安全登录:PHP和Javascript中的公钥加密 [英] Secure login: public key encryption in PHP and Javascript
问题描述
我正在尝试使用常规用户名/密码登录表单,而不需要HTTPS。我的想法是这样的:
I'm trying to make a "normal" username/password login form secure, without needing HTTPS. My idea is this:
- 服务器为某种不对称加密算法生成一个密钥对。它将这个密钥对存储在临时的表格中(或者可能是本地会话数据)。
- 服务器将表单发送给客户端,并包含公钥。
- 用户填写表单。
- 在发送到服务器之前,Javascript使用给定的公钥加密密码。
- 表单发送。
- 服务器使用私钥解密密码(从临时表中获取密码,使用公钥查找密码)。
- Server generates a keypair for some kind of assymetric encryption algorithm. It stores this keypair in a temporary table of sorts (or perhaps the local session data).
- Server sends the form to the client and includes the public key.
- User fills in the form.
- Before it's sent to the server, Javascript encrypts the password using the given public key.
- Form is sent.
- Server decrypts the password with it's private key (which it gets from the temporary table, using the public key to find it).
我需要知道的是:
- 哪种加密方法是最好的使用? RSA?
- 如何在PHP中解密密码?
- 可能是最困难的一个,我如何使Javascript加密密码? / li>
- Which encryption method is the best to use? RSA?
- How can I decrypt the password in PHP?
- And probably the most difficult one, how can I make Javascript encrypt the password?
推荐答案
提前:我很抱歉为否定,但是;
In advance: I'm sorry for being negative, however;
实施自己的安全协议是一个好主意,除非你是一个训练有素的安全专家,否则你实际上并不关心安全性,只想创造安全感(营销)的印象,并停止脚本小子。
Implementing your own security protocol is never a good idea, unless you're a highly trained security expert, or you actually don't really care about the security and only want to create an impression of security (marketing) and stop the script kiddies.
SSL绝对不是指纹锁,就像您的评论中所说,JCryption和您的建议是等于有一个门,你可以输入一个两位数的代码打开门,你有无限的许多重试。如果你不太感兴趣,只是经过,很难打破,但是如果你想进入那个房子(你可能做的话,不需要安全),你会进入。
SSL is definitely not a fingerprint lock, as so say in your comments, JCryption and your proposal are equal to having a door where you can enter a two-digit code to open the door and you have infinite many retries. It's hard to break if you're not really interested and just passing by, but if you want to get in that house (and you probably do, else security wouldn't be needed), you will get in.
另一点是,人们经常忘记提到他们想要实现什么。安全性有着名的三个组成部分,称为CIA,即保密性,完整性和可用性。您所传送的数据是否保密,或重要的是您的重要性(即您确定发送的数据来自您期望的数据,而不是中间的人)?
Another point is that people often forget to mention what they want to achieve. Security has the famous three components called CIA, namely confidentiality, integrity and availability. Is it for you important that the data you transport is confidential, or is integrity important (i.e. you're sure that the sent data comes from the one you expect and not the man in the middle)?
为了在这种情况下具体实现,你在这里实现的唯一的一件事就是被动的攻击者看不到通过的行为。一旦你的攻击者变得活跃并改变路由上的消息,你的整个安全性就会分崩离析。所以我的建议是坚持专家所提出的解决方案(在这种情况下,TLS,而不是ssl,因为这是旧版本),只需确保您的服务器支持它。
To make it concrete in this case, the only thing that you achieve here is that a passive attacker cannot see whats passing by on the line. As soon as your attacker gets active and changes the messages on their route, your whole security falls apart. So my advice would be to just stick with the solution the experts have come up with (TLS in this case, not ssl since that is the old version of it) and just make sure your server supports it.
编辑:
如果没有证书,Btw,SSL / TLS将无法正常工作。公共密钥加密的全部要点是至少应该有一些可信方。
Btw, SSL/TLS cannot work without certificates. The whole point in public key crypto is that there should be at least somewhere some trusted party.
另一方面,如果您不在乎您的用户将收到无效的证书消息,您可以创建自己的证书,这很简单。在这种情况下,您的证书不受浏览器的信任,但是您可以确保至少您的通信是安全的(可以,在这种情况下有例外,但仍然有...)
On the other hand, if you don't care that your users will get an "invalid certificate" message, you can just create your own certificate which is really easy. In that case your certificate isn't trusted by the browsers, however, you can be sure that at least your communication is safe (okay, there are exceptions in this case, but still ...)
证书应该是免费的参数是从透视的角度来看的。我认为声称是伪造/愚蠢的人不知道成为认证机构需要什么。这些公司为了保持通信安全而投资数百万美元,并确保他们通过出售证书赚取了不错的钱,但是他们的工作,他们也应该像其他任何一样赚钱。
The argument that certificates should be for free is really from a perspective point of view. I think people who claim it is bogus/idiotic don't know what it takes to be a certification authority. These companies invest millions in order to keep the communication secure, and sure they make nice money out of selling certificates, but hey its their job and they also deserve to make money, just like any others.
edit2:评论后
我确实说你有一个安全的沟通。但是,你错过了自己签名的证书,你不知道谁安全地谈话。想象一下,一个黑暗的房间完全与窃听对话隔绝。现在想象这样一个房间有无光的区别。如果房间很亮,你可以看到你正在安全地说话,只要选择与你喜欢的人交谈。现在想象在一个完全黑暗的房间里做同样的事情。你只能希望你在这个黑暗的房间里说话的人只是一个盟友,而不是你的对手。但是,你不可能知道,只是希望,没关系。虽然你的谈话本身是安全的,没有人可以听,你仍然没有充分的安全。
I indeed say that you have a secure communication. However, you miss the point that with self signed certificates you dont know to whom you talk securely. Imagine a dark room which is completely isolated from eavesdropping a conversation. Now imagine the difference between such a room with and without light. If the room has light, you can actually see to whom you're talking securely and only choose to talk to people you like to trust. Now imagine doing the same in a completely dark room. You can only hope that the guy you talk to inside this dark room is just an ally and not your adversary. However, you cannot know that, just hope that it's ok. And although your conversation itself is secure, nobody can listen in, you still dont have "full" security.
如果我是一个骗子,中间攻击,我可以创建一个自己签名的证书,没有用户注意到。因此,使用带有自签名证书的TLS的优点是您至少具有协议属性的实现(甚至实现这一点并不容易)。此外,您可以通过建议您的用户手动信任证书一次来避免丑陋的警告。但是,只有您拥有相对较小的返回访问者群体,这是唯一可能的,因为公共网站这不是真正的解决方案。
If I, being a crook, do a man-in-the-middle attack, I can create a self signed certificate without the user noticing. So the advantage of using TLS with self signed certificates is that you have at least the implementation of the protocol corrent (and even implementing this is far from easy). Moreover you can avoid the ugly warnings by advising your users to manually trust the certificate once. However, this is only possible if you have a relatively small group of returning visitors, for a public website this is not really a solution.
这篇关于安全登录:PHP和Javascript中的公钥加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
