C# 如何进行加密?

发布于 2024-10-21 13:55:49 字数 353 浏览 4 评论 0原文

我并不是要求提供带有代码的教程,我只是想进行研究,但我想确保我提出了正确的问题。

  • 我可以在 .NET 中开箱即用的最佳加密形式是什么?
  • 公钥/私钥,我在哪里安全地存储这些东西?
  • 为了正确执行此操作,我应该拥有哪些工具?

我从 AESCryptoServiceProvider 开始,加密了我传入的字符串,我很高兴。测试过,如果我调用它两次,它会得到相同的值。然后意识到我没有提供任何形式的密钥,因此第二次运行该应用程序产生了不同的结果。所以我开始阅读,查看 RSA 公钥/私钥等。只是想确保我正在阅读的内容走在正确的道路上。那里有大量的例子,但很少有人提到你把这些钥匙放在哪里,甚至从哪里得到它们。

I'm not asking for a tutorial with code, I'm trying to do the research, but I want to make sure I'm asking the right questions.

  • What's the best form of encryption I can use out of the box with .NET?
  • Public/Private key, where do I store these things securely?
  • What tools should I have in order to do this properly?

I started off with an AESCryptoServiceProvider, encrypted a string I passed in, I was happy. Tested that if I called it twice it would come out with the same value. Then realized I hadn't provided any form of key, so a second run of the app yielded different results. So I began reading up, seeing RSA Public/Private keys etc. etc. And just want make sure I'm going down the right path with the reading I'm doing. There's tons of examples out there, few mention where you put these keys or where you even get them from.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

非要怀念 2024-10-28 13:55:49

System.Security.Cryptography 中有很多密码学函数。

它们有哈希值、密码、流等等。

RSA 提供商是一个很好的提供商。以及安全地存储常量。我只能建议将它们加密存储在解决方案中。
您不应该能够从源代码中读取它们,因此在程序集构建后需要某种安全性。也许是混淆,也许是别的什么。
关于密钥的生成,不要使用您自己的系统,或者我猜任何开发系统。

编辑:
要生成密钥,您最好使用任一用户输入,例如,只需创建一个小应用程序,该应用程序计算输入每个字母的特定文本片段所需的时间。

或者使用 HRNG/TRNG,硬件随机数生成器(使用来自现实世界的输入,通过传感器检索)。或者真随机数生成器,基本上也是HRNG,但大多是用其他形式的输入,非常先进。
RANDOM.ORG 应该能够帮助您。

如果不是那么重要,只需将头撞到键盘上,然后查看结果即可:)。

There's a lot of cryptological functions in System.Security.Cryptography.

They have hashes, crypts, streams, and a lot more.

The RSA provider is a good one. And about storing the constants securely. I can only suggest storing them crypted in the solution.
You shouldn't be able to read them from the source, so there needs to be some kind of security after the assembly has build. Maybe obfuscation, maybe something else.
About the generating of the key, do not use your own system, or any development system I guess.

EDIT:
To generate keys you better use either user input, for example, just create a little application, that calculated the time it takes to type a certain piece of text, per letter.

Or use a HRNG/TRNG, Hardware Random Number Generator (uses input from the actual world, retrieved through sensors). Or True Random Number Generator, basically also HRNG, but mostly with other forms of input, very advanced.
RANDOM.ORG should be able to help you out.

If it's not that extreme important, just go smack your head against your keyboard, and see the results :).

爱的故事 2024-10-28 13:55:49

选择 AES。 Stack Overflow 已经有了 AES 算法的出色实现作为回答。

Go for AES. Stack Overflow already has a wonderful implementation of AES Algorithm as an answer.

人间☆小暴躁 2024-10-28 13:55:49

关于“公钥/私钥,我在哪里安全地存储这些东西?”,我建议你不要重新发明轮子。 Microsoft 已经花费了大量的精力来构建、积极维护和(希望)改进存储私钥的基础设施:https://msdn.microsoft.com/en-us/library/windows/desktop/bb204778%28v=vs.85%29 .aspx。您可以使用本机密钥存储。

Regarding "Public/Private key, where do I store these things securely?", I recommend that you do not re-invent the wheel. Microsoft has already spent a great deal of effort to build, and is actively maintaining and (hopefully) improving, infrastructure to store private keys: https://msdn.microsoft.com/en-us/library/windows/desktop/bb204778%28v=vs.85%29.aspx. You can use the native key storage.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文