Solved

Asymetric public / private key

Posted on 2014-04-02
5
315 Views
Last Modified: 2016-03-23
I have been doing some reading and I need to get this right

In the public / private key system

1> The public key ALWAYS encrypts the data

2> The private key ALWAYS decrypts the data

publick keys can not decrypt and private keys can not encrypt

Is this correct ?

njd
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:mebaby333
ID: 39972758
Yes
0
 
LVL 4

Accepted Solution

by:
Pancake_Effect earned 500 total points
ID: 39972777
I believe it can go both ways, but are used differently.

For example John Doe has some important stock information he want's to send to his clients. He would use his private key to encrypt the data. He would send his public key to his clients that they would use to decrypt the data. ONLY the correlating public key would be able to decrypt the data. This is because the private key and public key are mathematically related...someone can't just make up the public key that works with John Doe's private key.

If the client's wanted to respond to John Doe after receiving the stock information, they could use their public key to encrypt the message and John Doe would use his Private key to decrypt it. But a public key is public, so how do they know who it really came from? They could use certificates or digital signing. The only other problem sending via public key to the private key is ONLY John Doe can read it, because only he has his own private key.

So to sum it up, I believe both keys and encrypt and decrypt, but the intended parties, or the amount of people available in each party differs.

I'm majoring is cyber security, and this is my perspective of it based off my previous courses. Please correct me anyone if I'm wrong.
0
 
LVL 5

Expert Comment

by:mebaby333
ID: 39972797
If you were to email it back wouldn't you need to use John Does public key at that point?
0
 
LVL 4

Expert Comment

by:Pancake_Effect
ID: 39972808
Yep, sorry I  vaguely stated "their public key" I meant to state "their public key from John Doe." Should of edited that.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39973658
Short answer is - it depends.

In many asymmetric crypto methods, the keypairs form a single operation - such that performing method m on a text t with a one of the two keys, then again with the other, gives the original plaintext.

That being true, the public key HALF of the keypair is the one you give out, the private key half is the half you keep secret - often the public key half includes some arbitrary constant or canned value for simplicity, but they could as easily be random.

In RSA, the public key is the pair of an exponent and a calculated modulus. For ease of use, the exponent is often a power of 2 (because in binary, raising to a power of 2 is just a left-shift operation) and the decryption key calculated using this as its "partner".

now, add to that the fact that most cryptographic signatures are the reverse operation (you encrypt with the secret key, so that anyone can decrypt with the public key) and you have the idea.

In cases where the above relationship is not true, then you need to have separate encryption and signing keys -  in those cases, the encryption key is kept secret, and the decryption key published.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Part One of the two-part Q&A series with MalwareTech.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question