Java 如何制作一个简单的公钥密码算法?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19017419/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to make a simple public-key cryptographic algorithm?
提问by user2507230
I want to make a simple public-key(asymmetric) encryption. It doesn't have the be secure, I just want to understand the concepts behind them. For instance, I know simple symmetric ciphers can be made with an XOR. I saw in a thread on stackexchange that you need to use trapdoor functions, but I can't find much about them. I want to say, take a group of bytes, and be able to split them someway to get a public/private key. I get the ideas of a shared secret. Say, I generate the random number of 256(not random at all :P), and I split it into 200 and 56. If I do an XOR with 200, I can only decrypt with 200. I want to be able to split numbers random and such to be able to do it asymmetrically.
我想做一个简单的公钥(非对称)加密。它没有安全性,我只是想了解它们背后的概念。例如,我知道可以使用 XOR 生成简单的对称密码。我在 stackexchange 上的一个线程中看到你需要使用陷门函数,但我找不到太多关于它们的信息。我想说,取一组字节,并能够以某种方式拆分它们以获得公钥/私钥。我得到了一个共享秘密的想法。比如说,我生成了 256 的随机数(根本不是随机的:P),然后我将其拆分为 200 和 56。如果我对 200 进行 XOR,我只能用 200 解密。我希望能够拆分数字随机等能够不对称地做到这一点。
采纳答案by olegarch
OK, just a simple demo-idea, based on adding/modulo operation.
好的,只是一个简单的演示想法,基于加法/模运算。
Lets say we have a modulo value, for our example 256. This is a public-known, common value.
Let's say you generate a random secret private key in the interval [1-255], for example, pri=133. Keep secret key in the pocket.
Generate a public key, pub = 256 - pri = 123. This public key (123) you can share to the world. Imagine, 3rd party does not know, how to compute the private key from a public. So, they know only public key (123).
Someone from the public wants to send you an encrypted ASCII-byte. He gets his byte, and adds to it the public key by modulo 256 operation:
encrypted = (input_value + pub) % modulto;
假设我们有一个模值,例如 256。这是一个公知的、常见的值。
假设您在区间 [1-255] 中生成了一个随机秘密私钥,例如,pri=133。把秘密钥匙放在口袋里。
生成一个公钥,pub = 256 - pri = 123。这个公钥(123)你可以分享给全世界。想象一下,第 3 方不知道如何从公钥计算私钥。所以,他们只知道公钥(123)。
公众中的某个人想向您发送一个加密的 ASCII 字节。他获取他的字节,并通过模 256 运算将公钥添加到其中:
encrypted = (input_value + pub) % modulto;
For example, I want to send you the letter "X", ASCII code = 88 in encrypted form. So, I compute:
例如,我想以加密形式向您发送字母“X”,ASCII 代码 = 88。所以,我计算:
(88 + 123) % 256 = 211;
I am sending you the value 211 - encrypted byte.
You decrypt it by the same scheme with your private key:
decrypted = (input_value + pri) % 256 = (211 + 133) % 256 = 88;
我正在向您发送值 211 - 加密字节。
你用你的私钥通过相同的方案解密它:
decrypted = (input_value + pri) % 256 = (211 + 133) % 256 = 88;
Of course, using the simple generation pair in this example is weak, because of the well-known algorithm for generating the private key from the public, and anybody can easily recover the private using the modulo and public. But, in real cryptography, this algorithm is not known. But, theoretically, it can be discovered in future.
当然,在这个例子中使用简单的生成对是弱的,因为从公共生成私钥的算法是众所周知的,任何人都可以使用模和公共轻松恢复私人。但是,在真正的密码学中,这种算法是未知的。但是,理论上,它可以在未来被发现。
回答by Alec Teal
This is an area of pure mathematics, there's a book called "the mathematics of cyphers" it's quite short but a good introduction. I do suggest you stay away from implementing your own though, especially in Java (you want a compiler that targets a real machine for the kind of maths involved, and optimises accordingly). You should ask about this on the math or computer-science stack-exchanges.
这是纯数学的一个领域,有一本书叫“密码的数学”它很短但很好的介绍。我确实建议您远离实现自己的,尤其是在 Java 中(您需要一个编译器,该编译器针对涉及的数学类型的真实机器,并相应地进行优化)。您应该在数学或计算机科学堆栈交换中询问此问题。
I did get a downvote, so I want to clarify. I'm not being heartless but cyphers are firmly in the domain of mathematics, not programming (even if it is discreet maths, or the mathsy side of comp-sci) it requires a good understanding of algebraic structures, some statistics, it's certainly a fascinating area and I encourage you to read. I do mean the above though, don't use anything you make, the people who "invent" these cyphers have forgotten more than you or I know, implement exactly what they say at most. In Java you ought to expect a really poor throughput btw. Optimisations involving register pressure and allocation pay huge dividends in cypher throughput. Java is stack-based for starters.
我确实得到了反对票,所以我想澄清一下。我不是无情,但密码学是在数学领域,而不是编程(即使它是谨慎的数学,或者 comp-sci 的数学方面)它需要对代数结构有很好的理解,一些统计,这当然是一个迷人的领域,我鼓励你阅读。尽管如此,我的意思是,不要使用你制作的任何东西,“发明”这些密码的人忘记的比你或我知道的更多,至多完全按照他们所说的去做。在 Java 中,您应该期望吞吐量非常低。涉及寄存器压力和分配的优化在密码吞吐量方面带来巨大收益。对于初学者来说,Java 是基于堆栈的。
Addendum (circa 6 years on)
附录(大约 6 年后)
Java has improved in some areas now (I have a compiler fetish, it's proper weird) however looking back I was right but for the sort-of wrong reasons, Java is much easier to attack through timing, I've seen some great use of relying on tracing compiling techniques to work out what version of software is being used for example. It's also really hard to deal with Spectre which isn't going away any time soon (I like caches.... I feel dirty saying that now)
Java 现在在某些领域有所改进(我有编译器迷恋,这很奇怪)但是回想起来我是对的,但是由于某种错误的原因,Java 更容易通过时间进行攻击,我已经看到了一些很好的使用例如,依靠跟踪编译技术来确定正在使用的软件版本。对付不会很快消失的 Spectre 也真的很难(我喜欢缓存……我现在说这话很脏)
HOWEVER: above all, don't do this yourself! Toy with it AT MOST- it's very much in the domain of mathematics, and I must say it's probably better done on paper, unless you like admiring a terminal with digits spewn all over it.
然而:最重要的是,不要自己做这件事!玩弄它- 它在数学领域非常重要,我必须说它可能更好地在纸上完成,除非您喜欢欣赏一个到处都是数字的终端。
回答by James Robinson
http://en.wikipedia.org/wiki/RSA_(algorithm)
http://en.wikipedia.org/wiki/RSA_(算法)
Is the standard one on which the (whole) internet is based
是(整个)互联网所基于的标准
