XTS-AES
AES加密算法, 不说了。<div id="">block cipher的各种工作模式,ECB、CBC、Counter等,不说了。</div><div id=""><br></div><div id="">Cipher在用作disk encryption的时候,也有许多问题要考虑。主要是ECB模式不行(很明显),CBC模式也不好(无法随机访问),所以IEEE标准化了一个P1619标准,IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices,见<a href="http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=4493431" target="_blank" target="_blank">http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=4493431</a></div><div id="">以及wiki页面<span class="Apple-style-span" style="font-family: 'Times New Roman'; "><a href="http://en.wikipedia.org/wiki/IEEE_P1619" target="_blank" target="_blank">http://en.wikipedia.org/wiki/IEEE_P1619</a></span></div><div id=""><br></div><div id="">其中提出了一个名为XTS-AES的encryption mode作为加密模式,特点是:</div><div id="">1,disk block(如一个扇区)分成多个cipher block(如AES-128的128bit);</div><div id="">2,各cipher block之间独立(没有CBC那样的dependency);</div><div id="">3,cipher block的加密输入包含了index信息(扇区号和块号);</div><div id=""><br></div><div id="">更详细信息,可参见TrueCrypt的介绍:</div><div id=""><a href="http://www.truecrypt.org/docs/?s=modes-of-operation" target="_blank" target="_blank">http://www.truecrypt.org/docs/?s=modes-of-operation</a></div><div id=""><br></div><div id="">这个加密模式被用于TrueCyrpt、OpenBSD/FreeBSD的Disk Encryption,以及Mac OS X的FileVault。</div><div id="">更多信息参见wiki页面:</div><div id=""><a href="http://en.wikipedia.org/wiki/Disk_encryption_theory" target="_blank" target="_blank">http://en.wikipedia.org/wiki/Disk_encryption_theory</a></div><div id=""><br></div><div id="aeaoofnhgocdbnbeljkmbjdmhbcokfdb-mousedown">XTS-AES是可以随机访问的,其加密解密也是可以并行化的(类似于ECB或Counter模式),例如TrueCrypt强调的Parallelization</div><div id=""><a href="http://www.truecrypt.org/docs/?s=parallelization" target="_blank" target="_blank">http://www.truecrypt.org/docs/?s=parallelization</a></div><div id="aeaoofnhgocdbnbeljkmbjdmhbcokfdb-mousedown"><br></div>
页:
[1]