I believe it can go both ways, but are used differently.
For example John Doe has some important stock information he want's to send to his clients. He would use his private key to encrypt the data. He would send his public key to his clients that they would use to decrypt the data. ONLY the correlating public key would be able to decrypt the data. This is because the private key and public key are mathematically related...someone can't just make up the public key that works with John Doe's private key.
If the client's wanted to respond to John Doe after receiving the stock information, they could use their public key to encrypt the message and John Doe would use his Private key to decrypt it. But a public key is public, so how do they know who it really came from? They could use certificates or digital signing. The only other problem sending via public key to the private key is ONLY John Doe can read it, because only he has his own private key.
So to sum it up, I believe both keys and encrypt and decrypt, but the intended parties, or the amount of people available in each party differs.
I'm majoring is cyber security, and this is my perspective of it based off my previous courses. Please correct me anyone if I'm wrong.
In many asymmetric crypto methods, the keypairs form a single operation - such that performing method m on a text t with a one of the two keys, then again with the other, gives the original plaintext.
That being true, the public key HALF of the keypair is the one you give out, the private key half is the half you keep secret - often the public key half includes some arbitrary constant or canned value for simplicity, but they could as easily be random.
In RSA, the public key is the pair of an exponent and a calculated modulus. For ease of use, the exponent is often a power of 2 (because in binary, raising to a power of 2 is just a left-shift operation) and the decryption key calculated using this as its "partner".
now, add to that the fact that most cryptographic signatures are the reverse operation (you encrypt with the secret key, so that anyone can decrypt with the public key) and you have the idea.
In cases where the above relationship is not true, then you need to have separate encryption and signing keys - in those cases, the encryption key is kept secret, and the decryption key published.
0
Featured Post
Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.