使用 SSL 时私钥存储在哪里? [英] Where is private key when using SSL stored?

问题描述

在我将在本地网络上托管的服务之间使用 ssl 证书之前，我想多了解一点.通过在互联网上阅读，这就是我理解 SSL 工作原理的方式.

Before using a ssl sertificate between a service that I will be hosting on my local network I will like to understand a little more about it. From reading on the internet this is how I understand how an SSL works.

1. 客户端连接到 WCF 服务
2. WCF 服务回复其公钥和证书
3. 客户端然后验证证书并使用公钥加密其凭据
4. wcf 服务然后使用它的私钥解密该消息并验证信息
5. 等等...

知道这里有一些我不明白的事情:

Know here are some things I do not understand:

• 在第 4 步.WCF 服务在哪里找到它的私钥?
• 为什么需要 SSL 证书?通过在互联网上阅读，需要验证该服务是否是我想要的.这对我来说没有意义，因为首先我知道本地网络上我的服务的 IP 地址(我知道该服务是谁).假装这不是我在互联网上的情况，有人试图入侵我.在这种情况下，我相信如果我连接到他们的服务而不是我的真实服务，我将无能为力，因为如果您记得在第 2 步中，WCF 服务回复了公钥和证书(纯文本)，这意味着有人可以获取该证书并使用它吗?
• 如果我使用 SSL 证书并且有人可以访问托管该服务的计算机，他是否会以某种方式获取私钥，从而使我的连接不安全?

推荐答案

首先，第三步中缺少一些步骤.第三步实际发生的是:

First off, there are some steps missing in step three. What actually happens in step three is:

• 客户端验证证书
• 客户端和服务器来回发送一些消息，从而协商他们都可以使用哪种密钥加密
• 客户端为该加密算法创建一个秘密密钥，使用服务器的公钥对秘密密钥进行加密，并将加密后的秘密密钥发送给服务器.
• 服务器现在可以使用他们的私钥解密密钥.
• 客户端和服务器现在就密钥算法达成一致，并共享密钥.现在，所有通信都使用共享密钥进行加密和解密.
• 客户端使用密钥加密他们的凭据......

• the client verifies the certificate
• the client and the server send some messages back and forth whereby they negotiate what kind of secret key encryption they both can use
• the client creates a secret key for that encryption algorithm, encrypts the secret key with the server's public key and sends the encrypted secret key to the server.
• the server can now decrypt the secret key using their private key.
• the client and the server now agree on a secret key algorithm and they share the secret key. All communications are now encrypted and decrypted with the shared secret key.
• the client encrypts their credentials with the secret key ...

这样做的原因是双重的.首先，公钥加密的数学比秘密密钥加密的数学要贵得多.这个想法是只做一次昂贵的数学运算，以实现共享秘密的交换.其次，客户端知道服务器的公钥，但客户端可能连公钥都没有，那么服务器如何向它发送秘密消息呢?这就是为什么他们必须就共享密钥达成一致.

The reason for this is twofold. First, the math for public key crypto is much more expensive than the math for secret key crypto. The idea is to do that expensive math only once, to enable exchanging a shared secret. Second, the client knows the server's public key, but the client might not even have a public key, so how can the server send it a secret message? That's why they must agree on a shared secret key.

无论如何继续你的问题:

Anyway moving on to your questions:

服务在哪里保存其私钥?

Where does the service keep its private key?

在 Windows 上，它位于操作系统提供的证书存储中.在其他操作系统上，我不知道.

On Windows it's in the certificate storage provided by the operating system. On other operating systems, I don't know.

为什么需要证书?

假设您想用信用卡购买我的割草机，但您担心我实际上可能是个骗子.你想知道我的真名，这样如果我开始用你的卡扣我去维加斯的费用，你就可以起诉我.

Suppose you want to buy my lawnmower with a credit card, but you are worried that I might actually be a crook. You would like to know my real name so that you can prosecute me if I start charging my trip to Vegas on your card.

因此，当我们进行交易时，我会向您展示一张纸，上面写着Eric Lippert 声称这张纸的所有者是 Eric Lippert，签名，Eric Lippert".你相信我吗?如果您已经信任 Eric Lippert，那么您就不需要这张纸；如果您不信任 Eric Lippert，那么这张纸就无法建立信任.这是一个自签名证书".

So when we do the transaction, I show you a piece of paper that says "Eric Lippert claims that the owner of this piece of paper is Eric Lippert, signed, Eric Lippert". Do you believe me? If you already trust Eric Lippert then you don't need the piece of paper, and if you don't trust Eric Lippert, then the paper doesn't establish trust. This is a "self signed certificate".

现在，如果我向您展示一张纸，上面写着VeriSign 合并了声明，声称这张纸的所有者是 Eric Lippert，签署了 VeriSign"，那么问题是:您是否相信 VeriSign 已经验证了我的身份?如果您这样做了，那么这证明您正在与之交谈的人是他们声称的人.

Now, if I show you a piece of paper that says "VeriSign incorporated claims that the owner of this piece of paper is Eric Lippert, signed VeriSign", then the question is: do you trust VeriSign to have verified my identity? If you do, then this is evidence that the person you're talking to is who they claim to be.

这就是证书的目的.它确定特定公钥确实与特定组织相关联，因为它由称为认证机构的相互信任的第三方签署.

That's the purpose of the cert. It establishes that a particular public key is really associated with a particular organization because it is signed by a mutually trusted third party called the certifying authority.

当您使用信用卡在线购物时，您大概相信该网站只会对该卡进行授权收费.该证书可验证您将用于加密的公钥确实是该网站的公钥，而不是某个邪恶黑客的公钥.

When you buy something with your credit card online, you presumably trust the web site to only make authorized charges to that card. The cert verifies that the public key you are going to use for encryption really is the public key of that web site, not some evil hacker's public key.

但是带有公钥的证书是公开的，所以不能有人抢到证书冒充服务器吗?

But the certificate with the public key is public, so couldn't someone grab the certificate and pretend to be the server?

是的，但这对他们没有帮助，除非他们窃取了私有的私钥.拥有其他人证书的人无法解密使用公钥加密的消息，因此他们将无法与客户端进行密钥交换！即使他们设法欺骗了客户端，他们所得到的只是用客户端选择的密钥编码的比特流，如果没有证书的私有部分，攻击者就无法获得该密钥.

Yes, but that doesn't help them unless they steal the private key, which is private. The person with someone else's cert cannot decrypt messages that were encrypted with the public key, so they're not going to be able to do the secret key exchange with the client! Even if they manage to trick the client, all they're going to get is a stream of bits encoded with a secret key of the client's choice, a secret key which the attacker cannot obtain without the private half of the certificate.

这意味着:如果我允许访问我的私钥，有人可以冒充我，对吗?

That means: if I allow access to my private key, someone can impersonate me, right?

是的.整个系统的安全性取决于私钥是否保持私有.这就是它被称为私钥的原因.如果攻击者可以访问您的私钥，那么他们可以随意冒充您，因此保密，确保安全.如果您的密钥被泄露，则可以通过一种机制撤销证书，但通常已经造成损害.

Yes. The security of the entire system depends on the private key remaining private. That's why its called the private key. If an attacker gains access to your private key then they can impersonate you at will, so keep it secret, keep it safe. If your key is compromised there is a mechanism whereby the certificate can be revoked, but the damage will typically already be done.

这篇关于使用 SSL 时私钥存储在哪里?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！