Re: CryptExport private key only
From: Michel Gallant (neutron_at_nspxistar.ca)
Date: 10/26/03
- Next message: Remotesoft: "how to hide source code (not obfuscation)"
- Previous message: Russell B. Eggen: "Re: Enabling Access to Private Fields"
- In reply to: Anatoly: "CryptExport private key only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 26 Oct 2003 11:38:16 -0500
"Anatoly" <wiretransfers@yahoo.com> wrote in message news:eHO88H4mDHA.3612@TK2MSFTNGP11.phx.gbl...
> do I understand correctly, that when using RSA public/private key pair
> encryption, CryptExport's PRIVATEKEYBLOB flag will export both private and
> public keys together?
Yes, that is correct:
> from conventional use of Public/Private key pairs, it seems that one is
> supposed to use the public key to encrypt data and private key to always
> decrypt data.
With RSA asymmetric cipher supports encrypting limited amount of data
(a hash or a secret key) with one key and decrypting with the other key:
(1) using public key to encrypt is typically used to encrypt a secret session key
to a recipient whose public key/certificate you have
(2) you can use your private key to encrypt a hash (your digital signature)
or you can use your private key to decrypt something encrypted as in (1)
> Is it legitimate to interchange the private/public keys in their purpose?
> that is can I use the public key to decrypt and private to encrypt and
> benefit from the same level of protection as the conventional scenario?
See comments above
- Michel Gallant
Visual Security MVP
- Next message: Remotesoft: "how to hide source code (not obfuscation)"
- Previous message: Russell B. Eggen: "Re: Enabling Access to Private Fields"
- In reply to: Anatoly: "CryptExport private key only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
