我想使用混合加密技术,该技术涉及 AES 技术和 RSA 技术的组合来加密数据块。由于该技术涉及使用 AES 算法生成用于加密数据的随机密钥,然后 RANDOM KEY 也被加密使用 RSA 算法的公钥。但是我对这里将使用什么算法来生成我的随机密钥和公钥感到困惑。将使用单个密钥生成算法来生成随机密钥和公钥吗?或者我应该使用两种不同的方法来生成这些密钥???请通过提供合适的解决方案来消除我的困惑。
问问题
312 次
1 回答
1
Public / private key pairs are related mathematically, and so require a significantly different algorithm to generate them. They have very specific properties, which is also why you need such a large key (1024 bits or more) to have a secure key.
Symmetric ciphers such as AES use much shorter keys because the cipher does not rely on any specific mathematical properties of the key itself. That's why you can get good security with just a 128-bit key from AES.
Typically, the architecture you're describing uses AES with a one-time random session key to encrypt the bulk data, and then the private key encrypts the AES session key. The public/private key pair get generated ahead of time and are used for multiple messages. The session key changes message-to-message. (That's the basic idea behind PGP, as I recall.)
If you don't understand the differences between these elements and how they're used, might I suggest you rely on already-proven software such as GPG, PGP or libraries based on them?
于 2013-07-06T19:29:53.273 回答