stackoom
  简体   繁体   中英

private key distribution techniques?

 原文  2012-05-20 14:10:46       java/ encryption/ rsa/ private-key

Question

I made a chat application with java rmi client server. For the security of my messages using the RSA algorithm, but my difficulty in distributing the private key into the opponent's chat. Perhaps from my friends there who can help how to distribute a private key to the opponent so that he can decrypt the chat messages sent.

3 answers

solution1
 3  2012-05-20 14:16:13

First of all you never distribute private key, whilst public key can be publicly (duh!) available. You encrypt your message using the public key of the person on the second side of the chat, and they use their private key to decrypt it. You can send your public key using plaintext, via e-mail or publish it on your website so others can encrypt their messages to you with it.

To make your life easier invest in using eg ssl - which is much faster since after establishing secure channel using asymmetric encryption it exchanges symmetric session keys and uses much faster symmetric encryption.

Actually, distributing of a public key might be an issue as well. If your opponent can also modify the transmission (as opposed to only listening to your transmission channel) he/she can send bogus public key of yours. That's why public keys (eg on website) need to be signed by the chain of trusted authorities (whose public keys are hard-coded in the web browser).

solution2
 0  2012-05-20 14:14:18

What you need to use is an asymmetric scheme to transfer the info. With asymmetric encryption, even if someone is listening in, they can't know what they key is. You can encrypt the message using this, but generally you use it to encrypt a symmetric key and then use that from there on.

Have a look at this for more information about the background.

As for how to do it in your code, I would suggest googling something along the lines of "java public key library".

solution3
 0  2012-05-20 14:27:51

RSA is a public key cryptography where your clients have a public key and you have a private key using which you decrypt the message that is the message is encryprted using clients public key and decrypted using your private key. you can check this out http://www.di-mgt.com.au/rsa_alg.html it very much explains in detail that how it works. this PPT explains how it can be implemented in java www.cs.cityu.edu.hk/~cs4288/Java/RSA.doc its really helpful.

Hope it helps!!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Restricting access of a Web application using public key/ private key techniques RSA private key parameter not a valid private key Tomcat server distribution license key Decrypting with RSA Private Key Certificate match to private key Private key of keygen tag Private and Public Key JKS missing the private key Extensions for Private and Public Key Importing private key to keystore
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM