使用单一密钥进行加密,使用多个密钥进行解密。

huangapple go评论65阅读模式
英文:

Encryption with single key and decryption with multiple keys

问题

我正在寻找一种只使用单个密钥进行加密,但解密需要多个密钥2、3、4和5的机制。请注意,我希望所有(2、3、4和5)密钥都需要用于解密。
我想在Python中实现它,但在网上找不到具体的材料。
我找到了答案:
https://stackoverflow.com/questions/597188/encryption-decryption-with-multiple-keys
根据这个答案,我可以使用GnuPG来实现这个目的。我阅读了GnuPG,但找不到答案。
我找到了Shamir的秘密共享,我相信它可以解决我的问题。但我找不到它在密码学或其他流行的Python包中的实现。
我准备实现Shamir的秘密共享维基百科页面上提供的代码,但我不确定它的实现是否安全?

英文:

I am searching for a mechanism which encrypt using single key. but for decryption it require multiple keys 2,3,4 and 5. Note that I want all (2,3,4 and 5) keys need to decrypt.
I want to implement it in python. but i couldn't found concrete material online.
I found answer
https://stackoverflow.com/questions/597188/encryption-decryption-with-multiple-keys
according to it i can use GnuPG for this purpose. I read GnuPG but i couldn't able to find answer to it.
I found Shamir's Secret Sharing I believe it could solve my problem. But i couldn't found it's implementation in cryptography or other popular python package.
i am ready to implement code which is given in Wikipedia page of Shamir's Secret Sharing. but i have one problem. I am not sure about it's implementation is secure ?

答案1

得分: 4

请注意,我希望所有(2、3、4和5)个密钥都需要解密。
我发现了Shamir的秘密共享,我相信它可以解决我的问题。

Shamir的秘密共享也可以解决您的问题,但它可以做更多的事情(仅使用密钥子集来恢复解密密钥)。这是以复杂性和性能为代价的。如果您考虑将来使用这些份额(子集)的任何选项,我认为Kelalaka的链接可能是您的最佳选择。

如果您需要所有密钥进行解密,您可以简化您的代码,从N个随机密钥派生加密密钥(更快且更简单),使用任何安全操作(XOR、哈希、无余数加法等)。我建议使用简单的XOR,因为它是一个可交换的操作,快速且支持开箱即用。

示例:

  • 生成N个随机解密密钥
  • 对所有解密密钥执行XOR操作以获取加密密钥

注意。您的第一个链接(使用多个密钥进行加密/解密)是使用GPG分别为多个接收者(公钥)加密单个加密密钥,因此任何接收者都可以恢复加密密钥。

英文:

> Note that I want all (2,3,4 and 5) keys need to decrypt. <br/>
> found Shamir's Secret Sharing I believe it could solve my problem

Shamir's Secret Sharing could as well solve your problem, but it can do more (recover the decryption key having only a subset of the keys). It's doing that in expense of complexity and performance. If you consider any future option to use the shares (subsets), imho the link from Kelalaka is maybe the best you can get for your case.

If you need all the keys for decryption, you can simplify your code to derive the encryption key from N random keys (faster and simpler) using any secure operation (XOR, hash, remainterless addition, ..). I'd prefer using simple XOR as it is a commutative operation, fast and supported out of box

example:

  • generate N random decryption keys
  • XOR all the decryption keys to get the encryption key

Note. Your first link (encryption/decryption with multiple keys) is using GPG to encrypt a single encryption key for multiple recipients (public keys) separately, so any of the recipients would be able to recover the encryption key

huangapple
  • 本文由 发表于 2020年1月6日 18:25:01
  • 转载请务必保留本文链接:https://go.coder-hub.com/59610385.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定