1. Overview
1.概述
The Advanced Encryption Standard (AES) is a widely used symmetric block cipher algorithm. Initialization Vector (IV) plays an important role in the AES algorithm.
高级加密标准(AES)是一种广泛使用的对称块密码算法。初始化向量(IV)在AES算法中发挥着重要作用。
In this tutorial, we’ll explain how to generate IV in Java. Also, we’ll describe how to avoid InvalidAlgorithmParameterException when we generate the IV and use it in a cipher algorithm.
在本教程中,我们将解释如何在Java中生成IV。此外,我们还将描述当我们生成IV并将其用于密码算法时,如何避免InvalidAlgorithmParameterException。
2. Initialization Vector
2.初始化向量
The AES algorithm has usually three inputs: plaintext, secret key, and IV. It supports secret keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. The below figure shows the AES inputs:
AES算法通常有三个输入:明文、秘钥和IV。它支持128、192和256位的秘钥,以128位的数据块进行加密和解密。下图显示了AES的输入。
The goal of IV is to augment the encryption process. The IV is used in conjunction with the secret key in some AES modes of operation. For example, the Cipher Block Chaining (CBC) mode uses the IV in its algorithm.
IV的目的是为了增强加密过程。在某些AES工作模式中,IV与秘钥结合使用。例如,Cipher Block Chaining(CBC)模式在其算法中使用IV。
In general, the IV is a pseudo-random value chosen by the sender. The IV for the encryption must be the same when decrypting information.
一般来说,IV是一个由发送方选择的伪随机值。加密的IV在解密信息时必须是相同的。
It has the same size as the block that is encrypted. Therefore, the size of the IV is 16 bytes or 128 bits.
它的大小与被加密的块相同。因此,IV的大小为16字节或128比特。
3. Generating the IV
3.生成IV
It’s recommended to use java.security.SecureRandom class instead of java.util.Random to generate a random IV. In addition, it’s a best practice that the IV be unpredictable. Also, we should not hard-code the IV in the source code.
建议使用java.security.SecureRandom类而不是java.util.Random来生成一个随机IV。此外,最好的做法是IV是不可预测的。另外,我们不应该在源代码中对IV进行硬编码。
To use the IV in a cipher, we use the IvParameterSpec class. Let’s create a method for generating the IV:
为了在密码中使用IV,我们使用IvParameterSpec类。让我们创建一个生成IV的方法。
public static IvParameterSpec generateIv() {
byte[] iv = new byte[16];
new SecureRandom().nextBytes(iv);
return new IvParameterSpec(iv);
}
4. Exception
4.例外情况
The AES algorithm requires that the IV size must be 16 bytes (128 bits). So, if we provide an IV whose size is not equal to 16 bytes, an InvalidAlgorithmParameterException will be thrown.
AES算法要求IV的大小必须是16字节(128位)。因此,如果我们提供的IV的大小不等于16字节,将抛出InvalidAlgorithmParameterException。
To solve this issue, we’ll have to use the IV with a size of 16 bytes. Sample snippet code regarding the use of IV in AES CBC mode can be found in this article.
为了解决这个问题,我们必须使用大小为16字节的IV。关于在AES CBC模式下使用IV的示例代码片段可以在这篇文章中找到。
5. Conclusion
5.总结
In summary, we’ve learned how to generate an Initialization Vector (IV) in Java. Also, we’ve described the exception relevant to the IV generation. The source code used in this tutorial is available over on GitHub.
综上所述,我们已经学会了如何在Java中生成一个初始化向量(IV)。此外,我们还描述了与IV生成有关的异常。本教程中使用的源代码可在GitHub上找到。