Re: private to public decrypt now working
- From: "Bob Bins" <deveng@xxxxxxxxx>
- Date: Fri, 18 May 2007 09:50:36 -0400
I was going to use the public/private key thing a little different that
normal. The public key would be semi-private and the private would be
extremely private. An example would be where say a president of a comany
would have the private key, all vice presidents would have a public key.
All vice's could encrypt and only president could decrypt. Then if the
president wanted something only his vice presidents should see he would
encypt with the private and only they could decrypt. But I guess this type
of encryption does not exist.
I herd somewhere before that both private and public and encrypt, which is
wrong. I will have to find another solution.
Thanks for the detailed explination.
"Valery Pryamikov" <valery.pryamikov@xxxxxxxxxx> wrote in message
news:1179466414.816985.79290@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On May 17, 6:37 pm, "Bob Bins" <dev...@xxxxxxxxx> wrote:
I am using the below sample for public private key encryption. And myHi,
problem is I can encrypt with the public key and decrypt with the private
key but I can't encrypt with the private and decrypt with the public. I
always get a BadKey error when I pass in the public key to decrypt.
Copy the below code in to a form and you will see. If you switch it to
use the public key to encrypt and private to decrypt it works. I through
it was supposed to work both ways?
Signature and Encryption are two different prototypes with different
security requirements that among other require different padding
modes. Use phrase "decrypt with public" key was the biggest obuse of
terminology in history of cryptography that was widespread by Bruce
Schneier's book "Applied Cryptography". The phrase it self were
supposed to be used to describe signature schemes with message
recovery (such as RSA). This phrase was also used to adjust asymmetric
encryption and signature to old protocol verification models such as
BAN. However, by it self this is just a missnomer - public key is
known to everybody and decrypt operation has meaning of providing
privacy to the content - which is impossible if decryption key is
known to everyone.
Even so raw RSA allows interchange of public and private key, but in
reality they can't be interchanged. Private key decryption is
implemented with using CRT (chinese remainder theorem) to provide 4x
better performance of private key operation. For that - you need not
only exponent, but also factorization of modulus and multiplicative
inverses of some product these factors. Public key has only modulus
and exponent and can't be used with such calculation.
Small private key is also subject to various attacks. For example
Veiner's attack allows to calculate private key in case if private key
exponent is 1/3 of public key exponent by used method of continued
fractions (a bit similar to rational numbers reconstruction method).
You will do your self a fawor if you stop thinking about signature
verification as "decryption with public key" and start use proper
terminology and proper operations! I.e. You encrypt with public key
and you decrypt with private key; you generate signature with private
key and you validate signature with public key. That's it
-Valery
.
- Follow-Ups:
- Re: private to public decrypt now working
- From: Joe Kaplan
- Re: private to public decrypt now working
- References:
- private to public decrypt now working
- From: Bob Bins
- Re: private to public decrypt now working
- From: Valery Pryamikov
- private to public decrypt now working
- Prev by Date: Re: private to public decrypt now working
- Next by Date: Custom Authorization Manager
- Previous by thread: Re: private to public decrypt now working
- Next by thread: Re: private to public decrypt now working
- Index(es):
Relevant Pages
|
