对称密钥和初始化向量必须始终为 128、192 或 256 位吗？

Question

以下字符串包含 20 个字节（160 位）。我是否必须将我的密钥和初始化向量设为 128,192 或 256，或者我可以做些什么来使其成为 256 并保持相同的密钥：

    byte[] bbb = Encoding.ASCII.GetBytes("abcdefghijklmnopqrst");


  // Define other methods and classes here
  static string EncryptStringToBytes(string plainText, string Key, string IV)
    {
        // Check arguments. 
        if (plainText == null || plainText.Length <= 0)
            throw new ArgumentNullException("plainText");
        if (Key == null || Key.Length <= 0)
            throw new ArgumentNullException("Key");
        if (IV == null || IV.Length <= 0)
            throw new ArgumentNullException("Key");
        string encrypted;
        // Create an RijndaelManaged object 
        // with the specified key and IV. 
        using (RijndaelManaged rijAlg = new RijndaelManaged())
        {
            rijAlg.Mode = CipherMode.CBC;
            rijAlg.BlockSize = 256;
            rijAlg.KeySize = 256;
            rijAlg.Key = Encoding.ASCII.GetBytes(Key);
            rijAlg.IV = Encoding.ASCII.GetBytes(IV);

            // Create a decrytor to perform the stream transform.
            ICryptoTransform encryptor = rijAlg.CreateEncryptor(rijAlg.Key, rijAlg.IV);

            // Create the streams used for encryption. 
            using (MemoryStream msEncrypt = new MemoryStream())
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {

                        //Write all data to the stream.
                        swEncrypt.Write(plainText);
                    }
                    encrypted = Convert.ToBase64String(msEncrypt.ToArray());
                }
            }
        }


        // Return the encrypted bytes from the memory stream. 
        return encrypted;

    }

    static string DecryptStringFromBytes(string cipherText,string Key, string IV)
    {
        // Check arguments. 
        if (cipherText == null || cipherText.Length <= 0)
            throw new ArgumentNullException("cipherText");
        if (Key == null || Key.Length <= 0)
            throw new ArgumentNullException("Key");
        if (IV == null || IV.Length <= 0)
            throw new ArgumentNullException("Key");

        // Declare the string used to hold 
        // the decrypted text.
        string plaintext = null;

        // Create an RijndaelManaged object 
        // with the specified key and IV. 
        using (RijndaelManaged rijAlg = new RijndaelManaged())
        {
            rijAlg.Mode = CipherMode.CBC;
            rijAlg.BlockSize = 256;
            rijAlg.KeySize = 256;
            rijAlg.Key = Encoding.ASCII.GetBytes(Key);
            rijAlg.IV = Encoding.ASCII.GetBytes(IV);

            // Create a decrytor to perform the stream transform.
            ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);

            // Create the streams used for decryption. 
            using (MemoryStream msDecrypt = new MemoryStream(Convert.FromBase64String(cipherText)))
            {
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                    {

                        // Read the decrypted bytes from the decrypting stream 
                        // and place them in a string.
                        plaintext = srDecrypt.ReadToEnd();

                    }
                }
            }

        }

        return plaintext;

    }

Answer 1

这取决于您使用的System.Security.Cryptography.SymmetricAlgorithm 的实现。合法的密钥和块大小取决于算法。您可以检查LegalKeySizes 和LegalBlockSizes 属性来检查您的特定算法支持哪些大小。您还可以使用ValidKeySize() 方法检查特定密钥大小是否对您的算法有效。

IIRC，IV 的大小需要与使用的块大小相同。

此外，通常情况下，您会生成特定算法的一个实例，并让它创建一个随机密钥和 IV，然后您可以将其保存以供以后使用。