How Digital envelopes work

A digital envelope is a method of distributing a symmetric key through asymmetric encryption (that is, two of the public and private keys).
The digital envelope is defined as a term in pkcs#7 and is interpreted in the body as follows: The digital envelope contains the encrypted content and the encrypted key used to encrypt the content. Although you often use the public key of the receiver to encrypt the encryption key, this is not required, and it can be encrypted using a symmetric key that is pre-shared by the sender and receiver. When the receiving party receives the digital envelope, it decrypts with the private key or preshared key, obtains the "encryption key", and then uses the key to decrypt the text, obtains the original text. Digital envelope technology uses a two-layer encryption system.
Digital envelope is a kind of technology that utilizes the advantages of symmetric encryption technology and asymmetric encryption technology to transmit information safely. Digital envelopes not only play the advantages of fast symmetric encryption algorithm, good security, but also play the advantages of convenient key management for asymmetric encryption algorithm.
Application and Application methods

Digital envelope is an application of public key cryptosystem in practice, and it is to use encryption technology to ensure that only the specified addressee can read the content of communication.
In the digital envelope, the message sender uses the symmetric key to encrypt the information content, and then encrypts the symmetric key with the receiver's public key (this part of the digital envelope), sends it to the receiver with the encrypted message, and the receiver opens the digital envelope with the corresponding private key to obtain the symmetric key. Then use the symmetric key to unlock the encrypted information. The security of this technology is quite high. Digital envelopes mainly include digital envelope packaging and digital envelope disassembly, digital envelope packaging is to use the other party's public key to encrypt the encryption key process, only the other's private key to restore the encrypted data (communication key); Digital envelope disassembly is the process of decrypting encrypted data with the private key.
Replacement of Keys
The function of the digital envelope is similar to the ordinary envelope, and the ordinary envelope guarantees that only the addressee can read the contents of the letter under the law; The digital envelope uses cryptography to ensure that only the specified recipient can read the information. Symmetric cryptosystem and public key cryptosystem are used in digital envelopes. The information sender first uses the randomly generated symmetric cipher to encrypt the information, then uses the receiver's public key to encrypt the symmetric password, and the symmetric password after the public key is encrypted is called the digital envelope. In order to decrypt the information, the receiver must decrypt the digital envelope with its own private key and obtain a symmetric password to decrypt the information obtained by using a symmetric password. This guarantees the authenticity and completeness of the data transmission.
In some important e-commerce transactions, the key must be replaced frequently, in order to solve the problem of each key replacement, combined with the advantages of symmetric encryption technology and public key technology, it overcomes the problem of private key distribution difficulty in private key encryption and the long encryption time in public key encryption, Use two levels of encryption to gain the flexibility of public key technology and the efficiency of private key technology. The sender of the information encrypts the information using a password to ensure that only the specified addressee can read the contents of the letter. Using digital envelope technology, even if encrypted files are intercepted illegally by others, because the interceptor cannot get the sender's communication key, it is impossible to decrypt the file.

How Digital envelopes work