使用私钥加密邮件? [英] Encrypt message with private key?
问题描述
在RSA加密和解密中,我们使用公钥将明文加密到密文,然后用私有文本读取。
In RSA encryption and decryption, we use the public key to encrypt the plain text to cipher text and then read it with private text.
但是在签名中据说用私钥签名,然后将公钥(带有签名和数据)发送给接收方进行验证。
But in Signature, it is said to sign it with private key, and then send the public key (with signature and data) to the receiver for verification.
我的问题是如果可能的话我们用私钥加密消息,让用户用公钥解密?如果是这样,它是否像使用公钥加密一样强大(正常的方式)?
My question is if it is possible that we encrypt the message with the private key and let the user decrypt it with public key? If so, is it as strong as encrypting it with the public key (the normal way)?
推荐答案
RSA数字签名原语可以(粗略地)认为是用私钥加密。数学是与加密(x = m y mod n)相同的形式,但是私有指数用于代替公共指数,并且消息被不同地填补。
The RSA digital signature primitive can be (crudely) thought of as "encrypting with the private key." The math is the same form as encryption (x = my mod n), but the private exponent is used in place of the public exponent, and the message is padded differently.
由于数学是相同的,正确计算的数字签名与正确加密的密文一样强。也就是说,如果你打扰一个数字签名,就像攻击者没有私钥一样多的计算来解密一个消息。
Since the math is the same, a properly computed digital signature is just as "strong" as properly encrypted cipher text. That is, it would take an attacker without the private key as much computation to forge a digital signature as it would to decrypt a message.
如果你用私钥,你没有隐私;任何人都可以解密邮件,因为每个人都有相应的公钥。
If you "encrypt" with a private key, you have no privacy; anyone can decrypt the message, because everyone has the corresponding public key.
在实践中,使用私人密钥加密以产生数字签名是一个真的很糟糕的主意。大多数加密库的工作水平远高于RSA加密原语,除了基本的RSA操作之外,还要执行像填充或散列等操作。正确的处理取决于您是否正在执行加密或签名,因此最好通过使用库中相应的高级别功能来指示。
In practice, encrypting with the private key as a kludge to generate a digital signature is a really bad idea. Most cryptographic libraries operate at a much higher level than the RSA encryption primitive, performing operations like padding or hashing in addition to the basic RSA operation. The correct processing depends on whether you are performing encryption or a signature, so it's best to indicate this by using the corresponding high-level function in your library.
这篇关于使用私钥加密邮件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
