Who is RSA encryption?
RRSA encryption is the most commonly used asymmetric encryption method, and its principle is the difficulty of factoring a maximum integer to ensure security. The private key is usually kept by individuals, and the public key is public (possibly held by multiple people at the same time).
But you must have met two developers Arguing: who encrypts and who decrypts?
After reading this article, you will understand all this.
How to say norms
Let’s take a look at the authority library open_ The document description of SSL, which defines four methods
It seems that both private key and public key can be used for encryption and decryption?
But take a closer look
RSA_private_encryptThe descriptions are as follows:
low level signature operations
Click on the detailed description, we find that
RSA_public_decryptThere’s no real decryption,Only to verify the ciphertext!!!
In other words, for the private key encryption content, the default standard package specification only supports public key signature verification, and does not support public key decryption.
Based on the above conclusions, we know that the default specification is supportPublic key encryption, private key decryptionandPrivate key encryption, public key signature verificationOf
But we often meetPrivate key encryption, public key decryptionWhat’s the matter? In fact, there are three common situations when we use RSA encryption:
Public key encryption, private key decryption
One of the most common cases is that Alipay should have met it.
The receiver stores a private key, and the sender stores the corresponding public key for sending message encryption, which can confirm that the message is not leaked.
So Alipay will give you a public key generated by him. You need to generate the public key you generate to Alipay, and your communication is based on two pairs of public and private keys.
Private key encryption, public key signature verification
The sender publishes the original text and the ciphertext at the same time, and the client uses the public key to confirm that it is sent by the real sender.
This situation is generally used to confirm the authenticity of message publishing, and can be used in push, broadcast and public message verification scenarios.
Private key encryption, public key decryption
This scenario, which is not in the recommendation specification itself, is now very common.
For example, for offline software authorization, a public key is saved in the released software. The software manufacturer uses the private key to encrypt the original text containing the expiration time, and gets the ciphertext, that is, the authorization code. When the software is verified, the public key is used to decrypt the authorization code, and the current time is compared to confirm whether it is expired.
Because public key decryption is not supported in the standard package, the standard library such as golang is only implemented according to the standard package. When using the public key decryption method, it needs to use a third-party library or its own hack. But for the old programming languages C, Java, PHP and so on, the public key decryption method is provided in the standard package.
So we can find that RSA encryption is not necessarily by whom to encrypt, by whom to decrypt.
It depends on your use scenario. As for the public key and private key, they are the same in mathematical concept and can decrypt each other, but we can distinguish them according to whether they are open or saved in our own hands. Public key is the public key that is not afraid to be disclosed, and private key is the private key that is kept in one’s own hands.
After reading this article, if you think it will help you, please give me a compliment.
If there are mistakes or omissions in the article, please point out.