（TCP / IP，C＃）SSL（一次性密钥）类型的安全性？ [英] (TCP/IP, C#) SSL(One-time-key) type of security?

问题描述

Hello Codeproject，



我想在服务器和客户端之间建立安全连接。客户端将发送有价值的信息，因为它有价值，我希望确保彼此传输的信息。



一种安全，我的意思是SSL 。基本上我想在两者之间创建一个临时加密密钥，但我不知道如何在没有被第三方程序窃取的情况下为客户端或服务器提供密钥。



我对SSL的工作原理感到困惑，或者是否有解决方案，我们也欢迎任何接近此问题的想法！



问候，

- Dimitri

Hello Codeproject,

I'm looking to create a secure connection between a server and a client. The client will be sending valuable information, and because it's valuable I wish to secure the information transferred from one another.

A type of security that does what I mean is SSL. Basically I'd like to create a temporary encryption-key between the two, but I have no idea how to give either the client or the server a key without it being stolen by a third party program.

Am I confused about how SSL works, or is there a solution for this, and any ideas to approach this are welcome too!

Regards,
- Dimitri

推荐答案

听起来像SSL就是你想要的。它为你做两件事，对来回发送的数据进行加密，因此它不能（据称）对任何窃听者都有用，但它也确认服务器是真正的服务器，而不是一些冒名顶替者。



SSL使用非对称加密交换对称密钥 - 即加密密钥本身在会话开始时加密。



您需要从某个地方购买证书（相当便宜，我即将更新我的域上的一个用于Princely

Sounds like SSL is what you want. It does two things for you, encrypts the data sent back and forth so it can't (allegedly) be any use to anyone eavesdropping but it also confirms the server is the real server and not some imposter.

SSL exchanges a symmetric key using asymmetric encryption - that is the encryption key is itself encrypted at the start of session.

You need to purchase a certificate from somewhere (pretty cheap, I'm about to renew the one on my domain for a Princely

4）并将其安装在服务器上。您如何使用它取决于客户端/服务器设置。你在使用IIS吗？

4) and install it on the server. How you use it then depends on what the client/server setup is. Are you using IIS?

这篇关于（TCP / IP，C＃）SSL（一次性密钥）类型的安全性？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！