Confused about Public Key Encryption

amiracleamiracle Member Posts: 1 ■□□□□□□□□□
If I read an article about Public Key Encryption at Wikipedia it tells me:

"The most obvious application of a public key encryption system is confidentiality; a message which a sender encrypts using the recipient's public key can only be decrypted by the recipient's paired private key."

If I read about digital signatures it says:

"Public-key cryptosystems allow encryption of a message with a user's private key."

I always thought it was done as the former. Alice wants to send Jon an email using public key encryption. So Jon sends his public key to Alice. Alice encrypts the message with Jon's public key and Jon decrypts it with his private key.

So why now is it being described in the later differently. Alice wants to send Jon an email using public key encryption. So Alice sends Jon her public key. Alice encrypts her message with her private key and Jon uses her public key to decrypt the message. That doesn't make sense to me.
In Christ,
Erik Fritsch


  • supertechCETmasupertechCETma Member Posts: 377
    Wikipedia is the worst possible reference you could use.
    even by their own admission:

    Wikipedia cannot guarantee the validity of the information found here. The content of any given article may recently have been changed, vandalized or altered by someone whose opinion does not correspond with the state of knowledge in the relevant fields.

    Do yourself a favor and get some proper references.
    Electronic Technicians Association-International
    The Fiber Optic Association
    Home Acoustics Alliance®
    Imaging Science Foundation
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    I recently called it a "classroom without a teacher; fun, but no authority" on a techwriter list, and rather than my personal preference, especially the lack of authority turned to be a common complaint amongst writers.

    In case you haven't read the following yet, please give it a shot and see if it makes sense. If it doesn't let us know.
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    The short answer:

    Say you want to send me an encrypted message. You use my public key to encrypt it, and only my private key can decrypt it. You use your private key to digitally sign it, and I can verify that signature with your public key. (Hence the key exchange bit.)

    (Encryption)My Pub
    \ My Priv(Decryption)
    (Dig. Sign)Your Priv
    | Message |
    / Your Pub(Verify Sign)

    Since a public key can be freely given out, seeing as how all it can really do is encrypt messages to the owner, it's easy to see how this system can be secure. The downside: it's slower than a snail in molasses, in a lot of cases. (And don't forget to go and read the long answers on this forum, and any other learning material you have. Trust me, there's a lot to it, beyond the very, very basics. Making it work is a lot harder than understanding it.)

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • TheShadowTheShadow Member Posts: 1,057 ■■■■■■□□□□
    The problem with Wikipedia is it suffers from the "if you can't dazzle um with brilliance then baffle um with BS" syndrome. There is no standards body to vet each entry and they are only removed if enough people complain. It is like in past times when people used to believe most of what they read in the newspapers or saw on TV.

    Anyway another good source for this subject is RSA Laboratories who makes boatloads of money doing PK and other forms of encryption. There are also tons of citations so that you can do your own vetting or more extensive reading. Company is top heavy with PH d's and a couple of early pioneers in the PK field.
    Who knows what evil lurks in the heart of technology?... The Shadow DO
  • Danman32Danman32 Member Posts: 1,243
    I believe technically you can use your private key to encrypt, but then you can't be sure that the intended recipient is the only one that is going to see the message, since anyone that has your public key can decrypt.

    So, you get the recipient's public key, verifying that the key you are using is indeed the intended recipients, and encrypt with that. Only he can decrypt.

    On the other hand, you can authenticate your message by encrypting with your private key, since only your public key can decrypt, and everyone knows the decrypting public key is indeed yours.

    Usually though, since the paired key encryption is a resource hog, a shared key encryption is used to do the actual encryption, where the random shared key that encrypts/decrypts for that message is negotiated using the paired key encryption.
Sign In or Register to comment.