如何为多个收件人加密一封邮件? [英] How to encrypt one message for multiple recipients?
问题描述
使用两个键(可以是基于密码的键)完成数据加密的基本原理是什么,但只需要两个键中的一个(任一个)来解密数据?
What are the fundamentals to accomplish data encryption with exactly two keys (which could be password-based), but needing only one (either one) of the two keys to decrypt the data?
例如,用用户的密码和他公司的密码加密数据,然后他或他的公司可以解密数据。他们都不知道其他密码。只存储一个加密数据副本。
For example, data is encrypted with a user's password and his company's password, and then he or his company can decrypt the data. Neither of them know the other password. Only one copy of the encrypted data is stored.
我不是指公钥/私钥。可能通过对称密钥加密,也许它涉及到像将XOR的密钥一起使用来使用它们进行加密的东西。
I don't mean public/private key. Probably via symmetric key cryptography and maybe it involves something like XORing the keys together to use them for encrypting.
更新:我也想找到一个不涉及存储密钥的解决方案。
Update: I would also like to find a solution that does not involve storing the keys at all.
推荐答案
这种方式通常是生成一个单一的对称密钥来加密数据。然后,使用每个收件人的密钥或密码加密对称密钥,以便他们可以自己解密。 S / MIME(实际上是S / MIME基于的加密消息语法)使用这种技术。
The way this is customarily done is to generate a single symmetric key to encrypt the data. Then you encrypt the symmetric key with each recipient's key or password to that they can decrypt it on their own. S/MIME (actually the Cryptographic Message Syntax on which S/MIME is based) uses this technique.
这样,你只需要存储一个加密消息的副本,但其密钥的多个副本。
This way, you only have to store one copy of the encrypted message, but multiple copies of its key.
这篇关于如何为多个收件人加密一封邮件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
