Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
CompTIA
Security+
KEYS- SMIME/PGP and digital signatures
9MMMAC
Hello everybody! Please consider this statement: When using SMIME, the symmetric key is encrypted with the recipient's
public
key, but when using a digital signature, it's encrypted with the sender's
private
key. True? I think it is because a digital signature relies on the fact that a message encrypted with the sender's private key
has
to match what's recovered with the sender's public key, and SMIME (and PGP???) use the recipient's public key to send emails, which can be opened
only
with the recipient's private key.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
dynamik
Yes, if you want to encrypt something, you use the recipient's public key. Anyone who has access to his public key will be able to send an encrypted message to him, but he is the only one who will be able to decrypt it.
If you want to sign something, you use your own private key. That way, anyone who has access to your public key will be able to verify that the message is authentic. This provides integrity, not confidentiality.
Welcome to the forums
msbachman
@ Dynamik, pretty sure that you mean "public key" in the first sentence above.
dynamik
Indeed. Nice catch
9MMMAC
OK! That's one down! Always good to have a guru approve things. Thank you.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
