如何使用PGP加密进行相互之间的数据传输？ [英] How to use PGP Encryption for the data transfer between each other?

问题描述

如何使用PGP加密进行彼此之间的数据传输？



Bank生成一对包含一个安全密钥和一个公钥的密钥。



公钥将分发给所有用户组，以便他们可以在将数据提交给Bank之前对其进行加密。同样，用户也可以与银行共享公钥，以便在发送给用户之前使用此密钥加密数据。



双方交换数据在两个主要过程中，即数据提交和批量查询过程。



如果是数据提交过程，用户每月向银行提交数据
$通过上传到ftp站点，以加密的XML文件的形式b $ b

。



银行通过上传回ftp网站，提供数据提交状态以及在非加密平面文件中带有注释的被拒绝记录列表。状态文件不包含任何机密信息。

如果是数据批量查询过程，用户通过上传到ftp站点，以加密的平面文件批量提交查询。银行处理查询并将加密平面文件中的信用信息报告上传回ftp网站。

如果用户密钥对发生任何变化，用户需要通知银行并更新新的公钥。所有用户的所有公钥都将存储在Bank的Secure Key Repository中。

用户可以从Symantec购买PGP软件。



PGP桌面版允许用户以手动方式加密和解密文件。



PGP命令行软件自动完成整个过程。





客户在上传到FTP站点之前需要使用此加密密钥加密数据提交文件。 div class =h2_lin>解决方案

目前还不十分清楚你的担忧是什么。与PGP安全架构相比，您的描述看起来过于简单（或仅仅是我的印象）：

http://en.wikipedia.org/wiki/Pretty_Good_Privacy [ ^ ]，

http://tools.ietf.org/html/rfc4880 [ ^ ]。



请参阅此CodeProject文章： SharpPrivacy - 用于C＃的OpenPGP [ ^ ]。

-SA

How to use PGP Encryption for the data transfer between each other?

Bank generates a pair of keys containing one secure key and one public key.

Public key will be distributed to all user groups so that they can encrypt the data before it is submitted to Bank. In the same way users also share their public key with Bank so that this key can be used to encrypt the data before sending to the users.

Both the parties exchange data in two major processes, i.e. Data submission and Bulk inquiry processes.

In case of data submission process, users submit the data to Bank on monthly basis

in the form of encrypted XML files by uploading the onto the ftp site.

Bank provides the status of data submission along with list of rejected records with comments in a non-encrypted flat file by uploading back onto the ftp site. Status files do not contain any confidential information.
In case of data bulk inquiry process, user submits enquiries in bulk in an encrypted flat file by uploading onto the ftp site. Bank processes enquiries and uploads credit information reports in encrypted flat file back onto the ftp site.
Users need to inform Bank and update their new public key if any changes happen to user key pair. All public keys of all users will be stored in Secure Key Repository at Bank.
Users can procure PGP software from Symantec.

PGP desktop version allows users to encrypt and decrypt files in manual way.

PGP Command line software automates this entire process.


Customers need to use this encryption key to encrypt data submission files before they upload onto the FTP site.

解决方案

It's not quite clear what your concerns are. It looks like your description is way too simplified (or that is just my impression) compared to PGP security schema:
http://en.wikipedia.org/wiki/Pretty_Good_Privacy[^],
http://tools.ietf.org/html/rfc4880[^].

Please see this CodeProject article: SharpPrivacy - OpenPGP for C#[^].

—SA

这篇关于如何使用PGP加密进行相互之间的数据传输？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！