In terms of network security, I think if there are tripartite servers to authenticate both of them and encrypt their communications, it can. If there is no three party server assistance. A and B can not carry out secure private communication. I wonder if they are right? Seeking Dalao guidance
First of all, one of the characteristics of public networks is insecurity, as long as you are in the public network, it is definitely insecure. Then, third-party servers also need to authenticate by passing information related to A and B. How do you ensure that this information is delivered safely without being intercepted and forged?
Personally, it is entirely possible to adopt asymmetric encryption / decryption secure transmission mechanism. RSA can be used for simplicity of logic, and if performance is to be considered, a session_key for symmetric encryption and decryption can be generated by imitating SSL.
1、With A as the master, A stores the public key of B.
2、B When communicating with A, B sends its own public key to A. A does 3 if it confirms that B’s public key is registered locally, otherwise it refuses to communicate.
3、A Random generation of a sequence of session_keys for symmetric encryption and decryption, encrypted with B’s public key and sent to B with session_key_enc
4、B Use your private key to decrypt session_key_enc and get it to session_key.
5、A B After that, session_key is used to encrypt and decrypt data.
session_key It is always encrypted and transmitted between A B, so it is secure. Session_key has never been exposed on the public network, and even if someone hijacked the session_key_enc by requesting forged analog B requests to communicate with A, but without the private key of BIt doesn’t make any sense. If you want to do peer-to-peer communication, you can register the public key of A at B.
AWhat is the relationship between B communication and the third party server?
The RSA algorithm can be used directly.
- ASend Gong Yue to B
- AEncrypting data with private key
- BDecrypting data with public key