Re: couple more Q's on basic public key encryption techniques

From: xz (jasonshohet_at_gmail.com)
Date: 05/11/05 

Date: 11 May 2005 08:04:24 -0700

Carlos you are answering it... I think I'm starting to get a rough
understanding of the issue. You said:
 " encrypting the whole several megabytes [message] with a public-key
algorithm would be insanely slow. So, both parties agree on a
symmetric algorithm, and exchange the key they're going to use -- to
exchange that key in absolute secrecy, they use public-key (required
only to encrypt a few bytes) ".

So this is answering why people bother with the symmetric encryption of
the message, VS just encrypting the message with the receiver's public
key. Can you tell me if this pseudo-description looks right, and if
so, I have a question beneath it:

msg digest + msg enc. w/ symmetric key + symmetric key enc. w/
receiver's public key
[123a)(*$:@] + [456)@#j*lS:df2@l20f@3f] + [789sf)@f2]

Regarding the above, [123...] is the digest of the message. Thats
encrypted with my private key. I'm kind of confused about this digest
thing. I read somewhere that [123...] is supposed to match [456...]
 and if its a match, its 'basically' a digital signature -- and means
the message can't be repudiated. That may not be 100% true, but the
point is -- doesn't that take time to apply my private asymmetric key
to the entire message just to come up with a digest? Aren't we
supposed to avoid using private keys if possible. Why not just use the
symmetric key to encrypt the message & encrypt the symmetric key with
the receiver's public key & be done with it -- no message digest :)

Thanks again
Jason Shohet

Relevant Pages

  • Re: Encrypt a UsernameToken Authenticated WSE Response
    ... You can dictionary attack the pw digest pretty easy in the UT to get the pw. ... you can generate the symmetric key as all needed info ... > and is just used to generate the session key to encrypt. ... >> username and passwort und the data is symmetric encrypted, ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: RSA Encrypt/Decrypt Problems
    ... if encrypt the simmetric-key with rsa public-key means that the customer ... applications why is possible to gain the public-key from ... number) it must be used rsa to the contrary. ... encrypt with the private key ...
    (microsoft.public.dotnet.security)
  • Re: RSA Encrypt/Decrypt Problems
    ... wants to encrypt some data on the client and send to some server. ... server will have the private key to decrypt the key and iv. ... > applications why is possible to gain the public-key from ... > number) it must be used rsa to the contrary. ...
    (microsoft.public.dotnet.security)
  • Re: Help: using private key to encrypt in crypto++
    ... the public-key from the exe or debugs my program). ... >>want to encrypt a message using a private key (and decrypt with the ...
    (sci.crypt)
  • Re: couple more Qs on basic public key encryption techniques
    ... >exchange that key in absolute secrecy, they use public-key (required ... >only to encrypt a few bytes) ". ... Because you want to accomplish a variety of things. ... but encrypting some small "message" with your private key ...
    (sci.crypt)