1. 实际使用的对称加密方式(symmetric encryption)，比如DES ,AES, PRESENT等，在理论上都可以用暴力破解密钥(brute-force key search)的方式来攻击。2. AES-128指的就是说，单个AES模块直接接受的密钥位数为128位。类似的 AES-192指的是指，这种情况下，单个AES模块输入的key的长度为192位。而单个AES模块的输入明文和输出的密文长度是固定的，都是128位。（请参考维基百科）http://en.wikipedia.org/wiki/Advanced_Encryption_Standard唯有使用CBC, OFB等方式，把多个AES模块互联，同时使用padding时，才可以用AES加密任意长度的信息。＝＝＝＝以上是关于AES的理论，下面是直接切题的部分＝＝＝＝＝3. 在具体的实现中，应该对pass phrase也有一定的限制，或者库内部有封装一些处理，看具体的是什么库了。pass phrase严格来说不算是密钥（key），而是类似pass word之类的口令。在AES－128上，真正起作用是结合pass phrase最后转换出来的128位key，所以要是能直接得到这个key的话，的确就相当于攻破了。但这个key怎么能拿到手可能是一个比较头疼的问题。4. 关于安全性。一旦确定所使用的AES“种类”（比如AES－128， AES－192， AES－256等），以及AES模块之间的连接模式（比如CBC，OFB等），这个组合的理论安全性就是一个确定的值，即使你给的是空字符串作为pass phrase。因此，同样的道理，对于AES－128， 超过128位pass phrase不会在理论上增加安全性。但实际过程中，由于开源，外加常见或特殊的pass phrase和对应的明文－密文等可能已经被黑客做成了数据库，用这种偷懒的pass phrase就和用12345当密码一样不安全，但这个并不是由于AES本身导致的。至于超长的pass phrase到底是如何起作用的，得读库的源代码了。
■网友
加密位数和密钥一般是一一对应的，AES-128要求密钥应该是128位的，有些库可能会在用户密钥基础上进行一定策略的填充。
感兴趣可以查看AES-128的一个算法实现
/* * Advanced Encryption Standard * @author Dani Huertas * @email huertas.dani@gmail.com * * Based on the document FIPS PUB 197 */#include \u0026lt;stdio.h\u0026gt;#include \u0026lt;stdlib.h\u0026gt;#include \u0026lt;stdint.h\u0026gt;/* * Addition in GF(2^8) * http://en.wikipedia.org/wiki/Finite_field_arithmetic */uint8_t gadd(uint8_t a, uint8_t b) {\treturn a^b;}/* * Subtraction in GF(2^8) * http://en.wikipedia.org/wiki/Finite_field_arithmetic */uint8_t gsub(uint8_t a, uint8_t b) {\treturn a^b;}/* * Multiplication in GF(2^8) * http://en.wikipedia.org/wiki/Finite_field_arithmetic * Irreducible polynomial m(x) = x8 + x4 + x3 + x + 1 */uint8_t gmult(uint8_t a, uint8_t b) {\tuint8_t p = 0, i = 0, hbs = 0;\tfor (i = 0; i \u0026lt; 8; i++) {\t\tif (b \u0026amp; 1) {\t\t\tp ^= a;\t\t}\t\thbs = a \u0026amp; 0x80;\t\ta \u0026lt;\u0026lt;= 1;\t\tif (hbs) a ^= 0x1b; // 0000 0001 0001 1011\t\t\tb \u0026gt;\u0026gt;= 1;\t}\treturn (uint8_t)p;}/* * Addition of 4 byte words * m(x) = x4+1 */void coef_add(uint8_t a, uint8_t b, uint8_t d) {\td = a^b;\td = a^b;\td = a^b;\td = a^b;}/* * Multiplication of 4 byte words * m(x) = x4+1 */void coef_mult(uint8_t *a, uint8_t *b, uint8_t *d) {\td = gmult(a,b)^gmult(a,b)^gmult(a,b)^gmult(a,b);\td = gmult(a,b)^gmult(a,b)^gmult(a,b)^gmult(a,b);\td = gmult(a,b)^gmult(a,b)^gmult(a,b)^gmult(a,b);\td = gmult(a,b)^gmult(a,b)^gmult(a,b)^gmult(a,b);}/* * The cipher Key.\t */int K;/* * Number of columns (32-bit words) comprising the State. For this * standard, Nb = 4. */int Nb = 4;/* * Number of 32-bit words comprising the Cipher Key. For this * standard, Nk = 4, 6, or 8. */int Nk;/* * Number of rounds, which is a function of Nk and Nb (which is * fixed). For this standard, Nr = 10, 12, or 14. */int Nr;/* * S-box transformation table */static uint8_t s_box = {\t// 0 1 2 3 4 5 6 7 8 9 a b c d e f\t0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, // 0\t0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, // 1\t0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, // 2\t0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, // 3\t0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, // 4\t0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, // 5\t0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, // 6\t0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, // 7\t0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, // 8\t0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, // 9\t0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, // a\t0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, // b\t0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, // c\t0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, // d\t0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, // e\t0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16};// f/* * Inverse S-box transformation table */static uint8_t inv_s_box = {\t// 0 1 2 3 4 5 6 7 8 9 a b c d e f\t0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, // 0\t0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, // 1\t0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, // 2\t0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, // 3\t0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, // 4\t0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, // 5\t0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, // 6\t0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, // 7\t0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, // 8\t0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, // 9\t0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, // a\t0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, // b\t0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, // c\t0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, // d\t0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, // e\t0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d};// f/* * Generates the round constant Rcon */uint8_t R = {0x02, 0x00, 0x00, 0x00}; uint8_t * Rcon(uint8_t i) {\t\tif (i == 1) {\t\tR = 0x01; // x^(1-1) = x^0 = 1\t} else if (i \u0026gt; 1) {\t\tR = 0x02;\t\ti--;\t\twhile (i-1 \u0026gt; 0) {\t\t\tR = gmult(R, 0x02);\t\t\ti--;\t\t}\t}\t\treturn R;}/* * Transformation in the Cipher and Inverse Cipher in which a Round * Key is added to the State using an XOR operation. The length of a * Round Key equals the size of the State (i.e., for Nb = 4, the Round * Key length equals 128 bits/16 bytes). */void add_round_key(uint8_t *state, uint8_t *w, uint8_t r) {\t\tuint8_t c;\t\tfor (c = 0; c \u0026lt; Nb; c++) {\t\tstate = state^w; //debug, so it works for Nb !=4 \t\tstate = state^w;\t\tstate = state^w;\t\tstate = state^w;\t\t}}/* * Transformation in the Cipher that takes all of the columns of the * State and mixes their data (independently of one another) to * produce new columns. */void mix_columns(uint8_t *state) {\tuint8_t a = {0x02, 0x01, 0x01, 0x03}; // a(x) = {02} + {01}x + {01}x2 + {03}x3\tuint8_t i, j, col, res;\tfor (j = 0; j \u0026lt; Nb; j++) {\t\tfor (i = 0; i \u0026lt; 4; i++) {\t\t\tcol = state;\t\t}\t\tcoef_mult(a, col, res);\t\tfor (i = 0; i \u0026lt; 4; i++) {\t\t\tstate = res;\t\t}\t}}/* * Transformation in the Inverse Cipher that is the inverse of * MixColumns(). */void inv_mix_columns(uint8_t *state) {\tuint8_t a = {0x0e, 0x09, 0x0d, 0x0b}; // a(x) = {0e} + {09}x + {0d}x2 + {0b}x3\tuint8_t i, j, col, res;\tfor (j = 0; j \u0026lt; Nb; j++) {\t\tfor (i = 0; i \u0026lt; 4; i++) {\t\t\tcol = state;\t\t}\t\tcoef_mult(a, col, res);\t\tfor (i = 0; i \u0026lt; 4; i++) {\t\t\tstate = res;\t\t}\t}}/* * Transformation in the Cipher that processes the State by cyclically * shifting the last three rows of the State by different offsets. */void shift_rows(uint8_t *state) {\tuint8_t i, k, s, tmp;\tfor (i = 1; i \u0026lt; 4; i++) {\t\t// shift(1,4)=1; shift(2,4)=2; shift(3,4)=3\t\t// shift(r, 4) = r;\t\ts = 0;\t\twhile (s \u0026lt; i) {\t\t\ttmp = state;\t\t\t\t\t\tfor (k = 1; k \u0026lt; Nb; k++) {\t\t\t\tstate = state;\t\t\t}\t\t\tstate = tmp;\t\t\ts++;\t\t}\t}}/* * Transformation in the Inverse Cipher that is the inverse of * ShiftRows(). */void inv_shift_rows(uint8_t *state) {\tuint8_t i, k, s, tmp;\tfor (i = 1; i \u0026lt; 4; i++) {\t\ts = 0;\t\twhile (s \u0026lt; i) {\t\t\ttmp = state;\t\t\t\t\t\tfor (k = Nb-1; k \u0026gt; 0; k--) {\t\t\t\tstate = state;\t\t\t}\t\t\tstate = tmp;\t\t\ts++;\t\t}\t}}/* * Transformation in the Cipher that processes the State using a non- * linear byte substitution table (S-box) that operates on each of the * State bytes independently. */void sub_bytes(uint8_t *state) {\tuint8_t i, j;\tuint8_t row, col;\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\trow = (state \u0026amp; 0xf0) \u0026gt;\u0026gt; 4;\t\t\tcol = state \u0026amp; 0x0f;\t\t\tstate = s_box;\t\t}\t}}/* * Transformation in the Inverse Cipher that is the inverse of * SubBytes(). */void inv_sub_bytes(uint8_t *state) {\tuint8_t i, j;\tuint8_t row, col;\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\trow = (state \u0026amp; 0xf0) \u0026gt;\u0026gt; 4;\t\t\tcol = state \u0026amp; 0x0f;\t\t\tstate = inv_s_box;\t\t}\t}}/* * Function used in the Key Expansion routine that takes a four-byte * input word and applies an S-box to each of the four bytes to * produce an output word. */void sub_word(uint8_t *w) {\tuint8_t i;\tfor (i = 0; i \u0026lt; 4; i++) {\t\tw = s_box \u0026amp; 0xf0) \u0026gt;\u0026gt; 4) + (w \u0026amp; 0x0f)];\t}}/* * Function used in the Key Expansion routine that takes a four-byte * word and performs a cyclic permutation. */void rot_word(uint8_t *w) {\tuint8_t tmp;\tuint8_t i;\ttmp = w;\tfor (i = 0; i \u0026lt; 3; i++) {\t\tw = w;\t}\tw = tmp;}/* * Key Expansion */void key_expansion(uint8_t *key, uint8_t *w) {\tuint8_t tmp;\tuint8_t i, j;\tuint8_t len = Nb*(Nr+1);\tfor (i = 0; i \u0026lt; Nk; i++) {\t\tw = key;\t\tw = key;\t\tw = key;\t\tw = key;\t}\tfor (i = Nk; i \u0026lt; len; i++) {\t\ttmp = w;\t\ttmp = w;\t\ttmp = w;\t\ttmp = w;\t\tif (i%Nk == 0) {\t\t\trot_word(tmp);\t\t\tsub_word(tmp);\t\t\tcoef_add(tmp, Rcon(i/Nk), tmp);\t\t} else if (Nk \u0026gt; 6 \u0026amp;\u0026amp; i%Nk == 4) {\t\t\tsub_word(tmp);\t\t}\t\tw = w^tmp;\t\tw = w^tmp;\t\tw = w^tmp;\t\tw = w^tmp;\t}}void cipher(uint8_t *in, uint8_t *out, uint8_t *w) {\tuint8_t state;\tuint8_t r, i, j;\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\tstate = in;\t\t}\t}\tadd_round_key(state, w, 0);\tfor (r = 1; r \u0026lt; Nr; r++) {\t\tsub_bytes(state);\t\tshift_rows(state);\t\tmix_columns(state);\t\tadd_round_key(state, w, r);\t}\tsub_bytes(state);\tshift_rows(state);\tadd_round_key(state, w, Nr);\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\tout = state;\t\t}\t}}void inv_cipher(uint8_t *in, uint8_t *out, uint8_t *w) {\tuint8_t state;\tuint8_t r, i, j;\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\tstate = in;\t\t}\t}\tadd_round_key(state, w, Nr);\tfor (r = Nr-1; r \u0026gt;= 1; r--) {\t\tinv_shift_rows(state);\t\tinv_sub_bytes(state);\t\tadd_round_key(state, w, r);\t\tinv_mix_columns(state);\t}\tinv_shift_rows(state);\tinv_sub_bytes(state);\tadd_round_key(state, w, 0);\tfor (i = 0; i \u0026lt; 4; i++) {\t\tfor (j = 0; j \u0026lt; Nb; j++) {\t\t\tout = state;\t\t}\t}}int main(int argc, char *argv) {\tuint8_t i;\t/*\t * Appendix A - Key Expansion Examples\t */\t \t/* 128 bits */\t/* uint8_t key = {\t\t0x2b, 0x7e, 0x15, 0x16,\t\t0x28, 0xae, 0xd2, 0xa6,\t\t0xab, 0xf7, 0x15, 0x88,\t\t0x09, 0xcf, 0x4f, 0x3c}; */\t\t/* 192 bits */\t/* uint8_t key = {\t\t0x8e, 0x73, 0xb0, 0xf7,\t\t0xda, 0x0e, 0x64, 0x52,\t\t0xc8, 0x10, 0xf3, 0x2b,\t\t0x80, 0x90, 0x79, 0xe5,\t\t0x62, 0xf8, 0xea, 0xd2,\t\t0x52, 0x2c, 0x6b, 0x7b}; */\t\t/* 256 bits */\t/* uint8_t key = {\t\t0x60, 0x3d, 0xeb, 0x10,\t\t0x15, 0xca, 0x71, 0xbe,\t\t0x2b, 0x73, 0xae, 0xf0,\t\t0x85, 0x7d, 0x77, 0x81,\t\t0x1f, 0x35, 0x2c, 0x07,\t\t0x3b, 0x61, 0x08, 0xd7,\t\t0x2d, 0x98, 0x10, 0xa3,\t\t0x09, 0x14, 0xdf, 0xf4};\t*/\t\t/* uint8_t in = {\t\t0x32, 0x43, 0xf6, 0xa8,\t\t0x88, 0x5a, 0x30, 0x8d,\t\t0x31, 0x31, 0x98, 0xa2,\t\t0xe0, 0x37, 0x07, 0x34}; // 128\t*/\t/*\t * Appendix C - Example Vectors\t */\t/* 128 bit key */\t/* uint8_t key = {\t\t0x00, 0x01, 0x02, 0x03, \t\t0x04, 0x05, 0x06, 0x07, \t\t0x08, 0x09, 0x0a, 0x0b, \t\t0x0c, 0x0d, 0x0e, 0x0f}; */\t\t/* 192 bit key */\t/* uint8_t key = {\t\t0x00, 0x01, 0x02, 0x03,\t\t0x04, 0x05, 0x06, 0x07,\t\t0x08, 0x09, 0x0a, 0x0b,\t\t0x0c, 0x0d, 0x0e, 0x0f,\t\t0x10, 0x11, 0x12, 0x13,\t\t0x14, 0x15, 0x16, 0x17}; */\t\t/* 256 bit key */\tuint8_t key = {\t\t0x00, 0x01, 0x02, 0x03,\t\t0x04, 0x05, 0x06, 0x07,\t\t0x08, 0x09, 0x0a, 0x0b,\t\t0x0c, 0x0d, 0x0e, 0x0f,\t\t0x10, 0x11, 0x12, 0x13,\t\t0x14, 0x15, 0x16, 0x17,\t\t0x18, 0x19, 0x1a, 0x1b,\t\t0x1c, 0x1d, 0x1e, 0x1f};\tuint8_t in = {\t\t0x00, 0x11, 0x22, 0x33,\t\t0x44, 0x55, 0x66, 0x77,\t\t0x88, 0x99, 0xaa, 0xbb,\t\t0xcc, 0xdd, 0xee, 0xff};\t\tuint8_t out; // 128\t\tuint8_t *w; // expanded key\tswitch (sizeof(key)) {\t\tdefault:\t\tcase 16: Nk = 4; Nr = 10; break;\t\tcase 24: Nk = 6; Nr = 12; break;\t\tcase 32: Nk = 8; Nr = 14; break;\t}\t\tw = malloc(Nb*(Nr+1)*4);\tkey_expansion(key, w);\tcipher(in /* in */, out /* out */, w /* expanded key */);\tprintf("out:\");\t\tfor (i = 0; i \u0026lt; 4; i++) {\t\tprintf("%x %x %x %x ", out, out, out, out);\t}\tprintf("\");\tinv_cipher(out, in, w);\tprintf("msg:\");\tfor (i = 0; i \u0026lt; 4; i++) {\t\tprintf("%x %x %x %x ", in, in, in, in);\t}\tprintf("\");\texit(0);}