Current location - Quotes Website - Personality signature - Principles and methods of RSA encryption, decryption, signature and signature verification
Principles and methods of RSA encryption, decryption, signature and signature verification
RSA encryption is an asymmetric encryption. Decryption can be completed without directly passing the key. This can not only ensure the security of information, but also avoid the risk of being cracked caused by direct transmission of keys. It is a process of encryption and decryption with a pair of keys (called public key and private key respectively). There is a mathematical relationship between the two. The principle of this encryption algorithm is to decompose the difficulty of a very large integer to ensure security. Usually, individuals keep the private key, and the public key is public (it may be held by many people at the same time).

Encryption and signature are both for security reasons, but they are slightly different. People often ask whether to use private key or public key for encryption and signature. In fact, they all confuse the functions of encryption and signature. Simply put, encryption is to prevent information from being leaked, while signature is to prevent information from being tampered with. Here are two examples to illustrate.

The encryption process of RSA is as follows:

The process of RSA signature is as follows:

Summary: public key encryption, private key decryption, private key signature, public key verification.

RSA encryption has a limit on the length of plaintext, which stipulates that the maximum length of plaintext to be encrypted = key length-1 1 (in bytes, that is, bytes), so encryption and decryption need to be carried out in blocks. The default key is 1024 bits, namely 1024 bits /8 bits-11=128-1=1/kloc. So by default, the maximum length of plaintext before encryption is 1 17 bytes, and the maximum length of ciphertext after decryption is 128 words. So why is the difference between them 1 1 byte? Because RSA encryption adopts padding mode, that is, when the content is less than 1 17 bytes, it will be automatically padded. Using padding mode will naturally occupy a certain number of bytes, which also participate in encryption.