Shulou(Shulou.com)06/01 Report--

This article mainly introduces the relevant knowledge of how to understand the public key and private key of the server, the content is detailed and easy to understand, the operation is simple and fast, and has a certain reference value. I believe you will gain something after reading this article on how to understand the public and private key of the server. Let's take a look.

Key distribution problem

With the symmetric encryption algorithm, can we communicate securely with third parties? Consider the following:

Xiao Ming wants to write a love letter to Xiao Hong, but this love letter is very private. Xiao Ming doesn't want anyone except Xiao Hong to know. Xiaoming has read flydean's blog, and he knows that there is a good thing about symmetric encryption.

So Xiao Ming thought, wouldn't it be safe if I encrypted the love letter using a symmetrical encryption algorithm, and then passed the encrypted love letter to Xiao Hong? But Xiaoming thought carefully and found a problem. The symmetric encryption algorithm must need a key to decrypt. In addition to passing the love letter, Xiaoming also needs to pass the key of the symmetric encryption algorithm, so that Xiao Hong can decrypt normally.

But how to pass the key safely? The key must be sent, but it cannot be sent, which is the problem of key distribution.

Let's take a look at several ways to solve the key distribution problem.

Share key beforehand

The easiest way to solve the key distribution problem is to share the key in advance, that is, Xiao Ming gives the key to Xiao Hong in advance. If the two of them are very close to each other, there is no problem. Just meet offline and give it to Xiao Hong.

If they separate the two places, they will be in trouble. Because the key may be hijacked during mailing or remote transmission.

Even if the key can be effectively shared, there will be a problem of key preservation. Every two people need a completely different key to communicate. If a large number of people communicate, a considerable number of keys need to be saved. It is not very convenient to operate in practice.

Key center distributes keys

In order to solve the problem of saving a large number of keys. A key center can be used to centrally manage keys. We can think of the key center as a server, in which everyone's key information is stored. Let's take a look at the specific communication flow:

Xiao Ming and Xiao Hong need to communicate.

The key center randomly generates a key, which will be the temporary key used by Xiao Ming and Xiao Hong in this communication.

The key center takes out the saved keys of Xiao Ming and Xiao Hong.

The key center encrypts the temporary key with Xiaoming's key and sends it to Xiaoming.

The key center encrypts the temporary key with Xiao Hong's key and sends it to Xiao Hong.

Xiao Ming receives the encrypted data, decrypts it with his own key, and gets a temporary key.

Xiao Hong receives the encrypted data, decrypts it with her own key, and gets a temporary key.

Xiao Ming and Xiao Hong can use this temporary key to communicate freely.

Please note that the use of the temporary key here is very clever, and we will talk about the clever use of this temporary key in the most commonly used https communication protocol later.

The key center is very good, but it also has some shortcomings. first of all, the key of the key center is centrally managed, and once it is breached, everyone's key will be exposed.

Secondly, all communications go through the key center, which may cause performance bottlenecks.

Use Diffie-Hellman key interaction

Diffie-Hellman generates the same key by exchanging some information between two parties.

Use public key and private key

The reason for password delivery is that symmetric encryption uses the same key. If we use an asymmetric encryption algorithm (the public key is only used for encryption and the private key is only used for decryption), can this problem be solved?

Going back to the question of communication between Xiao Ming and Xiao Hong, if Mr. Xiao Hongshi becomes a public key and a private key and sends the public key to Xiao Ming, Xiao Ming can encrypt the love letter with the public key and then send it to Xiao Hong. Only Xiao Hong can decrypt the love letter. It doesn't matter if the public key is bugged.

Of course, there is also a problem here, that is, Xiao Ming wants to make sure that the generated public key is indeed from Xiao Hong. The solution to this problem will be discussed later.

Another problem with public key keys is speed, which is only a few hundredths of that of symmetric encryption algorithms.

Let's draw a sequence diagram to explain the interaction flow of public key cryptography:

Xiao Hong generates a key pair containing public key and private key, sends the public key to Xiao Ming, encrypts the love letter with the public key, sends the ciphertext to Xiao Hong, decrypts the ciphertext with the private key, Xiao Hong Xiaoming.

This is the end of the article on "how to understand the public and private keys of the server". Thank you for reading! I believe that everyone has a certain understanding of the knowledge of "how to understand the public and private keys of the server". If you want to learn more, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.