安全套接字与数据加密 [英] Secure socket vs data encryption

问题描述

我有一个项目，需要对两个同位体之间发送的数据进行加密.我不需要对服务器或客户端进行身份验证，只需要我的数据在网络上不可读即可.

I have a project where data sent between two peers needs to be encrypted. I dont need to authenticate the server or the client , I just need my data to be unreadable on the network.

我有两个选择:

1-安全插座
-打开安全插座
-写入清晰的数据

1- Secure socket
- Open a secure socket
- Write clear data

2-套接字
-打开插座
-加密数据
-写入加密的数据

2- Socket
- Open a socket
- Encrypt data
- Write encrypted data

使用安全套接字而不是在其中写入加密数据的普通"套接字有性能上的好处吗?(假设我在两种情况下都使用相同的密码)

Is there a performance benefit in using a secure socket instead of "normal" socket in which I write encrypted data? (let's say i'm using the same cipher in both case)

推荐答案

不，在使用的算法方面，速度没有差异.通常，您需要传输协议中消息的真实性，完整性和真实性.通常，在初始握手之后，这是通过对称算法以相当有效的方式执行的.

No, there is no difference with regards to speed when it comes to the algorithms used. In general you'd need authenticity, integrity and authenticity of messages in a transport protocol. Generally after the initial handshake this is performed by symmetric algorithms in a rather efficient manner.

创建自己的传输协议充满了危险，以至于新手创建和实现安全协议的机会几乎为零.例如，如果您不了解纯文本或填充oracle攻击，则可能会丢失消息的机密性，基本上使您无法获得任何保护.

Creating your own transport protocol is so fraught with danger that the chance of creating and implementing a secure protocol by a novice is about zero. For instance, if you don't know about plaintext or padding oracle attacks then you may loose confidentiality of the message, basically leaving you with messages without any protection.

因此，请检查最快的TLS 1.2或1.3密码套件并使用它.您可能需要检查Google对TLS进行了哪些介绍；他们确实专注于速度和安全性.

So check the fastest TLS 1.2 or 1.3 ciphersuites and use that. You may want to check what Google has introduced to TLS; they've really focussed on speed and security.

这篇关于安全套接字与数据加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！