Public/Private Keys question

dorawedorawe Member Posts: 106
in Security+
Question for the gurus......
When using Asymmetric encryption to send a message to someone, do you always use your Private key to encrypt, or do you sometimes use the public key of the recipient? I'm studying for the exam ( plan on taking it next week) and this is a bit confusing.....
· Share on FacebookShare on Twitter

Comments

  • apena7apena7 Member Posts: 351
    Simple scenario: everyone has a public key and a private key. If I want to encrypt something and send it to you, I would encrypt it using your public key. In order for you to decrypt it, you would use your private key.
    Usus magister est optimus
    · Share on FacebookShare on Twitter
  • rsuttonrsutton Member Posts: 1,029 ■■■■■□□□□□
    apena7 wrote: »
    Simple scenario: everyone has a public key and a private key. If I want to encrypt something and send it to you, I would encrypt it using your public key. In order for you to decrypt it, you would use your private key.

    Isn't that backwards? Don't you encrypt it with the private key and the recipient decrypts it with the public key?
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    If you're sending confidential information to someone, you would use their public key since the only thing that could decrypt it would be their private key. If you used your private key, anyone who had your public key could decrypt it, which is not what you want if you're trying to maintain confidentiality.

    However, that is a typical scenario for signing. You might care only about maintaining the integrity of information, and you would then sign it with your private key, so anyone with your public key could verify the integrity with your public key.

    You can also simultaneously encrypt with the other party's public key and sign with your private key.
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Exactly = Public-key cryptography - Wikipedia, the free encyclopedia
    · Share on FacebookShare on Twitter
  • dorawedorawe Member Posts: 106
    OK, you guys are making my head hurt..........let's see if I have this straight, use the public key of the recipient to encrypt a message, or use my private key to digitally sign (no encryption of msg data)?
    · Share on FacebookShare on Twitter
  • DarrilDarril Member Posts: 1,588
    Great question. Yes, you have it right.

    Just to add a little to what others have said.

    Encrypting data. Data is encrypted with the receiver's public key and decrypted with the receiver's private key. Since no one else has the private key, no one else can decrypt the data even if it's sent over a public network like the Internet.
    This blog entry discusses how SSL uses asymmetric encryption this way.
    Security Plus: Get Certified Get Ahead: SSL, OCSP vs CRL

    Digital signatures. A hash of the message is encrypted with the sender's private key. The receiver can then decrypt the hash with the sender's public key. The public key will only decrypt data encrypted with the matching private key so if the public key decrypted it, you know it was encrypted with the matching private key and you know it was sent by that user.
    This blog entry discusses digital signatures.
    Security Plus: Get Certified Get Ahead: Digital Signatures

    HTH,

    Darril Gibson
    Author: CompTIA Security+: Get Certified Get Ahead
    www.sy0-201.com

    Security+ Blog
    Security Plus: Get Certified Get Ahead

    Security+ Tip of day Tweets
    twitter.com/DarrilGibson



    dorawe wrote: »
    OK, you guys are making my head hurt..........let's see if I have this straight, use the public key of the recipient to encrypt a message, or use my private key to digitally sign (no encryption of msg data)?
    Darril Gibson
    CompTIA A+, Network+, Security+ Blogs
    Daily Network+ and Security+ Test Taking Tips on Twitter
    · Share on FacebookShare on Twitter
  • ilcram19-2ilcram19-2 Banned Posts: 436
    in email encryption
    the most common mistake i see is the belief that possessing an email encryption centificate means that you can send encrypted email to any one in your address book and actually it is the opposite. possessing an email certificate means that maybe, just maybe, some one out there can send ""you"" an encrypted message. That is only if they can retrive your email certificate from some directory.

    same thing is applied to any other sort of file encryption since only the person who has your certificate will be able to encrypt it and ""you"" will be the only one decrypting it with you private key

    digital sign means that you are sending "your" certificate (public key) to a recipient

    encrypting means that you are encrypting email with "someone elses" certificate (public key)
    · Share on FacebookShare on Twitter
  • dorawedorawe Member Posts: 106
    Thanks guys..........the nor'easter is pounding, so I'm going to work from home.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.