加密聊天和普通信息 [英] Encrypting chat & normal messages
问题描述
在阅读了有关加密的内容之后,我想将该技术应用于我的应用程序(节点+反应).我有一个Messenger,可让人们与人聊天并创建群组.我认为应该有2种不同的技术来做到这一点
-
使用私钥和公钥对人与人之间的邮件进行加密
-
为聊天组创建一个共享的私钥",只有加入的人才能访问
对于1的工作方式,我有些困惑,因为如果使用公钥对邮件进行加密,则只有收件人才能对其进行解密.但是发件人是怎么做的呢?这意味着除非我有他/她的私钥,否则只有接收者才能看到我发送的消息.在这种情况下,公钥的意义是什么?
2也是用于加密消息的正确技术,因为它是对称的",它允许发件人和收件人都对消息进行解密...或者对于1to1消息和2我应该使用1聊天?
请参阅此文章: Public-密钥密码学.
爱丽丝向鲍勃发送消息.
要对其加密,Alice将获得Bob的公钥.该邮件已使用Bob的公钥加密.
只有鲍勃(Bob)可以解密消息,因为只有鲍勃(Bob)具有私钥.
这被称为非对称加密,因为加密的密钥与解密的密钥不同.
使用对称方法进行群聊的问题在于,您还需要一种让所有人安全地知道密钥的方法.同样,如果有人离开了该群组,他们仍然可以解密聊天.
为此,您可以将非对称加密与对称结合使用.
消息 M 用对称密钥 K 加密.将 M 加密发送给该组的所有收件人,同时将 K 加密并通过 K n 加密.
K n 是不对称的公钥,并且因收件人而异.
例如 K 1 是Bob的公钥. K 2 是Alice的公钥.
K 是一个对称密钥,每条消息都是完全随机的,并且由于它是为每个收件人加密并随消息一起发送的,因此只有当前的组成员才能解密.
摘自评论:
所以K是由许多其他公共密钥生成的密钥,用于 加密消息.为了解密它,我需要一个私钥 链接到K.这使人们可以聊天.对于1to1消息,该消息 应该使用公开密钥(来自接收者)和私有密钥进行加密 密钥(来自发件人).这将允许发件人和收件人 解密消息.这是正确的吗?
否.
K 是CSPRNG生成的密钥.
K 用于对消息 M 进行加密,从而得到 m .即 K ( M )= m ,其中括号中的值显示已加密的内容,外部值显示所使用的密钥.
以下是通过电线发送的: mK 1 ( K ) K 2 ( K )
K 1 用于加密 K ,因此Bob可以使用其私钥
K 2 用于加密 K ,因此爱丽丝可以使用她的私钥
爱丽丝和鲍勃可以看到 K ,并用它解密 m 到 M .
公钥始终用于加密,私钥用于解密.发件人不需要解密邮件,因为他们已经知道邮件的明文.
After reading about encryption, I want to apply the technique to my app (nodes + react). I have a messenger which allows people to chat person to person and create groups. I believe that there should be 2 different techniques to do that
Use private and public keys to encrypt messages person to person
Create a shared "private key" for chat groups, which only joined people have access to
I am a bit confused how 1 works, because if a message is encrypted using the public key, only the recipient can decrypt it. But how does the sender do it? That means only the receiver can see the message I sent, unless I have his/her private key... In this case what's the point of public key?
So is 2 the right technique to use for encrypting messages, since it's "symmetric", which allows both the sender and recipient decrypt the message... Or should I use 1 for 1to1 messages and 2 for chats?
See this article: Public-key cryptography.
Alice sends a message to Bob.
To encrypt it, Alice gets Bob's public key. The message is encrypted with Bob's public key.
Only Bob can decrypt the message because only Bob has the private key.
This is known as asymmetric cryptography because the key to encrypt is different than the key to decrypt.
The problem with using a symmetric approach for group chats is that you would also need a way of letting everyone know the key securely. Also, if anyone ever leaves the group, they will still have the ability to decrypt the chats.
You could use asymmetric encryption for this, in combination with symmetric.
Message M gets encrypted with symmetric key K. M is sent encrypted to all recipients of the group, along with K encrypted by Kn.
Kn is an asymmetric public key and differs by recipient.
e.g. K1 is Bob's public key. K2 is Alice's public key.
K is a symmetric key and completely random per message, and because this is encrypted for each recipient and sent with the message, only current group members can decrypt.
From comment:
so K is a key generated by many other public keys, which is used to encrypt the message. And to decrypt it I need a private key which links to K. This allows people to chat. For 1to1 messages, the message should be encrypted using the public key (from recipient) and private key (from sender). This will allow both the sender and the recipient decrypt the message. Is this correct?
No.
K is a key generated by a CSPRNG.
K is used to encrypt the message M, giving m. i.e. K(M) = m, where the value in brackets shows what was encrypted, the value outside shows which key was used.
The following is sent over the wire: mK1(K)K2(K)
K1 is used to encrypt K, so Bob can decrypt K using his private key k1.
K2 is used to encrypt K, so Alice can decrypt K using her private key k2.
Alice and Bob can then see K and use it to decrypt m back to M.
Public keys are always used to encrypt, private keys to decrypt. The sender does not need to decrypt the message because they will already know the message's plaintext.
这篇关于加密聊天和普通信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
