希望这个问题在stackoverflow的范围内,它包含一些更接近讨论的问题,但其他问题可以回答。
对于我最后一年的项目,我想尝试设置一个端到端的安全电子邮件 Web 应用程序(无论语言数据库或服务器如何)。
我正在经历加密等,并陷入了公钥加密。引自 HowStuffWorks
发送计算机用对称密钥加密文档,然后用接收计算机的公钥加密对称密钥。接收计算机使用其私钥来解码对称密钥。然后它使用对称密钥对文档进行解码。
那么文本使用对称密钥加密,对称密钥使用接收comp的公钥加密?但是接收方使用其私钥来解码对称密钥?Q1:为什么不使用自己的公钥?
此外,虽然我不完全了解公钥加密和使用它的服务,如 PGP 我阅读了有关数字证书的信息,但我再次不明白这是多么可靠,Q2:继续使用用户使用/通过的身份验证会不会更好为了登录他的帐户?[放弃这个问题这是我理解的错误]
Q3:除了以上所有我想知道是否有任何好的步骤可以用来证明系统的安全性。
这是我第一次接触加密方法,所以请对我的无知有点耐心。
谢谢你。
PS *有没有比公钥加密更好的方法?一直想知道最近有关 NSA 计算机处理能力的事件和出版物有多好。
Q1:为什么不使用自己的公钥?
公钥密码术的语义是,您只能使用匹配的私钥解密已用公钥加密的内容。
在伪代码中,以下命题成立:
Dec(PrivateKey, Enc(PublicKey, Message)) == Message
但是,您不能Enc(PublicKey, Message)使用PublicKey. 你需要私钥。
Q2:继续使用用户使用/通过的身份验证来登录他的帐户不是更好吗?
我不明白这个问题(我可以猜测你的意思,但不会因为这会破坏谈话)。如果你能澄清我会编辑答案。
Q3:除了以上所有我想知道是否有任何好的步骤可以用来证明系统的安全性。
是的,有很多工具可以用来证明系统的安全性。从高层次证明协议(例如:Proverif、strand space、easycrypt)一直到证明您运行的实际代码是正确的(例如:定理证明者,例如Coq、Isabelle和HOL4或通过S自动履行证明义务M T如fs2pv或F7(例如:mitls)。
甚至还有一种编程语言Cryptol,它设计和实现了集成的 SMT 支持,允许嵌入算法的正确性证明,并以更自然的方式实现一些功能(披露:我为 Galois 工作)。
This is a pretty tricky subject. I'll answer as best I can. Lets start with an example. You want to send an email to a friend in a secure format. You write the email and sign it with their public key. Then hit send. An encrypted ssl tunnel is opened to your email provider and the message is transmitted. Your mail provider forwards the message to their mail provider. He receives it and decrypts it with his private key and can read the message. Pretty easy right.
Q1: If you could decrypt with the public key than anyone could decrypt it. Q2: What if the mail provider gets hacked and your password gets stolen? Q3: Security is only as strong as the weakest link. There are many steps in the middle you have no control over. The only real control you have is the encryption on your side and their side. The best thing you can do is use known good encryption standards and rotate your keys early and often.
On a side note if your browser says https your using an encrypted SSL tunnel. It makes communication very secure between 2 parties. You encrypt with their public key and they decrypt with their private key. Whats not widely known is that the private keys for https are issued from what are called root certificate authorities. Its how browsers know the key being used is not forged or tampered with. Its widely believed that the NSA has obtained all private keys issued by the root CA's making all webpage traffic decryptable by them.
The best option for your email solution is to use privately generated keys. Using something like PGP or a competing standard. Do not use any that have been issued.