one, from the authentication mode of asymmetric encryption.
The public key is published by the sender of the message and the private key is held.
Steps:
1 , the sender publishes its own public key, which can be obtained by anyone.
2 , the sender encrypts the message with its private key and sends it.
3 , the receiving party decrypts the message using the sender's public key.
Disadvantages:
1, any third party intercepting the message can use the sender's public key to decrypt;
2, time consuming, not suitable for big data
two, digital signature
Process:
1 , the sender hashes the message that it wants to pass and gets the original message digest. (The digest can represent the message itself, the equivalent of a fingerprint)
2 , the sender uses its own private key to encrypt the message digest only, which is also known as a signature. Sends the message and the encrypted digest to the recipient. Because the abstract is very small, because the use of asymmetric encryption operation speed is also very fast.
3 , the receiver decrypts the message digest using the sender's public key, confirms the sender, and obtains the original message digest. The receiving party hashes the received message and gets a local message digest.
4 , the receiver compares the original message digest with the local message digest. If the same, the message has not been changed, if different, the message has been changed;
Advantages:
1, the problem of time-consuming of authentication mode in asymmetric encryption is solved.
Disadvantages:
1 , only the digest is encrypted, the message is not encrypted, and once intercepted, the message can be viewed.
third, digital signature demo
Using system;using system.collections.generic;using system.linq;using system.text;using System.security.cryptography;namespace Digital Signature {class Program {static void Main (string[] args) { Sender string plaintest = "Hello World"; String Privatekey = "<rsakeyvalue><modulus>qa89wuhlcmvyhjqw+ Mfjrz6ep8xuicvrkvwkuufrhbamlgxt2lhthssbszhfeechqvwgff+oybgj1ki72a3h056tm6yrnppjfajggrnsjswppna14e6f+zbvc/ Mzrislgntdxhbhuvnsmx+hlu+skz+b75rcmoyueoup8gxfeqs=</modulus><exponent>aqab</exponent><p >7vxysshaimztnvzgk3h3u9llnzsa5mck4/ilvatq5h3+yhegt0t+q2tv844quxcbpvkkrf+uvsb043nw65kotw==</p><q >tug739ddgwvrsbxle1zmuabvbzeunuicosbcgp/lsmbscdnk46rifjvz3nglfptbav4i7mpatr8je1o5gl485q==</q><dp >zyfxnjuyhxuilxzcjcccwb88pvklflceqb0nia1kaqihwjxreakkt/f0vfnk3mvbclyx/bk6ua7egktfrcub+w==</dp><dq >rLubBiNgBo6/hFJbZ6GcPCec4EbYB7s02DygjXZfsYEJdhQ3a7taW+QN4kEsHK6CmiRrbu7qpJMDvzK3R1wr/Q==</DQ>< Inverseq>a0q3ffhjSHdaZW0QrkqZNUNSQ+j5/ltPS9zaJQiVhO2abaYaGwKaVVsbuD7cB+i4EasAw4uQHrk456Vkw/HQnw==</InverseQ> <d>dyxifvafc2jrctd8mkw6e2ttsf6iha1t5y6t+xc5jvd7t/ Yi0qg7ce23bt1tpchc0hgdlstqjs3hgxzx6yjez0frz37uunnsnyrhh3canxquawaczmf7tpyoqbmgxp5ofpgaijumhmwysmm9wdrtoce6h39t5qlly7g6xh9 Mj+k=</d></rsakeyvalue> ";//The key here is generated by provider string signeddigest = Rsacryptohelper.signdata (plain Test, Privatekey); Console.Write (signeddigest); Console.WriteLine (); Receiver string publickey = "<rsakeyvalue><modulus>qa89wuhlcmvyhjqw+mfjrz6ep8xuicvrkvwkuufrhbamlgxt2lh thssbszhfeechqvwgff+oybgj1ki72a3h056tm6yrnppjfajggrnsjswppna14e6f+zbvc/mzrislgntdxhbhuvnsmx+hlu+skz+ B75rcmoyueoup8gxfeqs=</modulus><exponent>aqab</exponent></rsakeyvalue> "; BOOL Iscorrect = Rsacryptohelper.verifydata (Plaintest, Signeddigest, PublicKey); Console.Write (Iscorrect); Console.readkey (); } } <summary>//Class Rsacryptohelper//</summary>/<REMARKS>EDITOR:V-LIUHCH Createt IME:2015/5/17 19:15:42</remarks> public class Rsacryptohelper {/* RSACryptoServiceProvider *////////<summary>//Operation summary and signature of summary///</summary>//<param name= "p Laintext "> PlainText </param>//<param name=" Privatekeyxml "> Private key .</param>//<returns>sys Tem. string.</returns>//<remarks>editor:v-liuhch CREATETIME:2015/5/17 19:11:41</remarks> Pub Lic static string SignData (string plaintext, string privatekeyxml) {RSACryptoServiceProvider Provider = new RS Acryptoserviceprovider (); Provider. Fromxmlstring (Privatekeyxml); byte[] Plaindata = Encoding.Default.GetBytes (plaintext); Set the algorithm to get the digest hashalgorithm shal = hashalgorithm.create ("SHA1"); Get a signed summary byte[] Signeddigest = provider. SignData (Plaindata, shal);//Operation summary, and the digest is signed, and return the signature summary return convert.tobase64string (signeddigest); }///<summary>//verifies the data. </summary>//<param name= "plaintext" > Clear text </param>//<param name= "signature" > Verification Signature data .</param>//<param name= "Publickeyxml" > Sender's Public key </param>//<returns><c>t rue</c> if XXXX, <c>false</c> otherwise</returns>//<remarks>editor:v-liuhch Create TIME:2015/5/17 18:44:36</remarks> public static bool Verifydata (string plaintext, string signature, String Pu Blickeyxml) {RSACryptoServiceProvider Provider = new RSACryptoServiceProvider (); Provider. Fromxmlstring (Publickeyxml); byte[] Plaindata = Encoding.Default.GetBytes (plaintext); byte[] signeddigest = convert.frombase64string (signature); HashalgoritHM shal = hashalgorithm.create ("SHA1"); /* Summary: Verifies the specified signature data by comparing the specified signature data with the signature computed for the specified data. Parameters://Buffer://Signed data. HALG://hash algorithm name used to create the hash value of the data. Signature://signature data to validate. Returns the result://True if signature is validated as valid; otherwise, false. */BOOL Isdataintact = provider. Verifydata (Plaindata, Shal, signeddigest);//used to re-compute the message, draw a local digest, and decrypt the original digest that was passed in, and then compare the local digest to the original digest and return the result of the bool type return is Dataintact; }///<summary>//signs the data2. </summary>//<param name= "plaintext" >the plain text.</param>//<param name= "pri Vatekeyxml ">the private key xml.</param>//<returns>System.String.</returns>//< Remarks>editor:v-liuhch CREATETIME:2015/5/17 19:15:36</remarks> public static string SignData2 (string plaintext, string privatekeyxml) {Rsacryptoservicepr Ovider Provider = new RSACryptoServiceProvider (); Provider. Fromxmlstring (Privatekeyxml); byte[] Plaindata = Encoding.Default.GetBytes (plaintext); Set the algorithm to get the digest hashalgorithm shal = hashalgorithm.create ("SHA1"); Get original Digest byte[] Digestdata = Shal.computehash (Plaindata); Sign the original digest byte[] Signeddigest = provider. Signhash (Digestdata, "SHA1"); Return convert.tobase64string (signeddigest); }///<summary>//Verifies the DATA2. </summary>//<param name= "plaintext" >the plain text.</param>//<param name= "sig Neddigest ">the signed digest.</param>//<param name=" Publickeyxml ">the public key XML.</PARAM&G T <returns><c>true</c> if XXXX, <C>FALSE</c> otherwise</returns>//<remarks>editor:v-liuhch CREATETIME:2015/5/17 19:15:33</remarks> public static bool VerifyData2 (string plaintext, String signeddigest, String publickeyxml) {Rsacryptos Erviceprovider Provider = new RSACryptoServiceProvider (); Provider. Fromxmlstring (Publickeyxml); byte[] Plaindata = Encoding.Default.GetBytes (plaintext); byte[] Signeddigestdata = convert.frombase64string (signeddigest); Get Local digest HashAlgorithm shal = hashalgorithm.create ("SHA1"); Byte[] Digest = Shal.computehash (Plaindata); Decrypt the signature and determine if the digest is consistent bool Isdataintact = provider. Verifyhash (Digest, "SHA1", signeddigestdata); return isdataintact; } }}
. NET encryption and decryption--digital signature of asymmetric encryption