RE: SSL Question

From: Raoul Armfield (armfield@amnh.org)
Date: 02/21/02

• Previous message: Gaz Wilson: "Re: Recommended Ethical Hacking, Hacker Techniques class"
• In reply to: Shripal: "RE: SSL Question"
• Next in thread: Kurt Seifried: "Re: SSL Question"
• Next in thread: Bruce.Morris@ernstyoung.com.au: "Re: SSL Question"
• Reply: Kurt Seifried: "Re: SSL Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 21 Feb 2002 12:42:32 -0500
To: <meghani@nsecure.net>, "Kurt Seifried" <bugtraq@seifried.org>, "Dawes, Rogan (ZA - Johannesburg)" <rdawes@deloitte.co.za>, "'Niall O Malley (LMI)'" <Niall.OMalley@eei.ericsson.se>, <webappsec@securityfocus.com>, <security-basics@securityfocus.com>
From: Raoul Armfield <armfield@amnh.org>

I am new to this field but as I understand it the public key does no form
of decryption only encryption the Private key does all the decrypting

At 05:28 AM 2/15/2002, Shripal wrote:
>|Huh. No. You have private keys and public keys. Public keys are distributed
>|and can be used to encrypt data that only the private key can decrypt.
>|Private keys can be used to sign data (actually it encrypts a hash value of
>|the data such as MD5 or SHA1) and this signature can be verified
>|(decrypted)
>|by the public key. This is essentially true of all "public key"
>|cryptography.
>
>If the private key is hashed while signing it by MD5 or SHA1 (both of which
>are irreversible) then how does the public key decrypt it??

Thanks,

Raoul

________

Military action is important to the nation -- it is the ground of death and
life, the path of survival and destruction, so it is imperative to examine
it. --- Sun Tzu " The Art of War"

---

• application/pgp-signature attachment: stored

---

• Previous message: Gaz Wilson: "Re: Recommended Ethical Hacking, Hacker Techniques class"
• In reply to: Shripal: "RE: SSL Question"
• Next in thread: Kurt Seifried: "Re: SSL Question"
• Next in thread: Bruce.Morris@ernstyoung.com.au: "Re: SSL Question"
• Reply: Kurt Seifried: "Re: SSL Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: PGP scripting... ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ... (SecProg) Re: RSACryptoServiceProvider decrypt with public key ... private key which my programs could decipher using a public key I've ... But since private key encryption and public key decryption isn't ... > If Alice gives Bob her public key, ... (microsoft.public.dotnet.security) RE: PGP scripting... ... that you keep the private key secret. ... Here is a quick over view of the public key encryption routines (the ... Since only he, through the use of his private key, can decrypt the ... (SecProg) [OT] Re: Basic question about Public Private Key Pairs ... > and private keys allow me to decrypt, but vice versa is not possible (or ... a public key and a corresponding private key. ... You can encrypt something with each key; ... (microsoft.public.dotnet.security) RE: PGP scripting... ... In addition to being confused about arbitrary asymmetry in RSA cryptography ... Microsoft .NET, for example, defines a private key as inclusive of its ... .NET Framework includes the public key. ... As for encryption speed, encryption transformations with a public key ... (SecProg)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2002-02