sahil malik mvp

Public Private Key Pairs - How do they work?
-----------------------------------------------

I was looking at a presentation recently in which it was suggested that -

User 1 Encrypts a message using User 2's Public Key.
User 2 Decrypts the transmission using his Private Key to get the orignal
message.

Is the above correct?
Comment #1: The above seems to suggest that Public keys allow me to encrypt,
and private keys allow me to decrypt, but vice versa is not possible (or the
above wouldn't be secure)

If it is, then a subsequent slide shows the following for digital signatures

User1 creates a hash digest.
User1 uses his private key to encrypt the digest to create a digital
signature
The digital signature + the original message go to user 2
User2 segregates the digital signature and message.
User 2 creates hash of the message
User2 decrypts the encrypted hash using User1's public key, if this equals
the hash calculated in the previous step - then the message has been not
tampered with.

Is the above correct?
Comment #2: This seems to suggest that Public keys allow me to decrypt, but
vice versa is not possible (or the signature would not work).

... QUESTION ...
How can both Comment #1 and Comment #2 hold true? What am I missing?

Please help. Thanks !!

- Sahil Malik [MVP]
http://codebetter.com/blogs/sahil.malik/

sean hederman

You're right I think. With secure non-repudiatable communications the
sequence goes:

clear-text message
User 1 decrypts message with User 1's private key.
User 1 encrypts message with User 2's public key.
Message is sent.
User 2 decrypts message with User 2's private key.
User 2 encrypts message with User 1's public key.

So I think that in Comment 2, it should be that User 1 uses their private
key to decrypt the message, not encrypt it. Similarly User 2 encrypts the
message with User 1's public key, resulting in cleartext.

michael voss

You own a key pair: a public key and a corresponding private key.
Public keys are available to public (hence "Public" key, published on the
internet or similar). The corresponding private key is not published; you
keep it in a secure location. You can encrypt something with each key; it
can be decrypted with the other key of the key pair only.

So if someone encrypts something with your public key this ensures it can be
decrypted with your private key only. Since the only person knowing your
private key is you, the only person to decrypt whatever was encrypted is
you. This ensures that no one else is able to read messages encrypted with
your public key. So the above is correct.


Why shouldn't it be possible to encrypt with your public key and decrypt
with your private key ?

As stated above, something encrypted with any key of a public/private key
pair can be decrypted with the other key of the pair only.
You create a hash value for your message and encrypt it with your public
key. This hash can be decrypted by everyone with your public key only. If
the (decrypted) hash equals the (newly calculated) message hash, this
indicates, that
1.) the message has not been altered
2.) the key used for decryption is the other key of the key pair the hash
was encrypted with, so the message is confirmed to be encrypted by you.

Encrypting with a private key makes sure the message originates from you
since it (or a corresponding hash) can only be encrypted with "your"
(published) public key, this is a signature. The message can be read by
everyone.

Encrypting with a public key makes sure the message can only be read by the
owner of the corresponding private key. This makes it a secret message.

If you want to make sure only the intended receiver of a message can read
the message and the receiver can ensure that you are the origin of the
message, you would encrypt the message with the receivers public key (can be
decrypted by the intended receiver with his private key only) and you would
encrypt the messages hash value with your private key, making sure the
receiver can encrypt it with your public key and compare it with the newly
calculated hash, so he knows it was sent by you and has not been altered.

hth
Michael

michael voss

Hi Sean.


Why should user 1 decrypt a clear-text message? There is nothing to decrypt
as it's clear text already. The user _en_crypts the message (or creates a
hash and encrypts that hash) with his private key. This is to make sure
everyone can ensure the message originates from user 1.


This is to make sure nobody except user 2 can decrypt and read the message.

Only User 2 can do so because he is the only one to know his private key.


Why sholud user 2 encrypt the message again ? He wants clear text to read.
So he will decrypt it (or the hash value) with user 1's public key to ensure
it was sent by user 1.

Encryption will not result in clear text but in an encrypted message ;-)
We might be arguing about what we must call encryption or decryption, but
usually, if the result is clear text, I would call it decryption. If the
result is encrypted text, I would call it encryption.

[...rest snipped...]

Just my two cent
Michael

sahil malik mvp

Thank you very much for your answers.

I am absolutely crystal clear about all this now.

- Sahil Malik [MVP]
http://codebetter.com/blogs/sahil.malik/

sean hederman

We're talking about the direction of the encryption here. Since an
assymetric cipher allows a third party to encrypt but not decrypt, by
"decrypting" the message we are in fact turning it into ciphertext, but
ciphertext that can be turned into cleartext by encrypting with the public
key, which as you say allows one to ensure that the message originates from user 1. [Snip]

In a sense you're right, but what I'm trying to get across here is the
direction of the "encryption". With public key encryption there are two
directions, one direction being possible with the public key and one
direction with the private key. The point is that if you run a decryption on
cleartext, you get ciphertext that can only be turned to cleartext by encryption.