• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 225
  • Last Modified:

Private Key Password

I have set up a application that creates a digital signature using a certificate.  I installed the certificate with the private key using certificate services.  The application seems to work as it shoud but does not ask me for the password for the private key before encryption.
0
Kevin Robinson
Asked:
Kevin Robinson
  • 2
1 Solution
 
Rich RumbleSecurity SamuraiCommented:
No, your only signing the message, your not encrypting it... http://en.wikipedia.org/wiki/Public-key_cryptography
public key digital signature — allowing anyone to verify that a message was created with a specific private key.
The public key is available for others the check that the private key created the file/message.
http://en.wikipedia.org/wiki/Public_key_certificate
-rich
0
 
Kevin RobinsonPrivate VB.NET ContractorAuthor Commented:
"No, your only signing the message"  

This is exactly what I want to do.  I want to use this signature as a replacement for a physical signature.
0
 
Rich RumbleSecurity SamuraiCommented:
The password you supply is what each of the keys derive the hash's from... when you setup, you input a password, then the private key is made based on that password, and the public key is made based on the private key. You never need a password again, just the key's.
Are you trying to sign emails? Try GPG http://www.gnupg.org/(en)/documentation/guides.html
http://www.experts-exchange.com/Security/Q_22041521.html#17831350
-rich
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now