Re: Reverse Encryption in .NET

From: Hernan de Lahitte (hernan_at_lagash.com)
Date: 02/26/04 

Date: Thu, 26 Feb 2004 09:09:09 -0300

I don't know the value of this method for your business but certainly, from
a security perspective, it's value is null. Worst yet, its highly
"insecure". I wonder why you
don't create the key pair on the server side and send the public key to the
client, so he can use this key to encrypt the message (as normal practice)
and decrypt it on the server with it's private key. In the signature
scenario, the point is different because of the signature procedure nature
(see specs), this procedure DO need to be done by encrypting the hash with
the private key in order for the receiver to decrypt it with it's public
key, therefore achieving the "non-repudiation" key goal of the digital
signatures. The scenario you are describing applies to the signature case.

"James Chou" <jameschou2000@yahoo.com> wrote in message
news:73eb0fe0.0402251624.5d99aed4@posting.google.com...
> Hi,
>
> I saw several posts asking for reverse encryption (encrypt with
> private key instead of public key) in .NET. I am having the same
> question and wonder anybody has a good solution to it.
>
> Basically, my client application generates a key pair and exports the
> public key to server. The client application needs to encrypt a string
> with the private key and send it to server. Server authenticates the
> client after decrypts the stirng with the public key. It looks like a
> very simple procedure but it seems impossible with the RSA encryption
> provided by .NET. The Encrypt() method of RSACryptoServiceProvider
> seems to do encryption with public key ONLY. It does use private key
> to encrypt content when generating a signature though.
>
> Does anybody have a solution to it? If .NET doesn't support it, is
> there any way I can do it through Win32 CryptoAPI?
>
>
> Thanks
>
> James

Relevant Pages

  • Re: RSACryptoServiceProvider decrypt with public key
    ... key/decrypt with the private key and encrypt with the private key/decrypt ... encrypt data and send it back to Alice. ... only she can decrypt Bob's data. ... see the public key and the encrypted data, but she could not decrypt Bob's ...
    (microsoft.public.dotnet.security)
  • Re: how to have a gpg public key?
    ... Having just a public key doesn't do you much good. ... You need both a private key and a public key; ... can encrypt and decrypt your messages and you are just ...
    (Debian-User)
  • Re: DECRYPT with PUBLIC key (how to?)
    ... values in my application which would be decoded with my own public key which ... This is a very stupid thing to think that you can encrypt with private ... Private key operations often uses CRT ... Signature schemes and Encryption schemes have completely different ...
    (microsoft.public.dotnet.security)
  • Re: private to public decrypt now working
    ... would have the private key, all vice presidents would have a public key. ... All vice's could encrypt and only president could decrypt. ...
    (microsoft.public.dotnet.security)
  • [OT] Re: Basic question about Public Private Key Pairs
    ... > and private keys allow me to decrypt, but vice versa is not possible (or ... a public key and a corresponding private key. ... You can encrypt something with each key; ...
    (microsoft.public.dotnet.security)