本文介绍了如何组合对称和非对称加密?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当谈到非对称加密时,经常说,由于某些原因,你不应该不对称地加密整个消息,例如。性能注意事项。
通常建议的工作流程为:
- 创建随机密钥 使用此随机密钥加密邮件
- 使用非对称加密加密随机密钥
- 将加密邮件和加密密钥发送给收件人 。
到目前为止,还不错。
只有两个问题:
- 如何发送加密邮件和加密密钥?有什么标准吗?或者我完全免费如何做到这一点? (我想要一个标准,如果有一个)。
- 有关如何创建随机密钥的最佳做法吗?更具体来说:OpenSSL中是否应该使用特定的函数来处理?
解决方案
ol>
When talking about asymmetric encryption it is often said that due to some reasons you should not encrypt your entire message asymmetrically, e.g. performance considerations.
The usually suggested workflow is:
- Create a random key for symmetric encryption
- Encrypt the message using this random key
- Encrypt the random key using asymmetric encryption
- Send the encrypted message and the encrypted key to the recipient
So far, so good.
Just two questions:
- How do I send the encrypted message and the encrypted key in combination? Is there a standard for that? Or am I completely free on how to do this? (I'd prefer a standard if there is one).
- Is there any best practice on how to create the random key? To be more specific: Is there a specific function in OpenSSL that should be used for that?
解决方案
- This was answered in comments. I would better recommend to check OpenPGP - it is somehow easier to understand, CMS has a huge ASN.1 structures overload.
- Random key just should be completely random byte string, generated from good random source.
这篇关于如何组合对称和非对称加密?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!