Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Asymetric public / private key

Posted on 2014-04-02
5
Medium Priority
?
319 Views
Last Modified: 2016-03-23
I have been doing some reading and I need to get this right

In the public / private key system

1> The public key ALWAYS encrypts the data

2> The private key ALWAYS decrypts the data

publick keys can not decrypt and private keys can not encrypt

Is this correct ?

njd
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:mebaby333
ID: 39972758
Yes
0
 
LVL 4

Accepted Solution

by:
Pancake_Effect earned 2000 total points
ID: 39972777
I believe it can go both ways, but are used differently.

For example John Doe has some important stock information he want's to send to his clients. He would use his private key to encrypt the data. He would send his public key to his clients that they would use to decrypt the data. ONLY the correlating public key would be able to decrypt the data. This is because the private key and public key are mathematically related...someone can't just make up the public key that works with John Doe's private key.

If the client's wanted to respond to John Doe after receiving the stock information, they could use their public key to encrypt the message and John Doe would use his Private key to decrypt it. But a public key is public, so how do they know who it really came from? They could use certificates or digital signing. The only other problem sending via public key to the private key is ONLY John Doe can read it, because only he has his own private key.

So to sum it up, I believe both keys and encrypt and decrypt, but the intended parties, or the amount of people available in each party differs.

I'm majoring is cyber security, and this is my perspective of it based off my previous courses. Please correct me anyone if I'm wrong.
0
 
LVL 5

Expert Comment

by:mebaby333
ID: 39972797
If you were to email it back wouldn't you need to use John Does public key at that point?
0
 
LVL 4

Expert Comment

by:Pancake_Effect
ID: 39972808
Yep, sorry I  vaguely stated "their public key" I meant to state "their public key from John Doe." Should of edited that.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39973658
Short answer is - it depends.

In many asymmetric crypto methods, the keypairs form a single operation - such that performing method m on a text t with a one of the two keys, then again with the other, gives the original plaintext.

That being true, the public key HALF of the keypair is the one you give out, the private key half is the half you keep secret - often the public key half includes some arbitrary constant or canned value for simplicity, but they could as easily be random.

In RSA, the public key is the pair of an exponent and a calculated modulus. For ease of use, the exponent is often a power of 2 (because in binary, raising to a power of 2 is just a left-shift operation) and the decryption key calculated using this as its "partner".

now, add to that the fact that most cryptographic signatures are the reverse operation (you encrypt with the secret key, so that anyone can decrypt with the public key) and you have the idea.

In cases where the above relationship is not true, then you need to have separate encryption and signing keys -  in those cases, the encryption key is kept secret, and the decryption key published.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question