使用AES加密文件,使用RSA加密密钥 - 我在正确的轨道上吗? [英] Encrypting Files with AES, Encrypting Key with RSA - Am I on the right track?
问题描述
概述:
我正在尝试设计一个应用程序,将通过 Snail Mail (LARGE数据集)安全地发送文件。我计划使用.Net中的AES / RijndaelManaged加密来最初加密文件,使用随机生成的密钥使用 RNGCryptoServiceProvider 。然后我用RSA公钥加密这个随机的AES密钥。数据的接收者是唯一一个使用RSA私钥进行解密的数据。
Overview:
I'm trying to design an application that will encrypt files to safely send through Snail Mail (LARGE sets of data). I'm planning on using AES/RijndaelManaged encryption from .Net to encrypt the files initially, using a randomly generated key using RNGCryptoServiceProvider. I'm then encrypting this random AES key with a RSA Public key. The receiver of the data is the only one with the RSA Private key to decrypt it.
我的问题:这是否是这样做的正确方法?如果是这样,是否可以安全地发送这个RSA加密密钥与数据,因为它需要私钥解密?
My question: Is this the proper way to do something like this? If so, is it safe to send this RSA-Encrypted key with the data since it requires the private key to decrypt?
编辑 - 根据对答案,这确实是正确的方式。
EDIT - According to the Answers, this is indeed the proper way to go.
编辑 - 感谢您的回复。现在我真的想知道:
当最终用户生成他们的公钥/私钥对时,保存私钥的最佳方法是什么?我不希望它只能从一台机器访问,所以我试图避免使用用户的密钥存储。但 MSDN 表示不安全将密钥保存到一个文件中,那么你还能如何完成这个?
EDIT - Thanks for the replies. Now what I really want to know:
When having the end user generate their Public/Private key pair, what is the best way to save the Private key? I do not want it to be only accessible from one machine, so I am trying to avoid using the user's key store. But MSDN says it is not safe to save the key to a file, so how else can you accomplish this?
推荐答案
使用 PGP ,除非有很好的理由不要。 PGP是电子邮件中通常使用的混合密码的开放和普遍的标准。 PGP有很多实现。我知道的唯一一个.NET是 BouncyCastle加密项目的C#库。 PGP实际上提供了您描述的功能的超集;例如,PGP也可以对消息进行数字签名。
Use PGP unless there's a good reason not to. PGP is an open and ubiquitous standard for hybrid crypto commonly used in email. There are many implementations of PGP. The only .NET one I know is the BouncyCastle crypto project's C# library. PGP actually provides a superset of the functionality you describe; for instance, PGP can also digitally sign messages.
关于私钥存储。典型的解决方案是在将私有密钥写入磁盘之前对称加密私钥。只有私钥的真正拥有者才知道密码秘密,他们不会告诉任何人。这样,即使攻击者获得私钥文件,他们仍然必须妥协秘密或强力对称密码。所有的PGP实现,我知道这样做。
Regarding private key storage. The typical solution is to symmetrically encipher the private key before writing it to disk. Only the true owner of the private key knows the cipher secret, and they don't tell anyone. That way, even if an attacker gets the private key file, they still have to compromise the secret or brute force the symmetric cipher. All the PGP implementations I know of do this.
请不要重新执行PGP,如果你想要的。 PGP得到了广泛的支持。此外,像我这样的人类(可能是你自己),几乎没有机会获得一切正常。
Please don't reimplement PGP if it does what you want. PGP is pretty widely supported. Furthermore, mere mortals like myself (and presumably yourself) hardly stand a chance of getting everything right.
这篇关于使用AES加密文件,使用RSA加密密钥 - 我在正确的轨道上吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
