[plug] [semi-OT] Public/private keys?

Sun Nov 24 12:13:30 WST 2002

Hi Andrew

Firstly, you cannot decrypt ciphertext by "reversing" the algorithm used to
encrypt it.  It is complicated, but the original text is processed many
times and the logic employed in some of the manipulations is such that:

A -->(process)-->B    but B -->(reverse process)  !>A  (you cannot ge A from
B)

If you can accept that as fact for now, this is how it works ........

The Private Key and Public Key are a pair which work together
The Public Key encrypts text
The Private Key decrypts text
Anyone can get hold of your public key
Only you have access to your private key

So, in the first scenario, someone sends you a message.  They encrypt it
with your public key so no one can read it.  You decrypt it with you private
key.

The sender knows that only YOU can receive it
but, you don't know for sure, the ID of the sender - could be anyone, ....
so

Second scenario, using sender's keys as well as receiver's keys:
Sender encrypts messages with receiver's public key;
Sender signs message with text encrypted with sender's private key
Receiver decrypts message with his/her own private key
Receiver decrypts signature message with SENDER'S Pubic Key

This latter scenario is an example of DIGITAL SIGNATURES, where by the
sender knows that only the receiver can decipher the message and the
receiver knows that only the sender could have digitally signmed the
message.

After that we can get into DIGITAL ENVELOPES,   DIGITAL CERTIFICATES, and
other security measures, but I hope I have answered the question.

Just to reitterate two iimportant points:

1.. You cannot et back the original text by reversing the algorithm used to
encrypt it;
2.  Public and Private Keys are matched pairs which work together.

Kind regards,

James Elliott

----- Original Message -----
From: "Andrew Furey" <simpware at yahoo.com>
To: <plug at plug.linux.org.au>
Sent: Saturday, November 23, 2002 4:30 PM
Subject: [plug] [semi-OT] Public/private keys?

Hi all,

Just a general question on the principals of public
key cryptography.

I understand that encrypting a document with the
private key can only be decrypted by the matching
public key, and vice versa. I don't necessarily
understand _how_ that works, but I'll take their word
for it :)

My question is, doesn't that mean that it would be
somehow possible to derive someone's private key from
their public one, using some sort of inverse function?
Presumably there must be checks in place to prevent
that, but how do they work?

Just curious
Andrew

=====
Linux supports the notion of a command line or a shell for the same
reason that only children read books with only pictures in them.
Language, be it English or something else, is the only tool flexible
enough to accomplish a sufficiently broad range of tasks.
                          -- Bill Garrett

http://www.yahoo.promo.com.au/hint/ - Yahoo! Hint Dropper
- Avoid getting hideous gifts this Christmas with Yahoo! Hint Dropper!