问题描述
我看了有关加密在.NET
I read this tutorial about encryption in .NET
,它使用Rfc2898DeriveBytes来创建由对称算法中使用的随机密钥。但它不保存的关键。后来在解密方法它提供了相同的密码和盐解密文本。
it uses Rfc2898DeriveBytes to create a random key to be used by symmetric algorithm . but it doesn't save the key . and later in decryption method it supplies the same password and salt and decrypts the text .
是否意味着提供相同的盐和密码Rfc2898DeriveBytes可以得出相同的密钥?无需保存密钥,只保存盐和密码?
does it mean supplying the same salt and password to Rfc2898DeriveBytes could derived the same key ? no need to save the key and just save salt and password ?
推荐答案
是的,这是正确的。相同的输入Rfc2898DeriveBytes提供相同的输出。否则,解密是不可能的。
Yes, that is correct. Identical inputs to Rfc2898DeriveBytes provide identical outputs. Otherwise, decryption would not be possible.
您参考本文使用术语随机松散。 Rfc2898DeriveBytes的输出不是随机的:但它具有高熵。
The article you reference uses the term "random" loosely. The output of Rfc2898DeriveBytes is not random: but it has high entropy.
这篇关于是相同的密钥导出提供相同的盐和密码使用Rfc2898DeriveBytes的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!