Java 的 RSA 实现,BC 的替代方案

发布于 2024-09-02 22:58:00 字数 301 浏览 3 评论 0原文

附带的 RSA 实现 充气城堡只允许 对单个数据块进行加密。 RSA算法不适合 流数据,不应使用 那样。在这样的情况下你 应该使用加密数据 随机生成的密钥和对称的 密码,之后你应该加密 使用 RSA 随机生成的密钥, 然后发送加密数据 加密的随机密钥给对方 结束他们可以扭转这个过程的地方 (即使用解密随机密钥 他们的RSA私钥然后解密 数据)。

我无法使用使用对称密钥的解决方法。那么,除了 Bouncy Castle 之外,还有其他 RSA 实现吗?

The RSA implementation that ships with
Bouncy Castle only allows the
encrypting of a single block of data.
The RSA algorithm is not suited to
streaming data and should not be used
that way. In a situation like this you
should encrypt the data using a
randomly generated key and a symmetric
cipher, after that you should encrypt
the randomly generated key using RSA,
and then send the encrypted data and
the encrypted random key to the other
end where they can reverse the process
(ie. decrypt the random key using
their RSA private key and then decrypt
the data).

I can't use the workaround of using symmetric key. So, are there other implementations of RSA than Bouncy Castle?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

煮茶煮酒煮时光 2024-09-09 22:58:00

此限制不仅仅是 Bouncy Castle 随机发明的,并且使用对称密钥也不是“解决方法”:这是正确的做法。

RSA 算法本质上不适合加密大量数据。如果您真的真的真的真的想在大量数据上使用它,那么您可以将数据分成足够小的块,并对每个块进行加密。但这不是标准做法,您可能会遇到您没有想到的安全问题,而 AES 等分组密码具有处理您可能遇到的问题的标准方法(请参阅 块模式——本质上存在安全问题,例如使用相同的密钥多次加密相同的数据,而块模式是一种内置的方法来处理这个问题)。

我真的会坚持使用对称加密进行流式传输并使用 RSA 加密对称密钥(基本上没有其他内容)的标准做法。

This restriction isn't just something randomly invented by Bouncy Castle, and using a symmetric key isn't a "workaround": it's correct practice.

The RSA algorithm is intrinsically not suited to encrypting large quantities of data. If you really really really really really want to use it on a large quantity of data, then you could just about split your data up into blocks small enough, and encrypt each one. But this is not standard practice and you could run into security issues you haven't thought of, whereas block ciphers such as AES have standard means for dealing with the issues you may come across (look at block modes-- essentially there's a security issue for example encrypting the same data with the same key multiple times, and block modes are a built in way to deal with this).

I would really just stick to the standard practice of streaming with symmetric encryption and encrypting the symmetric key (and essentially nothing else) with RSA.

一枫情书 2024-09-09 22:58:00

是的,JDK 附带了一个,但它不会给你带来任何好处。通常,这是使用 RSA 时完成加密的方式。您生成一个随机对称密钥并用它加密您的数据。您使用 RSA 加密对称密钥并传输。

如果您只想使用 RSA 进行加密并忽略对称部分,您可以这样做(无论是否使用 BC),但请注意,加密或解密的速度会非常慢,并且比典型的替代方案占用更多的空间。

Yes, the JDK comes with one but it won't do you any good. Typically, this is the way encryption is done when using RSA. You generate a random symmetric key and encrypt your data with that. You encrypt the symmetric key with RSA and transmit.

If you want to encrypt only with RSA and leave out the symmetric part you can do that (with BC or without) but be warned that it's going to be awfully slow to encrypt or decrypt and take up a LOT more space than the typical alternative.

紅太極 2024-09-09 22:58:00

所有 RSA 实现都会有类似的警告。这就是 RSA 算法的本质。

使用所描述的对称密钥不是“解决方法”。这是“正确的”。如果有可能应用更好的加密技术,那就值得追求。

All RSA implementations would have a similar caveat. That's the nature of the RSA algorithm.

Using a symmetric key as described isn't a "workaround". It's "correct." If there's any possibility of applying a better encryption technique, it would be worth pursuing.

兮颜 2024-09-09 22:58:00

您可以为每个数据“块”调用一次 RSA。不要这样做。

  • RSA 不是分组密码。它接受 [0,p×q] 范围内的输入,而不是 [0,2n−1] 范围内的输入。在明显的实现中,每个输出块至少比输入块大1位,这是不理想的。
  • RSA 是乘法的。使用 RSAe() 表示使用密钥 e 进行 RSA 加密,
    • RSAe(0) = 0
    • RSAe(1) = 1
    • RSAe(a*b) = RSAe(a) × RSAe(a)

为什么不能生成对称密钥?

You can invoke RSA once for each data "block". Don't do this.

  • RSA isn't a block cipher. It accepts inputs in the range [0,p×q], not [0,2n−1]. In the obvious implementation, each output block is at least 1 bit larger than an input block, which is not ideal.
  • RSA is multiplicative. Using RSAe() to mean RSA encryption with key e,
    • RSAe(0) = 0
    • RSAe(1) = 1
    • RSAe(a*b) = RSAe(a) × RSAe(a)

Why can't you generate a symmetric key?

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文