RSA公有私钥与JavaScript和C#的兼容性
[英]RSA Public Private Key compatibility for JavaScript and C#
问题描述
I have a multichannel application that has a Web Version and a mobile version using C#. 
我有一个多渠道的应用程序,它具有使用C#的Web版本和移动版本。
This application uses 'Trust No One' security model. 该应用程序使用“无人信任”安全模型。 That means, the keys generated when the user registers are encrypted using a passphrase on the client side before being sent to the server. 这意味着,当用户注册时生成的密钥在发送到服务器之前,会使用客户端上的密码加密。
These keys are used to encrypt the data, which is also stored on the server side. 这些密钥用于加密数据,该数据也存储在服务器端。
The reason, RSA private key is encrypted is, we don't want to have the ability to decrypt the data. RSA私钥被加密的原因是,我们不希望具有解密数据的能力。
Now, the application can be used on the browser or through mobile applications using Xamarin and C#. 现在,可以在浏览器上使用该应用程序,也可以使用Xamarin和C#通过移动应用程序使用该应用程序。
The data encrypted using the keys generated in JS, should be able to be decrypted using C# on the mobile app and vice versa. 使用JS中生成的密钥加密的数据应该能够在移动应用上使用C#解密,反之亦然。
What's the best way to implement this kind of encryption that's compatible with JS and C#. 实现与JS和C#兼容的这种加密的最佳方法是什么。
PS: The Keys are generated using the Browser Plugin! PS:密钥是使用浏览器插件生成的! So, it's kind of safer since other applications will not be able to access the background scope of the plugin. 因此,这样做比较安全,因为其他应用程序将无法访问插件的后台作用域。
1 个解决方案
解决方案1
0 2015-02-03 13:32:03
I've initially voted this down as too broad. 我最初将其否决为过于广泛。 Finding a matching set of primitives for a non-existing security protocol cannot be answered in detail. 找不到详细的针对不存在的安全协议的匹配原语集。 A general answer can be given however, so I'll do that. 但是可以给出一个一般性的答案,所以我会做的。
You first need to define your protocol. 您首先需要定义协议。 Instead of using RSA or AES, you should simply use E (for encryption) and D (for decryption) and specify which keys you expect to use. 而不是使用RSA或AES,您应该仅使用E(用于加密)和D(用于解密)并指定要使用的密钥。 Use H for hashing etc. Make sure your scheme is secure; 使用H进行哈希运算。确保您的方案安全; if you are stuck doing that, then ask at SE's IT security site . 如果您坚持这样做,请向SE的IT安全站点询问。
After you've defined you protocols you need to find matching primitives that are available both on C# and Java Script. 定义协议后,您需要找到在C#和Java Script上都可用的匹配原语。 A quick look showed that ECIES (which is much more efficient than RSA-encryption) is not directly present for Java Script. 快速浏览显示,Java脚本没有直接提供ECIES(比RSA加密效率更高)。 So at this time it's probably better to stick to RSA-OAEP. 因此,此时最好坚持使用RSA-OAEP。 You should have defined a hybrid cryptosystem , so you may want to use AES authenticated encryption (eg GCM or CCM) as well. 您应该已经定义了一个混合密码系统 ,因此您可能还希望使用AES认证的加密(例如GCM或CCM)。
Make very sure that your the implementation of RSA is resistant to time based attacks though, other applications may try and read the RSA private key during key generation or during decryption (or signing, if that's implemented). 请确保您的RSA实施能够抵抗基于时间的攻击,但是其他应用程序可能会在密钥生成或解密(或签名(如果已实施))期间尝试读取RSA私钥。
As you can see, this is getting hard pretty quickly. 如您所见,这变得越来越困难。 This is why developers should try and stick to pre-defined constructions such as TLS instead. 这就是为什么开发人员应该尝试坚持使用诸如TLS之类的预定义构造的原因。 If TLS is not an option, you may want to look for container formats such as CMS or PGP and use those as starting points. 如果没有选择TLS,则可能要查找诸如CMS或PGP之类的容器格式,并将其用作起点。 Of course, it's still tricky to find secure implementations for those structures as well (welcome to crypto). 当然,为这些结构找到安全的实现还是很棘手的(欢迎使用加密)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.