Cryptography Asked by Alfe on October 24, 2021
I’m looking for a standard way of encrypting and signing a message using RSA and AES. I understand that in pseudo-code the actions taking place are like this:
Alice’s actions for sending a secret signed message to Bob:
AES = random()
message' = encrypt(message, AES)
AES' = encrypt(AES, Bob's public RSA)
messageHash = hash(message')
signature = encrypt(messageHash, Alice's private RSA)
send(Bob, AES')
send(Bob, message')
send(Bob, signature)
Bob’s actions for receiving a secret, signed message from Alice:
AES', message', signature = split(input)
AES = decrypt(AES', Bob's private RSA)
messageHash = decrypt(signature, Alice's public RSA)
receivedMessageHash = hash(message')
messageHash == receivedMessageHash? --> bail out if unequal
message = decrypt(message', AES)
So, Alice chooses a random AES key, encrypts the message with it, and sends this to Bob, along with an encrypted version of the AES key to decrypt it and a signature to prove her as an originator.
Of course, there are other setups, like sending to multiple people or having no need for a signature or similar, but I’m looking for a kind of setup like this. Maybe I understand something wrong and my pseudo code above lacks precision or contains a bug. It just represents my crude understanding of the matter 😉
I can do all this step by step by myself, using Python libraries like Crypto
or Unix shell tools like OpenSSL
.
But I’m looking for a standard way to do this, without worrying about how to implement paddings or that split()
function used in the pseudo-code when receiving the message. I guess there must be a library or a toolset or whatever which does this for me and which may be even allowed interoperating with other programs doing similar tasks.
Questions:
I’d prefer to stick to RSA and AES with an option of exchanging each with any other chosen algorithm, but solutions for a fixed algorithm set would be welcome as well.
As I said, sending from Alice to Bob is my first approach but being able to send to more than one receiver would be a nice bonus.
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP