• notice
  • Congratulations on the launch of the Sought Tech site

About RSA encryption authentication and the method of using openssl to generate public key and private key

    I read some online statements about RSA encryption and decryption, but I don’t think it is easy to understand, and some don’t even understand The true characteristics of RSA.

    In general interface requests, we will encrypt, but basically use symmetric encryption and decryption, that is, the keys used are all the same string, such as parameter requests Here, we connect all the parameter values, and then add a piece of ciphertext to perform md5 hashing to extract a character length, and then the decryptor must use the same piece of ciphertext to add the parameter value to perform the operation to match the data.After modification.

    There is a problem here, that is, if this ciphertext is captured by a third party, the third party can create another ciphertext, so that the other party accepts that it is not true Data from the other party.The RSA encryption authentication can effectively avoid this problem.The reason is that the keys for RSA encryption authentication are a pair.One can be used for encryption and the other can be used for decryption, and vice versa.In this way, even if the third party knows the public key (usually secret key encryption, public key decryption), it cannot create another ciphertext, so that all the ciphertext received by the other party comes from the other party (even if it is not from The other party’s is exactly the same as the one sent by the other party).Borrow an icon:

< p>     Generally, when we talk about RSA, we always mention RSA encryption.In fact, RSA is more inclined to authentication.That is to say, this public key is not afraid of others knowing, even if you know you can only view the ciphertext, and cannot create the ciphertext to be decrypted with the public key.Because only one party knows the private key, and the public key may be known to multiple parties.Just like the interface request between the mobile phone and the server, the public key written in the APP, even if the APP is cracked, and the public key is obtained, other users who install the APP cannot accept the information it made, because the public key cannot generate the public key decryption secret.The text must be encrypted with a private key, and the private key is only known by the server.

    In addition, some people on the Internet think that public key encryption is needed, and the private key is used for decryption.Of course, this works, but the private key is more important than the public key and needs to be protected.Because the private key can generate the public key, the public key cannot generate the corresponding private key.

    Under linux/centos, you can easily use openssl to generate public and private keys.The premise is that openssl is installed, if yum install openssl is not available.The command is as follows:

[ In addition, there are people on the Internet who think that public key encryption is needed, and private key is used for decryption.Of course, this works, but the private key is more important than the public key and needs to be protected, because the private key can generate the public key.The public key cannot generate the corresponding private key.

    Under linux/centos, you can easily use openssl to generate public and private keys.The premise is that openssl is installed, if yum install openssl is not available.The command is as follows:

[ In addition, there are people on the Internet who think that public key encryption is needed, and private key is used for decryption.Of course, this works, but the private key is more important than the public key and needs to be protected, because the private key can generate the public key.The public key cannot generate the corresponding private key.

    Under linux/centos, you can easily use openssl to generate public and private keys.The premise is that openssl is installed, if yum install openssl is not available.The command is as follows:

[root@kermit~]# openssl OpenSSL> version OpenSSL 1.0.1e-fips 11 < span class="typ">Feb 2013 OpenSSL> genrsa -out rsa_private_key.pem    #generate private key Generating RSA private key,< span class="pln"> 1024 bit long modulus .....++++++  .........++++++ e is < /span>65537 (0x10001 ) OpenSSL > rsa -in rsa_private_key.pem -pubout -out rsa_public_key .pem    #generate public key< /span> writing RSA key OpenSSL> ^C [root@kermit~]# cat rsa_private_key.pem -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQC4dOcaj9mkOxzEqEIieN3WOWKGQe9l4Kk6SMWUUw5Ds+AmpqExAmpqEx class="pln"> +r7unLqmyUhz1BIek29uP4scesAcxsL/< span class="typ">GZUvwjVGjhQhKReJ9W5k4rXlAad3h1eI cCGNavMY89vLzAxEoKYtar99qrBzBQpBZXJmrgqhtPVaAbix/ typ">AoGAFFioyVBGxIvUr4iTyvOkHKY1zPNm8cjnQcuXJ7ZFo4gq2HiW3Ul4WB+noxAe 0 ="pun">/4s7C1oOaXdKvBlysBhVwQDYWfsXcSykxQlS6CgPnYYwWH97CADPNjsfKpqFKm NJQ7qw0XGSfm7 span class="typ">ERTUgT/hhImFg8aifTx7QWt9ZVYzeuD7ECQQDchBf60vdLnTy7 Pvs6LB4yGST7ycVEoj5dzF9QF2PfzL"> pln">fQ/HjQ7+AeN3Khou9hINdsG+kqNjgCQ39 IhRASxQzAkEA1iNirQavA5YVTpgcjVQGRgxHRGsc0epanE2 span class="pun">+KGl+ v88 ja7ykEZeSFNJzgqSzZ5cPGhtiUq59qjZeQJAdZu50lt76wcUYeVIRhFLlXqVn   /   hP zrgdPReH6gZfjPf9ZyrsskHqu9E6sQ4rL0uiaHB2SsKG0I3juRLY7CVewwJBAIwq qWJ8p35   / dP73DmlsAJdFXjjoq/qtom41CagUicnnNeiTVuQOwgIz686IYRqSehMG VMWGzPU1nc1qPoO4TnECQQDEsRUHndqtl02rhjH94v8BsllL4z3DRxMhwg6AyBUb TfEdV3ErR6iP8lW53z ">DmkcQaNWExLQYPZsvDKMnxrYQ -----END RSA PRIVATE KEY----- [root@kermit~]# cat rsa_public_key.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4dOcaj9mkOxzEqEIieN3WOWKG Qe9l4K6 "pun">+AmpqEx+r7unLqmyUhz1BIek29uP4scesAcxsL/GZUvwjVG jhQhKReJ9W5k4rXlAad3h1eIcCGNavMY89vLzAxEoKYtar99qrBzBQpBZXJmrix class="span>PVa span>fObSxPHGwIDAQAB -----END PUBLIC KEY----- [pun">/fObSxPHGwIDAQAB -----END PUBLIC KEY< /span>----- [pun">/fObSxPHGwIDAQAB -----END PUBLIC KEY< /span>----- [root@kermit ~]#

Tags

Technical otaku

Sought technology together

Related Topic

0 Comments

Leave a Reply

+