非对称加密中的加密和签名有什么区别? [英] What is the difference between encrypting and signing in asymmetric encryption?

问题描述

加密某些数据与签署某些数据(使用 RSA)有什么区别?

What is the difference between encrypting some data vs signing some data (using RSA)?

它是否只是简单地颠倒了公私钥的角色?

Does it simply reverse the role of the public-private keys?

例如，我想使用我的私钥来生成消息，所以只有我可能是发件人.我希望我的公钥用于阅读消息，我不在乎谁阅读了它们.我希望能够加密某些信息并将其用作我的软件的产品密钥.我只关心我是唯一可以生成这些的人.我想在我的软件中包含我的公钥来解密/读取密钥的签名.我不在乎谁可以读取密钥中的数据，我只关心我是唯一可以生成它们的可验证的人.

For example, I want to use my private key to generate messages so only I can possibly be the sender. I want my public key to be used to read the messages and I do not care who reads them. I want to be able to encrypt certain information and use it as a product-key for my software. I only care that I am the only one who can generate these. I would like to include my public key in my software to decrypt/read the signature of the key. I do not care who can read the data in the key, I only care that I am the only verifiable one who can generate them.

签名在这种情况下有用吗?

Is signing useful in this scenario?

推荐答案

加密时，您使用他们的公钥来编写消息，而他们使用他们的私钥来阅读它.

When encrypting, you use their public key to write a message and they use their private key to read it.

签名时，您使用您的私钥来编写消息的签名，他们使用您的公钥来检查它是否真的是您的.

When signing, you use your private key to write message's signature, and they use your public key to check if it's really yours.

我想用我的私钥来生成消息，这样只有我才有可能成为发件人.

I want to use my private key to generate messages so only I can possibly be the sender.

我希望使用我的公钥来阅读消息，而我不在乎谁阅读了它们

I want my public key to be used to read the messages and I do not care who reads them

这是签名，它是用你的私钥完成的.

This is signing, it is done with your private key.

我希望能够加密某些信息并将其用作我的软件的产品密钥.

I want to be able to encrypt certain information and use it as a product key for my software.

我只关心我是唯一可以生成这些的人.

I only care that I am the only one who can generate these.

如果你只需要自己知道，你不需要弄乱钥匙来做到这一点.您可以只生成随机数据并将其保存在数据库中.

If you only need to know it to yourself, you don't need to mess with keys to do this. You may just generate random data and keep it in a database.

但如果您想让人们知道密钥确实是您的，您需要生成随机数据，将其保存在数据库中并用您的密钥对其进行签名.

But if you want people to know that the keys are really yours, you need to generate random data, keep in it a database AND sign it with your key.

我想在我的软件中包含我的公钥以解密/读取密钥的签名.

I would like to include my public key in my software to decrypt/read the signature of the key.

您可能需要从 Verisign 或 Thawte 等商业提供商处为您的公钥购买证书，以便人们可以检查是否有人伪造了您的软件并用他们的公钥替换了您的公钥.

You'll probably need to purchase a certificate for your public key from a commercial provider like Verisign or Thawte, so that people may check that no one had forged your software and replaced your public key with theirs.

这篇关于非对称加密中的加密和签名有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！