什么方法/算法/库可以安全地加密然后解密

发布于 2024-12-11 09:17:52 字数 360 浏览 3 评论 0原文

以下项目是使用 WinAPI 在 C++ 中完成的,对于加密/编码,我使用 CryptoC++,但我对更好的库持开放态度。我需要对电子邮件数据进行加密/编码,传输它,然后在另一端解密,以便特权用户可以阅读电子邮件。

我最初的想法只是使用我的密钥(例如“MYKEY”)使用 SHA256 加密电子邮件文本。但我想我并不完全理解什么是哈希。我知道用 SHA256 或 MD5 或 AES 加密的字符串是不可能解密的,但我认为如果我用我的特殊密钥(“MYKEY”)加密该字符串,只要我知道特殊密钥,我就可以解密它。这是正确的吗?

如果没有,您能否建议我可以使用一个库、算法或方法来完成加密/编码电子邮件文本和电子邮件的任务?只有当我有密钥或一些共享秘密允许我解密数据时才能解密它?

The following project is done in C++ with WinAPI, for encryption/encoding I am using CryptoC++ but I am open to better libraries. I need to encrypt/encode email data, transmit it, then decrypt it at the other end so privileged users can read the email.

My original idea was just to encrypt the email text using SHA256 using my key(eg "MYKEY"). But I think I don't fully understand what hashing is. I understand that a string encrypted with SHA256 or MD5 or AES is impossible to decrypt, BUT I thought that if I encrypt the string with my special key("MYKEY") that I could then decrypt it aslong as I know the special key. Is that correct?

If not can you suggest a library, algorithm or method I can use to achieve my task of encrypting/encoding email text & ONLY being able to decrypt it if I have a key or some shared secret that will allow me to decrypt the data?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

怪我鬧 2024-12-18 09:17:52

正如长颈鹿船长所说,哈希算法不是加密算法(尽管它们都属于对称密码学领域)。好的哈希函数无法恢复适合生成的哈希的消息(除了尝试所有可能的消息以查看它们是否给出相同的哈希)。 (此外,哈希函数具有固定大小的输出,但具有可变大小的输入,这意味着有许多消息给出相同的哈希值。即使是一对给出相同哈希值的消息,或者一条消息,仍然应该很难找到对于给定的哈希值。)

您需要一种加密算法。最有可能的是,非对称加密(使用公钥进行加密,私钥进行解密)是一个好主意。

不要发明新的加密数据格式或协议。您会犯错误,从而使您的产品不安全。

对于电子邮件加密,请使用 OpenPGP (RFC 4880) 或 S/MIME (RFC 3851),或其中之一的一些子集。

然后,您可以使用任何支持必要算法的库,或一些专门支持这些文件格式的库。

As said by Captain Giraffe, a hash algorithm is not an encryption algorithm (though they are both counted in the area of symmetric cryptography). A good hash function has no way to recover a message which fits to the produced hash (other than trying all possible messages to see if they give the same hash). (And also, a hash function has fixed size output, but has a variable size input, which means that there are many messages giving the same hash. It still should be difficult finding even one pair of messages giving the same hash, or a message for a given hash.)

You need an encryption algorithm. Most probably asymmetric encryption (using public keys to encrypt, private keys to decrypt) is a good idea.

Don't invent new cryptographic data formats or protocols. You will make mistakes, which make your product insecure.

For email encryption, use either OpenPGP (RFC 4880) or S/MIME (RFC 3851), or some subsets of one of these.

You can then use any library which supports the necessary algorithms, or some library which supports specifically these file formats.

木槿暧夏七纪年 2024-12-18 09:17:52

SHA256 和 MD5 是单向函数。即没有解密。请参阅哈希http://en.wikipedia.org/wiki/Cryptographic_hash_function

但在尝试创建安全通信之前,您确实需要阅读加密程序。

话虽这么说,维基百科有一篇专门介绍实现的文章 http://en.wikipedia.org/wiki/AES_implementations

SHA256 and MD5 are One way functions. i.e. There is no decryption. See Hashing http://en.wikipedia.org/wiki/Cryptographic_hash_function.

But you really need to read up on encryption procedures before attempting to create a secure communication.

That being said wikipedia has an article dedicated to implementations http://en.wikipedia.org/wiki/AES_implementations

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文