加密和签名在非对称加密有什么区别? [英] What is the difference between encrypting and signing in asymmetric encryption?
问题描述
它是否只是扭转公私钥匙的角色?
例如,我想使用我的私钥来生成消息,所以只有我可能是发件人。我想要使用我的公钥来阅读消息,我不在乎谁读他们。我想要加密某些信息,并将其用作我的软件的产品密钥。我只关心我是唯一可以产生这些的人。我想在我的软件中加入我的公钥来解密/读取密钥的签名。我不在乎谁能读取密钥中的数据,我只关心我是唯一可验证的人,可以生成它们。
在这种情况下签名有用吗?
加密时,您可以使用他们的公钥来写信息,他们使用他们的私人密钥。
签名时,您使用您的私钥来写邮件的签名,他们使用您的公开密钥,以检查它是否真的是您的帐户。
我想使用我的私钥来生成邮件,所以只有我可能是发件人。
我希望我的公钥被用于阅读消息,我不在乎谁读他们
这是签名,用你的私钥完成。
我想要加密某些信息,并将其用作我的sof的产品密钥
我只关心我是唯一可以产生这些的人。
如果你只需要知道自己,你不需要混淆键来做到这一点。您可能只是生成随机数据并将其保留在数据库中。
但是,如果您希望人们知道密钥真的是您的密钥,则需要生成随机数据,保留在其中一个数据库,并用您的密钥签名。
我想将我的公钥包含在我的软件中以解密/读取签名的钥匙
您可能需要从Verisign或Thawte等商业供应商处购买公钥证书,以便人们可能会检查没有人伪造您的软件,并用他们的。
替换您的公钥
What is the difference between encrypting some data vs signing some data (using RSA)?
Does it simply reverse the role of the public-private keys?
For example, I want to use my private key to generate messages so only I can possibly be the sender. I want my public key to be used to read the messages and I do not care who reads them. I want to be able to encrypt certain information and use it as a product-key for my software. I only care that I am the only one who can generate these. I would like to include my public key in my software to decrypt/read the signature of the key. I do not care who can read the data in the key, I only care that I am the only verifiable one who can generate them.
Is signing useful in this scenario?
When encrypting, you use their public key to write message and they use their private key to read it.
When signing, you use your private key to write message's signature, and they use your public key to check if it's really yours.
I want to use my private key to generate messages so only I can possibly be the sender.
I want my public key to be used to read the messages and I do not care who reads them
This is signing, it is done with your private key.
I want to be able to encrypt certain information and use it as a product-key for my software.
I only care that I am the only one who can generate these.
If you only need to know it to yourself, you don't need to mess with keys to do this. You may just generate random data and keep it in a database.
But if you want people to know that the keys are really yours, you need to generate random data, keep in it a database AND sign it with your key.
I would like to include my public key in my software to decrypt/read the signature of the key
You'll probably need to purchase a certificate for your public key from a commercial provider like Verisign or Thawte, so that people may check that no one had forged you software and replaced your public key with their.
这篇关于加密和签名在非对称加密有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
