encryption-asymmetric

问题 I am currently trying to adapt a few scripts we use to sign an encrypt/decrypt xml files using OpenSSL and S/MIME using Java and BouncyCastle. The command to sign and encrypt our file: openssl smime -sign -signer Pub1.crt -inkey Priv.key -in foo.xml | openssl smime -encrypt -out foo.xml.smime Pub2.crt Pub1.crt This generates a signed and encrypted smime-file containing our xml file. Currently this happens using a set of shell scripts under linux using the OpenSSL library. In the future we

问题 I'm in the process of developing an application that uses client side code (js to be specific), which needs to be secured. I.e. so that a user cannot steal the code and reuse it. Obfuscation is not an option, as I need the code to be fully secured (with encryption). After extensively scouring the internet for a solution that allows js encryption I have come come to the conclusion that this proprietary code can only be executed server side to ensure its security. Does any one have any other

问题 I'm playing around with Asymmetric Encryption and Decryption, but I don't understand the results I'm getting when I try to decrypt values. Why does this: CREATE ASYMMETRIC KEY myasymkey WITH ALGORITHM = RSA_2048 ENCRYPTION BY PASSWORD = '123pass!'; GO SELECT DECRYPTBYASYMKEY(ASYMKEY_ID('myasymkey'), EncryptByAsymKey(AsymKey_ID('myasymkey'), 'Greg'), N'123pass!'); GO Produce 0x47726567 ? I was expecting it to be Greg . UPDATE: I'm dumb, 0x47726567 is Greg when converted from varbinary . 回答1:

问题 I'm working on a kernel module which uses asymmetric cipher of kernel crypto api, kernel version 4.8.0. I generate asymmetric key pairs by openssl, convert them into DER format (which I knew was a subset of BER), and code into my module. Private key works just fine, but public key always fails at crypto_akcipher_set_pub_key, even if I try more other key pairs. dmesg just prints: [16891.604718] next_op: pc=0/10 dp=0/161 C=0 J=0 [16891.604721] - match? 30 30 00 [16891.604724] - TAG: 30 158 CONS

问题 From what I can tell TLS works using both symmetric and assymmetric encryption. The assymmetric schemes are used to exchange keys but when and what symmetric schemes are used? 回答1: The asymmetric schemes are used to exchange keys and digital-signatures. The symmetric schemes are used to data transfer with the agreed symnetric key during the key-exchange. This is called Hybrid cryptosystem. 回答2: Yes you are right. Asymmetric algorithms are usually slower than the symmetric algorithms. However,

问题 I'd like to implement a blind RSA signature in .NET. Is there any way to use the standard System.Security.Cryptography APIs to achieve this? The "obvious" idea doesn't work: using (var rsa = new RSACryptoServiceProvider()) signed = rsa.Decrypt(messageBytes, false); // CryptographicException: bad data I appreciate the dangers of blind signature but let's ignore those for a moment. Also, I'm not interested in other types of digital signatures. 回答1: You are going to have to roll you own. You can

问题 If RSACryptoServiceProvider cannot Encrypt data larger than it's KeySize, how RsaProtectedConfigurationProvider is implemented in the .Net framework? I am working on a utility that is going to be used to encrypt/decrypt some sensitive information. My two encryption provider options are DPAPI and RSA, while DPAPI not suited for web farm kind of environment, RSA is fits because of the Export/Import options with a KeyContainer. This is a stand alone application running on a workstation. As I am

问题 I'm working on a web application which the users will need to submit their social security numbers. I would like to use asymmetric keys for encryption so if the web server is compromised the private key will still be safe. The application won't be processed on the webserver. However the app needs the ability to know if the SSN is a duplicate to A not allow duplicates and B to allow users to come back to their application. Can this be done? Does it make sense to use a one way hash similar to

问题 Can you do symmetric encryption on SAML attributes in SAML 2.0? We can seem to do asymmetric. What are pros and cons? 回答1: SAML 2.0 utilizes XML Encryption (Sect 5.2.1 and 5.2.2). With that said, Sect 4.2 of the SAML 2.0 Conformance docs specifies you must support the following to be SAML 2.0 compliant: Block Encryption: TRIPLE DES, AES-128, AES-256. Key Transport: RSA-v1.5, RSA-OAEP In other words, SAML 2.0 mandates you use asymmetric keys. So, the "cons" will be that you are not SAML 2.0

问题 We have a requirement to encrypt data client side to ensure a 'secure' channel exists between our client's browser and a vendor. Basic premise is: Vendor generates a public / private keypair: VendorPub and VendorPriv Our clients enter sensitive data. On submit the javascript on the form encrypts the sensitive portions of the data, what gets submitted to our server is VendorPub(SensitiveData). We submit that package to our vendor as VendorPub(SensitiveData), only they can make use of that data