公钥加密和消息签名.帮助! [英] Public Key encryption AND Signing of messages. Help!
问题描述
正在编写需要PC相互通信的程序.我已经着手处理公钥加密,并成功地使用公钥和本地存储的私钥对消息进行加密和解密.每台PC都知道其他PC的公用密钥.
但是我不太了解签名的概念(我需要这样做,因此没人可以模拟另一台PC,并且消息可能是已知来自特定PC的消息.)我知道对消息进行了哈希处理(加密之前),然后使用发件人的私钥对哈希进行加密.然后,接收者解密消息,对其进行哈希处理,还使用发送者的公钥对哈希进行加密.然后将此加密的哈希与发送方发送的加密的哈希进行比较.如果两者匹配,则发件人将保证是他所说的身份.
但是-第三方知道发件人的公共密钥,是否不能通过使用发件人的公共密钥对消息签名来模仿他?当接收方也使用发送方的公钥对哈希进行加密时,两者将匹配,并且接收方将被欺骗相信来源已被验证.我是新来的!
Am writing a program which needs PCs to communicate with each other. Have got my head around public key encryption and am succesfully encrypting and decrypting messages using public keys, and locally stored private keys. Each PC knows every other PC''s public keys.
However I can''t quite understand the concept of signing (which I need to do so nobody can impersonate another PC, and a message can be KNOWN to come from a particular PC.) I understand that a hash is taken of the message (before encryption) by the sender and then the hash is encrypted using the sender''s private key. The receiver then decrypts the message, hashes it and also encrypts the hash using the sender''s public key. This encrypted hash is then compared to the encrypted hash sent by the sender. If the two match the sender is guaranteed to be who he says he is.
However - couldn''t a third party, knowing the sender''s public key, impersonate him by signing a message using the sender''s public key? When the receiver encrypts the hash, also using the sender''s public key, the two will match, and the receiver will be deceived into beleiving the source is verified. I am new to this! It''s very confusing.
推荐答案
您的客户端可以使用发件人公钥对消息进行签名/加密,然后将其发送回给发件人,但是您通常不这样做.由于多个客户端可以具有发送者公钥,因此任何客户端都可以模拟其他任何客户端.
通常,每个客户端将具有自己的密钥对,服务器将具有每个客户端公共密钥的副本.我认为其余的事情显然与您有关.
Your client could use the sender public key to sign/encrypt a message to send back to the sender, but you typically don''t do that. Since multiple clients can have the sender public key, any client can impersonate any other client.
Typically, each client will have its own key pair, of which the server will have a copy of each clients public key. I think the rest of obvious what you do with them.
这篇关于公钥加密和消息签名.帮助!的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
