公钥和私钥可以互换吗? [英] Are public key and private key interchangeable?
问题描述
一方面,我听到人们说这两个密钥是完全可以互换的,第一个密钥将解密第二个密钥所加密的内容.这让我认为这两个键是可以互换的.
On the one hand, I hear people saying that the two keys are totally interchangeable, the first one will decrypt what the second one encrypted. This makes me think that the two keys are interchangeable.
但是,另一方面,RSA生成的密钥似乎具有不同的长度,并且在另一个主题上,使用私钥加密被称为签名",并且被认为不如使用公钥加密安全.(2)
But on the other hand, RSA generated keys appear to have different length, and on another topic encrypting with a private key was called "signing" and was deemed less safe than encrypting with a public key. (2)
最重要的是,当公钥在野外公开分发时,私钥应保持不公开.(3)
On top of that comes the idea that the private key should be kept undisclosed when the public key should be openly distributed in the wild. (3)
我计划从唯一的服务器接收数据,所以我的想法是在该服务器上保留一个公钥以加密数据,并向所有可能的客户分配私钥,但这与(3)背道而驰.相反,如果我分发公钥并用私钥加密我的数据,则根据(2)加密会不太安全.
I planned to receive data from an unique server, so my idea was to keep a public key on that server to encrypt data, and distribute a private key to all the possible customers, but this goes against (3). Conversely, if I distribute public keys and encrypt my data with the private key, the encryption is less safe according to (2).
我应该分配一个公共密钥并用一个私有密钥进行加密以满足(2)或相反吗?
Should I distribute a public key and encrypt with a private one to satisfy (2) or the other way around?
注意:就我而言,性能不是问题.
NB: in my case, performance is not an issue.
推荐答案
您的公钥用于加密消息,而您的私钥则用于解密消息.因此,使用您分发的公钥,任何人都可以安全地加密消息,而只有您(或拥有您的私钥的人)才能解密该消息.要直接回答您的问题,否,它们是不可互换的.您永远不要分发您的私钥.
Your public key is used to encrypt a message, your private one to decrypt it. Thus with the public key, which you distribute, anyone can encrypt a message safe in the knowledge that only you (or someone with your private key) can decrypt it. To answer your question directly, no they are not interchangeable. You should never distribute your private key.
如果您想与多个可能的客户共享密钥,那么实际上有两种选择.您要么放弃不对称加密,然后找到一种安全的方法来将对称密钥分发给它们中的每一个,以便与诸如AES而不是RSA之类的对称密钥一起使用,或者您要求它们中的每一个生成密钥对并为您提供其公共密钥.然后,您可以解密来自服务器的内容,并为每个客户重新加密.客户的数量将有助于决定您在这两者之间的选择.
If you want to share a key with multiple possible customers, then there are really two options. Either you abandon asymmetric cryptography and find a secure way to distribute a symmetric key, for use with something like AES instead of RSA, to each of them, or you ask each of them to generate a key pair and provide you with their public key. Then you can decrypt what comes from the server, and re-encrypt for each customer. The number of customers will help dictate your choice between the two.
这篇关于公钥和私钥可以互换吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
