C++ 的快速非对称密码应用

发布于 2024-08-21 18:47:03 字数 509 浏览 7 评论 0原文

我正在寻找一种在 C++ 程序中使用的快速非对称密码算法。 我们的应用程序访问存储在存档中的只读数据(自定义格式,有点类似于 tar),我想通过非对称加密存档索引来防止对该存档进行任何修改(我知道这不是一个完美的解决方案,并且仍然可以使用某些技术提取和重新打包数据)。

存档中的一些单个文件使用对称密码进行加密,并且它们的加密密钥存储在存档索引(标头)中。这就是为什么我想对存档头进行非对称加密。

密码要求:
1) 算法实现应该是平台无关的。
2) 算法应该易于自己实现,或者应该在允许与专有应用程序静态链接的库(带有源代码)中提供,这意味着不能使用 GPL/LGPL/病毒许可证。 MIT/BSD 许可的代码或公共域代码是可接受的。
3)如果库中提供了 cypher,理想情况下它应该具有较小的内存占用,并且实现应该是紧凑的。我更愿意使用仅实现一种密码的 C/C++ 库,而不是成熟的通用密码集合。

本来我想使用RSA,但看起来它太慢了,没有什么用处,而且没有太多替代方案。

那么,对于我可以使用什么有什么建议吗?

I'm looking for a fast asymmetric cypher algorithm to be used in C++ program.
Our application accesses read-only data stored in archive (custom format, somewhat similar to tar), and I would like to prevent any modifications of that archive by asymmetrically encrypting archive index (I'm aware that this isn't a perfect solution and data can still be extracted and repacked using certain techniques).

Some individual files within archive are encrypted with symmetric cypher and encryption keys for them are stored within archive index(header). Which is why I want to encrypt archive header asymmetrically.

Cypher requirements:
1) Algorithm implementation should be platform-independent.
2) Algorithm should be either easy to implement myself or it should be available in library (with source code) that allows static linking with proprietary application, which means that GPL/LGPL/viral licenses cannot be used. MIT/BSD-licensed code, or public domain code is acceptable.
3) If cypher is available in library, ideally it should have small memory footprint, and implementation should be compact. I would prefer to use a C/C++ library that implements only one cipher instead of full-blown all-purpose cipher collection.

Originally I wanted to use RSA, but it looks like it is simply too slow to be useful, and there aren't many alternatives.

So, any advice on what can I use?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

惟欲睡 2024-08-28 18:47:03

好的,我已经找到了我一直在寻找的东西,并且我认为它比 OpenSSL 更好(至少对于我的目的而言)。

有两个库:
libtomcrypt,它实现了多种密码(包括 RSA),以及 libtommath,实现 bignum 算术。这两个库都属于公共领域,易于破解/修改,并且具有比 OpenSSL 更简单的编程接口,并且比 OpenSSL 更好的文档。
与我之前发现的旧公共域 rsa 代码不同,libtomcrypt 可以非常快速地生成新密钥,可以导入 OpenSSL 生成的密钥,并支持填充。 libtomcrypt 的另一个好处是它没有额外的依赖项(例如,Windows 版的 OpenSSL 需要 gdi32)并且比 OpenSSL 小。

毕竟,我决定使用 RSA 进行加密,因为(对我来说)没有真正的非对称替代方案。看起来大多数其他密码(elgamal、椭圆曲线)更适合对称加密,其中会话密钥被非对称加密。这不适合我。此类密码适用于网络通信/会话密钥,但将其用于磁盘上静态不变的数据并不好。

至于“RSA 速度慢”,我稍微改变了存档格式,所以现在只有一小部分数据被非对称加密。无法解密该块将使得完全读取存档索引变得非常困难(如果不是不可能的话)。另外,我必须承认 RSA 的缓慢部分是 旧代码 给人的错误印象我之前尝试过使用。

这意味着,问题解决了。解决方案是RSA + libtomcrypt。 RSA - 因为 RSA 没有太多替代品,而 libtomcrypt - 因为它很小并且在公共领域。

Okay, I've found what I've been looking for, and I think it is better than OpenSSL (for my purposes, at least).

There are two libraries:
libtomcrypt, which implements several cyphers (including RSA), and libtommath, that implements bignum arithmetics. Both libraries are in public domain, easy to hack/modify and have simpler programming interface than OpenSSL, and (much) better documentation than OpenSSL.
Unlike older public domain rsa code I found before, libtomcrypt can generate new keys very quickly, can import OpenSSL-generated keys, and supports padding. Another good thing about libtomcrypt is that it doesn't have extra dependencies (OpenSSL for windows wants gdi32, for example) and is smaller than OpenSSL.

I've decided to use RSA for encryption, after all, because (to me it looks like) there are no truly asymmetric alternatives. It looks like most of the other ciphers (elgamal, elliptic curves) are more suitable for symmetric encryption where session key is being encrypted asymmetrically. Which isn't suitable for me. Such ciphers are suitable for network communications/session keys, but it wouldn't be good to use that for static unchanging data on disk.

As for "RSA being slow", I've changed archive format a bit, so now only small chunk of data is being asymmetrically encrypted. Failure to decrypt this chunk will make reading archive index completely very difficult if not impossible. Also, I must admit that slowness of RSA was partially a wrong impression given by older code I've tried to use before.

Which means, question solved. Solution is RSA + libtomcrypt. RSA - because there aren't many alternatives to RSA, and libtomcrypt - because it is small and in public domain.

霓裳挽歌倾城醉 2024-08-28 18:47:03

OpenSSL 应该可以为您完成这项工作。它是开源的(apache 许可证,因此满足您的许可证要求)。

它被广泛使用并经过充分测试。

OpenSSL should do the job for you. It's open-source (apache license, so meets your license requirements).

It's widely used and well tested.

何以笙箫默 2024-08-28 18:47:03

使用自定义 RSA 对存档进行签名。将公钥存储在应用程序中,并将私钥保留在内部。现在任何人都可以修改只读存档,但您的应用程序将拒绝加载修改后的存档。

Use a custom RSA to sign the archive. Store the public key in the application and keep the private key in house. Now anyone could modify the read only archive, but your application would refuse to load the modified archive.

空袭的梦i 2024-08-28 18:47:03

查看 Curve25519,它是有效实现的椭圆曲线密码术,并且围绕专利问题。

它满足您的所有要求。 请参阅此处

您可以使用它来加密或简单地签名。

附带说明:

对于完整性检查,MAC 应该足够了,除非您确实需要非对称加密。

Check out Curve25519, which is elliptic curve crytpography implemented efficiently, and around patent problems.

It meets all of your requirements. See Here.

You can use it to encrypt, or to simply sign.

As a side note:

For integrity checking, a MAC should suffice unless you really need assymetric encryption.

木有鱼丸 2024-08-28 18:47:03

MD5怎么样?

是的,我知道 MD5 已被“破坏”; - 但大多数实际应用这是无关紧要的。
特别是如果修改后的数据还必须在特定数据格式中有效并且具有正确的 MD5

编辑:
如果您只想确保存储的数据无法更改(或者至少可以检测到它),但 MD5 不隐藏数据,那么 MD5 是合适的。请注意,如果您的应用程序中必须包含密钥和数据,则始终可以提取密钥。有一些隐藏密钥的技术 - 一种流行的技术是将其放在静态资源中,例如可以轻松链接的图标。

How about MD5?

Yes I am aware that MD5 has been 'broken; - but most practical applications this is irrelevant.
Especially if the modified data would also have to be valid in the particular data format as well as have the correct MD5

EDIT:
MD5 is appropriate if you want to just ensure that data stored can't be changed (or at least you can detect it) but it doesn't hide the data. Note that if you must have the key in your app alongside the data it can always be extracted. There are techniques for hiding the key - a popular one is simply to put it inside a static resource such as an icon that can be linked easily.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文