmacSHA1 使用以下代码(我从本网站上的另一张慷慨的海报中获得)从盐和密码组合中派生密钥.

I'm doing password based file encryption in Java; I'm using AES as the underlying encryption algorithm and PBKDF2WithHmacSHA1 to derive a key from a salt and password combination using the following code (which I got from another generous poster on this site).

SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec ks = new PBEKeySpec(password,salt,1024,128);
SecretKey s = f.generateSecret(ks);
Key k = new SecretKeySpec(s.getEncoded(),"AES");

我共享盐，用户在每一端输入他们的密码，加密和解密工作正常:-) 我的问题是我希望能够在开始之前验证用户输入的密码是否正确(可能很长)解密过程.我知道 PBKD 规范包含一个可选的 2 字节验证值，但我不确定如何使用上述方法生成该值.Java 是否为此提供支持，或者如果不提供支持，那将是一个安全的替代方案吗?

I share the salt, the user enters their password at each end and encryption and decryption work fine :-) My problem is that i would like to be able to verify that the password the user enters is correct before embarking on the (potentially long) decryption process. I know the PBKD spec includes an optional 2 byte verification value but I'm not sure how to generate this value using the above approach. Does Java provide support for this or if not what would be a secure alternative?

感谢您的宝贵时间.

推荐答案

嘿，感谢疯狂的苏格兰人和克里斯的帮助.在做了一些挖掘之后，我决定使用 Dr Gladmans 文件加密页面 上描述的方法用于进行密码验证和消息验证.我相信这种基于 PBKDF2 和 MAC 的方法使得导出密码的验证值足够昂贵以使其安全.再次感谢，我希望这个解决方案对其他人有所帮助.

Hey, thanks to crazy scot and Chris for there help. After doing some digging i decided to use the methods described on Dr Gladmans file encryption page for doing both password verification and message authentication. I believe this method, based on the PBKDF2 and a MAC, makes deriving the verfication value for m the password sufficiently expensive as to make it secure. Thanks again, and i hope this solution aids others.

这篇关于在 Java 中使用 PBKDF2 进行密码验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！