CipherMode Enum

定义

指定要用于加密的块密码模式。 Specifies the block cipher mode to use for encryption.

[System.Runtime.InteropServices.ComVisible(true)]
public enum CipherMode
继承
属性

字段

CBC 1

密码块链 (CBC) 模式引入了反馈。 The Cipher Block Chaining (CBC) mode introduces feedback. 每个纯文本块在加密前,通过按位“异或”操作与前一个块的密码文本结合。 Before each plain text block is encrypted, it is combined with the cipher text of the previous block by a bitwise exclusive OR operation. 这样确保了即使纯文本包含许多相同的块,这些块中的每一个也会加密为不同的密码文本块。 This ensures that even if the plain text contains many identical blocks, they will each encrypt to a different cipher text block. 在加密块之前,初始化向量通过按位“异或”操作与第一个纯文本块结合。 The initialization vector is combined with the first plain text block by a bitwise exclusive OR operation before the block is encrypted. 如果密码文本块中有一个位出错,相应的纯文本块也将出错。 If a single bit of the cipher text block is mangled, the corresponding plain text block will also be mangled. 此外,后面的块中与原出错位的位置相同的位也将出错。 In addition, a bit in the subsequent block, in the same position as the original mangled bit, will be mangled.

CFB 4

密码反馈 (CFB) 模式将少量递增的纯文本处理成密码文本,而不是一次处理整个块。 The Cipher Feedback (CFB) mode processes small increments of plain text into cipher text, instead of processing an entire block at a time. 该模式使用在长度上为一个块且被分为几部分的移位寄存器。 This mode uses a shift register that is one block in length and is divided into sections. 例如,如果块大小为 8 个字节,并且每次处理一个字节,则移位寄存器被分为 8 个部分。 For example, if the block size is 8 bytes, with one byte processed at a time, the shift register is divided into eight sections. 如果密码文本中有一个位出错,则一个纯文本位出错,并且移位寄存器损坏。 If a bit in the cipher text is mangled, one plain text bit is mangled and the shift register is corrupted. 这将导致接下来若干次递增的纯文本出错,直到出错位从移位寄存器中移出为止。 This results in the next several plain text increments being mangled until the bad bit is shifted out of the shift register. 默认反馈大小可以根据算法而变,但通常是 8 位或块大小的位数。 The default feedback size can vary by algorithm, but is typically either 8 bits or the number of bits of the block size. 使用 FeedbackSize 属性,可以改变反馈位数。 You can alter the number of feedback bits by using the FeedbackSize property. 支持 CFB 的算法使用此属性来设置反馈。 Algorithms that support CFB use this property to set the feedback.

CTS 5

密码文本窃用 (CTS) 模式处理任何长度的纯文本并产生长度与纯文本长度匹配的密码文本。 The Cipher Text Stealing (CTS) mode handles any length of plain text and produces cipher text whose length matches the plain text length. 除了最后两个纯文本块外,对于所有其他块,此模式与 CBC 模式的行为相同。 This mode behaves like the CBC mode for all but the last two blocks of the plain text.

ECB 2

电子密码本 (ECB) 模式分别加密每个块。 The Electronic Codebook (ECB) mode encrypts each block individually. 任何纯文本块只要相同并且在同一消息中,或者在用相同的密钥加密的不同消息中,都将被转换成同样的密码文本块。 Any blocks of plain text that are identical and in the same message, or that are in a different message encrypted with the same key, will be transformed into identical cipher text blocks. 重要事项:不建议使用此模式,因为它存在多个安全隐患。 Important: This mode is not recommended because it opens the door for multiple security exploits. 如果要加密的纯文本包含大量重复的块,则逐块破解密码文本是可行的。 If the plain text to be encrypted contains substantial repetition, it is feasible for the cipher text to be broken one block at a time. 另外,还可以使用块分析来确定加密密钥。 It is also possible to use block analysis to determine the encryption key. 此外,随时准备攻击的对手可能会在您没有察觉的情况下替代和交换个别的块,这能让块在不为您所知的情况下保存并插入流中的其他位置。 Also, an active adversary can substitute and exchange individual blocks without detection, which allows blocks to be saved and inserted into the stream at other points without detection.

OFB 3

输出反馈 (OFB) 模式将少量递增的纯文本处理成密码文本,而不是一次处理整个块。 The Output Feedback (OFB) mode processes small increments of plain text into cipher text instead of processing an entire block at a time. 此模式与 CFB 相似;这两种模式的唯一差别是移位寄存器的填充方式不同。 This mode is similar to CFB; the only difference between the two modes is the way that the shift register is filled. 如果密码文本中有一个位出错,纯文本中相应的位也将出错。 If a bit in the cipher text is mangled, the corresponding bit of plain text will be mangled. 但是,如果密码文本中有多余或者缺少的位,则那个位之后的纯文本都将出错。 However, if there are extra or missing bits from the cipher text, the plain text will be mangled from that point on.

注解

密码块算法加密数据块为单位,而不是一次一个字节。Block cipher algorithms encrypt data in block units, rather than a single byte at a time. 最常见的块大小为 8 个字节。The most common block size is 8 bytes. 由于大量处理每个块,块加密法提供比流密码更高级别的安全性。Because each block is heavily processed, block ciphers provide a higher level of security than stream ciphers. 但是,密码块算法执行起来通常比流密码更慢。However, block cipher algorithms tend to execute more slowly than stream ciphers.

对于每个块,块加密法使用相同的加密算法。Block ciphers use the same encryption algorithm for each block. 因此,纯文本块将始终返回相同的密码文本时使用相同的密钥和算法加密。Because of this, a block of plain text will always return the same cipher text when encrypted with the same key and algorithm. 可以使用此行为来破解密码,因为引入了修改加密过程根据反馈以前的块加密法模式。Because this behavior can be used to crack a cipher, cipher modes are introduced that modify the encryption process based on feedback from earlier block encryptions. 生成的加密提供了比简单块加密更高级别的安全性。The resulting encryption provides a higher level of security than a simple block encryption.

适用于