堆栈内存溢出
  简体   繁体   English

如何在Go中执行确定性RSA

[英]How do I do deterministic RSA in Go

 原文  2017-05-05 03:36:44       go/ cryptography/ rsa

问题描述

I have two go services, let's call them A and B. B holds an RSA key pair, while A only knows the public key. 我有两个Go服务,我们将它们称为A和B。B拥有RSA密钥对,而A仅知道公钥。 I want them to know if they agree on some value V. 我希望他们知道他们是否同意某个价值V。

I want to do this by having B encrypt encrypt V using the public key and have A do a comparison, but all the crytpo/rsa functions take an RNG which adds entropy and makes each hash of V different. 我想通过让B公钥对V加密来进行加密,然后让A进行比较,但是所有crytpo/rsa函数都采用RNG,这会增加熵并使V的每个哈希值不同。 That means I can't compare the hashes. 这意味着我无法比较哈希值。

Is there a function in the go standard library that will deterministicly hash V? go标准库中是否有确定性地对V进行哈希处理的函数?

Note: I can achieve this by using a fresh RNG seeded with the same value everytime I hash V, but I want to be able to compute this hash from other languages and that would tie me to Go's RNG. 注意:每次我对V进行哈希处理时,我都可以通过使用具有相同值的新鲜RNG来实现此目的,但是我希望能够从其他语言中计算出此哈希值,因此可以将我绑定到Go的RNG中。

2 个解决方案

解决方案1
 1  2017-05-05 03:51:26

I want to do this by having B encrypt encrypt V using the public key and have A do a comparison… 我想通过让B使用公共密钥对V加密并让A进行比较来实现这一点……

You're using the wrong primitive. 您使用了错误的原语。

If you want the owner of a private key to prove that they have some data, have them Sign that data. 如果您希望私钥的所有者证明他们有一些数据,请让他们对数据进行签名。 The recipient can Verify that signature using the public key. 收件人可以使用公钥验证该签名。

Use the SignPSS and VerifyPSS methods to do this. 使用SignPSS和VerifyPSS方法来执行此操作。 The signature will not be deterministic, but it doesn't need to be -- the recipient will still be able to verify it. 签名不是确定性的,但也不必是确定的-收件人仍将能够对其进行验证。

解决方案2
 0  2017-05-05 03:49:08

Take a look at the docs for EncryptOAEP : 看看EncryptOAEP的文档:

The random parameter is used as a source of entropy to ensure that encrypting the same message twice doesn't result in the same ciphertext. random参数用作熵的来源,以确保两次加密相同的消息不会导致相同的密文。

So the random data does not affect the reader's ability to decrypt the message with only the public key. 因此,随机数据不会影响阅读器仅使用公共密钥解密消息的能力。 The cipher text bytes will be different each time you encrypt the same value, which is a good thing. 每次加密相同的值时,密文字节将有所不同,这是一件好事。

Take a look at the examples on Encrypt/Decrypt OAEP in those docs. 看看这些文档中有关加密/解密OAEP的示例。 It should be sufficient to get you moving the right direction. 它足以使您朝正确的方向前进。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 Go 中解析 RSA 公钥? - How do I parse an RSA public key in Go? 如何使用Go编程语言使用从PEM文件读取的RSA私钥进行加密? - How do I encrypt with an RSA private key read from a PEM file using the Go programming language? 如何在Go中进行IN查询? - How do I do IN queries in Go? 在此示例中,如何使用Go例程? - How do I use Go routines in this example? 如何在Go中使用github包? - How do I use github packages in go? 如何在 Go 中初始化组合结构? - How do I initialize a composed struct in Go? 如何在 Go 模板中转义“{{”和“}}”分隔符? - How do I escape “{{” and “}}” delimiters in Go templates? 如何将go方法转换为func? - How do I convert a go method to a func? 如何在Go中写入DIBits结构? - How do I write to a DIBits structure in Go? 我如何 fork 一个 go 进程? - How do I fork a go process?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM