[Re:]A Stick Figure Guide to the Advanced Encryption Standard (AES)

(A play in 4 acts. Please feel free to exit along with the stage character that best represents you. Take intermissions as you see fit. Click on the stage if you have a hard time seeing it. If you get bored, you can jump to the code. Most importantly, enjoy the show!)

Act 1: Once Upon a Time…

intro
sad
aes act 1 scene 03 cinderella
aes act 1 scene 04 started
aes act 1 scene 05 judge
aes act 1 scene 06 nbs decree
aes act 1 scene 07 lucifer
aes act 1 scene 08 anoint des
aes act 1 scene 09 des ruled
aes act 1 scene 10 des defeated
aes act 1 scene 11 triple des
aes act 1 scene 12 nist decree
aes act 1 scene 13 rallied
aes act 1 scene 14 rijndael
aes act 1 scene 15 vote
aes act 1 scene 16 won
aes act 1 scene 17 intel
aes act 1 scene 18 crypto question

Act 2: Crypto Basics

aes act 2 scene 01 three big ideas
aes act 2 scene 02 confusion
aes act 2 scene 03 diffusion
aes act 2 scene 04 key secrecy
aes act 2 scene 05 aes details question

Act 3: Details

aes act 3 scene 01 sign this
aes act 3 scene 02 agreement
aes act 3 scene 03 state matrix
aes act 3 scene 04 initial round
aes act 3 scene 05 xor tribute
aes act 3 scene 06 key expansion part 1
aes act 3 scene 07 key expansion part 2a
aes act 3 scene 08 key expansion part 2b
aes act 3 scene 09 key expansion part 3
aes act 3 scene 10 intermediate round start
aes act 3 scene 11 substitute bytes
aes act 3 scene 12 shift rows
aes act 3 scene 13 mix columns
aes act 3 scene 14 add round key
aes act 3 scene 15 final round
aes act 3 scene 16 more rounds the merrier
aes act 3 scene 17 tradeoffs
aes act 3 scene 18 security margin
aes act 3 scene 19 in pictures
aes act 3 scene 20 decrypting
aes act 3 scene 21 modes
aes act 3 scene 22 questions what really happens
aes act 3 scene 23 math

Act 4: Math!

aes act 4 scene 01 algebra class
aes act 4 scene 02 reviewing the basics
aes act 4 scene 03 algebra coefficients
aes act 4 scene 04 remember multiplication growth
aes act 4 scene 05 cant go bigger
aes act 4 scene 06 clock math
aes act 4 scene 07 clock math polynomials
aes act 4 scene 08 divide by mx
aes act 4 scene 09 logarithms
aes act 4 scene 10 using logarithms
aes act 4 scene 11 polynomial as byte
aes act 4 scene 12 byte operations
aes act 4 scene 13 byte inverses
aes act 4 scene 14 sbox math
aes act 4 scene 15 round constants
aes act 4 scene 16 mix columns math
aes act 4 scene 17 crib sheet
aes act 4 scene 18 got it now
aes act 4 scene 19 so much more
aes act 4 scene 20 gotta go
aes act 4 scene 21 the end

Epilogue

I created a heavily-commented AES/Rijndael implementation to go along with this post and put it on GitHub. In keeping with the Foot-Shooting Prevention Agreement, it shouldn’t be used for production code, but it should be helpful in seeing exactly where all the numbers came from in this play. Several resources were useful in creating this:

Please leave a comment if you notice something that can be better explained.

Update #1: Several scenes were updated to fix some errors mentioned in the comments.
Update #2: By request, I’ve created a slide show presentation of this play in both PowerPoint and PDFformats. I’ve licensed them under the Creative Commons Attribution License so that you can use them as you see fit. If you’re teaching a class, consider giving extra credit to any student giving a worthy interpretive dance rendition in accordance with the Foot-Shooting Prevention Agreement.

[转]mysql加密解密函数

在MySQL中,加密和压缩函数返回二进制串。对其中的许多函数而言,结果可能包含任意的字节值,如果想存储这些结果,你应该使用一个具有varbinary或者blob二进制串数据类型的列,这可避免潜在的删除尾部空白问题或者字符集转换问题。这些问题可能导致数据值的改变。一般而言,上述问题可能在你使用非二进制串数据类型(如char,varchar,text等数据类型)的情况下发生。

  • AES_ENCRYPT()和AES_DECRYPT()

AES_ENCRYPT()和AES_DECRYPT()可以加密/解密使用官方AES算法的数据。该算法使用128位密钥来编码,但用户可以将其扩展到256位。MySQL选用128位密钥,因为这样算法实现更快,而且对大多数用户而言它也足够安全了。

AES_ENCRYPT(str,key_str)函数加密一个字符串并返回一个二进制串。AES_DECRYPT(crypt_str, key_str)函数可以解密使用官方AES(Advanced Encryption Standard)算法加密的数据并返回原有字符串,输入变量可以是任意长度。如果输入变量为NULL,那么该函数返回结果也为NULL。

因为AES是一个块级算法,需要使用补白来编码非偶数长度的字符串。

  • ENCODE()和DECODE()

ENCODE(str, pass_str):该函数使用pass_str作为密码来加密字符串str,其加密的结果可以通过DECODE()函数来解密。该函数返回的结果是一个同str等长。DECODE(crypt_str, pass_str):该函数使用pass_str作为密码来解密使用ENCODE()加密后的字符串crypt_str。

  • DES_ENCRYPT()和DES_ENCRYPT()

DES_ENCRYPT(str[, {key_num|key_str}]):该函数使用三重DES算法连同给定的密钥来加密加密字符串。
DES_DECRYPT(crypt_str[, key_str]):该函数解密一个通过DES_ENCRYPT()加密的字符串,如果出现错误,该函数返回NULL。

  • COMPRESS()和UNCOMPRESS()

COMPRESS(string_to_compress):该函数压缩一个字符串并且返回一个二进制串。该函数需要MySQL已连同一个压缩库一块编译,比如zlib,否则该函数的返回值总为NULL。压缩后的字符串可以通过UNCOMPRESS()函数来解压缩。UNCOMPRESS(string_to_uncompress):该函数解压缩一个通过COMPRESS()函数压缩的字符串。如果变量不是一个压缩值,则结果返回为NULL。

  • PASSWORD()

PASSWORD(str):该函数用来加密存储在user表中password列的MySQL密码。PASSWORD()函数由MySQL服务器中的认证系统使用,用户不应该在自己的应用中使用该函数。如果需要使用加密函数,可以考虑使用MD5()或者SHA1()来代替。

其加密结果示例如下:

在MySQL的系统数据库mysql的user表中,有一个名为Password的列,其中保存由password函数加密后的user的密码数据。如下所示:

  • ENCRYPT()

ENCRYPT(str[, salt]):该函数通过使用Unix crypt()系统调用来加密str,并返回一个二进制串。其中,salt变量应该是一个包含多于两个字符的字符串。如果salt没有给定,则使用一个随机值。如果crypt()系统调用在用户的操作系统上不可用(Windows操作系统便如此),该函数返回为NULL。

  • MD5()

MD5(str):该函数计算一个字符串的128位MD5校验和,返回的结果是由32个十六进制数字组成的二进制串。如果变量为NULL,则返回为NULL。

其加密结果示例如下:

  • SHA1()/SHA():

SHA1(str)/SHA(str)函数计算字符串str的160位SHA-1校验和。返回值是一个由40个十六进制数字组成的二进制串。如果变量为NULL,则返回NULL。

 

参考:https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html