哈希与签名二进制文件 [英] Hashing vs. Signing Binaries

问题描述

如果您想确保文件有效(未被篡改并来自正确/预期的来源)，您可以做两件事:散列和签名.

If you want to ensure that a file is valid (untampered and came from the correct/expected source), there are two things you can do: hashing, and signing.

就我的问题而言，散列意味着提供要下载的文件(连同文件)的散列.客户端下载hash和文件，重新计算hash，验证是否与下载的hash匹配；这证明"文件未被篡改.

For the purposes of my question, hashing means providing a hash of the file (along with the file) to download. The client downloads the hash and the file, re-computes the hash, and verifies that it matches the downloaded hash; this "proves" that the file was untampered with.

签名是指使用公私加密方案，您使用公钥对二进制文件进行签名，然后客户端使用私钥来验证您是否确实对密钥进行了签名.

Signing means using a public-private encryption scheme, where you sign the binary with a public key, and the client uses the private key to verify that you really did sign the key.

根据这些定义，我真的不明白签名与散列的主要好处是什么.他们都应该证明文件没有被篡改.

Based on these definitions, I don't really see what is the main benefit of signing something vs. hashing something. Both of them are supposed to prove that the file was not tampered with.

我唯一能看到的是，通过散列，被入侵的服务器可能意味着有人也会破坏散列并用匹配的密钥替换恶意二进制文件；但在公私方案中，只要私钥保持私密，就无法伪造恶意文件.

The only thing I can see is that with hashing, a compromised server could mean someone also compromising the hash and replacing a malicious binary with a matching key; but with a public-private scheme, as long as the private key remains private, there is no way to forge a malicious file.

还是我遗漏了什么?

推荐答案

区别正如您所说:黑客可以更新哈希以匹配被篡改的文件，但无法生成有效签名.

The difference is as you said: a hacker can update a hash to match the tampered-with file, but cannot generate a valid signature.

使用私钥进行签名，使用公钥进行验证.你上面说的正好相反.出于实际原因，它通常也对文件的哈希值进行处理，而不是对文件本身进行处理.

Signing is done with the private key, verification with the public key. You said the opposite above. It's also typically done on the hash of the file and not the file itself for practical reasons.

这篇关于哈希与签名二进制文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！