Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
CompTIA
Security+
KEYS- SMIME/PGP and digital signatures
9MMMAC
Hello everybody! Please consider this statement: When using SMIME, the symmetric key is encrypted with the recipient's
public
key, but when using a digital signature, it's encrypted with the sender's
private
key. True? I think it is because a digital signature relies on the fact that a message encrypted with the sender's private key
has
to match what's recovered with the sender's public key, and SMIME (and PGP???) use the recipient's public key to send emails, which can be opened
only
with the recipient's private key.
Find more posts tagged with
Comments
dynamik
Yes, if you want to encrypt something, you use the recipient's public key. Anyone who has access to his public key will be able to send an encrypted message to him, but he is the only one who will be able to decrypt it.
If you want to sign something, you use your own private key. That way, anyone who has access to your public key will be able to verify that the message is authentic. This provides integrity, not confidentiality.
Welcome to the forums
msbachman
@ Dynamik, pretty sure that you mean "public key" in the first sentence above.
dynamik
Indeed. Nice catch
9MMMAC
OK! That's one down! Always good to have a guru approve things. Thank you.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
