公钥密码学的实现
我一直在使用 PHP mcrypt 模块来加密我公司的敏感数据。 这一直运作良好。 但是,我被要求创建一个新的主密码,该密码应该能够解密任何数据。 问题是这个主密码必须硬编码在脚本文件中。 如果我错了,请纠正我,但唯一安全的方法似乎是在脚本中硬编码公钥并使用它来加密数据,同时保持私钥安全并仅在需要时使用它来解密。
mcrypt 似乎没有这种方案的实现。 有人知道有一个库(PHP 模块或纯 PHP)可以做到这一点吗?
I have been using the PHP mcrypt module for encrypting sensitive data at my company. This has been working well. However, I have been requested to create a new master password which should be able to decrypt any data. The problem is that this master password would have to be hardcoded in a script file. Please correct me if I am wrong but the only secure way seems to be to hardcode a public key in the script and use it to encrypt data while keep the private key secure and use it to decrypt only when needed.
mcrypt does not seem to have an implementation for such a scheme. Does anybody know of a library (PHP module or pure PHP) which would do this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我建议查看 PHP OpenSSL 绑定,特别是 openssl_public_encrypt() 函数。 您确实可以将主公钥嵌入到脚本中,并让脚本使用此公钥加密每个用户的 AES 密钥。 将相应的主私钥妥善保存在公司内。
如果您需要主解密功能,您可以提取加密的用户密钥,使用主私钥对其进行解密,然后解密原始数据。
I suggest taking a look at the PHP OpenSSL bindings, and in particular the openssl_public_encrypt() function. You could indeed embed a master public key into the script, and have the script encrypt each user's AES key with this public key. Keep the corresponding master private key in the company safe.
Should you need the master decrypt function, you would pull the encrypted user key, decrypt it with the master private key and then decrypt the original data.
为此有一个 PECL 扩展。 https://www.php.net/manual/en/book.gnupg。 php
如果不需要非常快,您还可以使用 php 中的 gnupg 命令行工具:http://devzone.zend.com/article/1265
我还没有尝试过这两种方法。
There's a PECL extension for that. https://www.php.net/manual/en/book.gnupg.php
You can also use gnupg command line tool from php, if it doesn't have to be very fast: http://devzone.zend.com/article/1265
I haven't tried either method.
我不明白那会如何运作。 任何双向加密函数只有在输入用于加密的特定密码时才会解密(除非您是 NSA 并且在算法中设置了后门)。 您不能使用两个密码解密同一个文件(除非存在哈希冲突,但这不是您可以轻松实现的事情)。
至于将主密码存储在程序中,最好将其存储在程序读取的单独文件中,这样您就可以对该文件使用更严格的操作系统级安全性。
请记住 mcrypt 不是公钥加密。 不过,使用公钥加密技术,您也许可以做您想做的事。 例如,使用 PGP/GPG,您可以加密一个文件,以便三个不同的用户可以使用他们的私钥对其进行解密,而无需知道彼此的私钥。 因此,您可以拥有一个具有主密码的虚拟用户,该用户可以解密所有内容。
另一种选择是保留所有加密数据的两份副本; 一种使用用户密码加密,另一种使用主密码加密。
I don't see how that would work. Any two-way encryption function is only going to decrypt when fed the specific password used to encrypt (unless you're the NSA and you put back doors in the algorithms). You can't have two passwords decrypt the same file (unless there are hash collisions, but that's not something you can make happen easily).
As far as storing your master password in the program, it would be much better to store it in a separate file the program reads in, so you can use tighter OS-level security on that file.
Keep in mind mcrypt is not public key cryptography. With public key cryptography, you might be able to do what you want, though. For instance, with PGP/GPG, you can encrypt a file such that three different users can decrypt it using their private keys, without knowing each other's private keys. So you can have a virtual user with the master password that can decrypt everything.
Another option would be to hold two copies of all encrypted data; one encrypted with the user's password, and one encrypted with the master password.
只是为了确定您对此主密码的要求,
加密此”命令,该命令将“封印某物那么只有知道相关私钥的人才能打开它吗? 或者,
解密任何数据”听起来很危险(并且对于非对称密钥加密来说不可行/不实用)
根据评论进行更新。
然后必须保护主私钥(公钥并不重要)
Rijndael 256密钥加密特别是,在没有加密者的情况下
这种方法适用于,
个人使用 Rijndael 密钥即可轻松访问数据,
无需主私钥所有者的干预。
并且,当主私钥所有者信任数据的保密性时。
每次用户更新其副本时,您的方案都需要更新主副本(删除旧副本并重新加密新副本)。
但是,如果用户数据受到主服务器的信任(显然,这里的情况就是如此),
可以打开用户的 Rijndael 密钥
如果用户需要对数据进行签名,可以在该过程中单独完成。
它将使您免于保留双份副本并维护它们。
要对数据进行签名,用户可以拥有由他们生成的密钥对。
将足以验证用户已提供数据
主站可以信任数据的真实性——数据仍然可以被解密
Just to be sure of your requirement of this master password,
encrypt this' command that will 'seal' somethingwhich can then only be opened by someone knowing the private key in question? Or,
decrypt any data' sounds dangerous(and not-feasible/practical with asymmetric key encryption)
Update based on the comment.
the master private key must then be secured (public key is not critical)
Rijndael 256keyparticularly, in the absence of the individual who encrypted it
This approach will work for,
easy access of the data by the individual with the Rijndael key,
without need for intervention by the master private key owner.
And, when the master private key owner is trusted with the secrecy of the data.
Your scheme will need to update the master copy (deleting the older one and re-encrypting a new one) every time the user updates their copy.
However, if the user data is trusted with the master (as is clearly the case here),
which can open the user's Rijndael key
If the user needs to sign the data, that can be accomplished separately in the process.
It will save you from keeping double copies and maintaining them.
To sign the data, the user could have a a key pair generated by them.
will be sufficient to authenticate that the user has provided the data
the master may be trusted on the authenticity of the data -- which can still be decrypted