10 Replies - 2947 Views - Last Post: 08 April 2013 - 05:02 PM

#1 k.s110  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 60
  • Joined: 13-February 13

Private Public key quesiton

Posted 25 February 2013 - 05:10 PM

For the following question I selected the answer B:

which states that the computer that the data is being sent to which is "B" you require the public key to encrypt it and then the person at the receiving end would use his/her private key to decrypt the data which sounds like B being the only correct way. Please correct me if i'm wrong...got exams coming up just checking my stuff =]


Posted Image

Uploaded with ImageShack.us

Is This A Good Question/Topic? 0
  • +

Replies To: Private Public key quesiton

#2 SpAm101  Icon User is offline

  • D.I.C Head

Reputation: 11
  • View blog
  • Posts: 54
  • Joined: 28-November 12

Re: Private Public key quesiton

Posted 11 March 2013 - 06:23 AM

I'm by no means an expert, but....

The public key used must be B's (otherwise the private key is useless), and so B would be correct, yes.

This post has been edited by SpAm101: 11 March 2013 - 06:26 AM

Was This Post Helpful? 0
  • +
  • -

#3 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 8010
  • View blog
  • Posts: 13,716
  • Joined: 19-March 11

Re: Private Public key quesiton

Posted 11 March 2013 - 07:22 AM

Please don't use images to post text. Just type it in, it won't kill you.

This is not just me being grumpy:
1. some of us disable images when browsing, for example because we're at work or to avoid distraction
2. The internet is a text-default medium. Any text posted as an image basically doesn't exist (can't be indexed, conveniently read or translated to other forms, etc)
3. Probably most important: there are a lot more people with impaired vision out there. Posting content as text allows them to access it. This is important to you because some of them probably know the thing you're looking to learn. It's also important to you because you want to live in an open society in which access to information is made as broad as possible.
Was This Post Helpful? 1
  • +
  • -

#4 Momerath  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1012
  • View blog
  • Posts: 2,444
  • Joined: 04-October 09

Re: Private Public key quesiton

Posted 02 April 2013 - 08:26 PM

Actually A would work too. Data encrypted with A's private key can be decrypted with A's public key, and it proves that the message came from A (digital signing).
Was This Post Helpful? 0
  • +
  • -

#5 sepp2k  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 2153
  • View blog
  • Posts: 3,315
  • Joined: 21-June 11

Re: Private Public key quesiton

Posted 03 April 2013 - 03:16 AM

View PostMomerath, on 03 April 2013 - 05:26 AM, said:

Actually A would work too. Data encrypted with A's private key can be decrypted with A's public key, and it proves that the message came from A (digital signing).


The question wasn't about signing though (and the terms "encrypt" and "decrypt" aren't usually used in that context as far as I am aware). It was about encryption. In an encryption scheme the public key is used to encrypt and the private key is used to decrypt.

For signing it makes sense that only the owner of the key can sign using it, but everyone can verify the signature. For an encryption scheme it would make absolutely no sense if only the owner of the key could encrypt messages, but everyone could read them. If everyone can read the encrypted messages, there'd be no point in encrypting them in the first place.
Was This Post Helpful? 0
  • +
  • -

#6 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5932
  • View blog
  • Posts: 12,857
  • Joined: 16-October 07

Re: Private Public key quesiton

Posted 03 April 2013 - 03:56 AM

View PostMomerath, on 02 April 2013 - 11:26 PM, said:

Actually A would work too. Data encrypted with A's private key can be decrypted with A's public key, and it proves that the message came from A (digital signing).


Not really. Public keys encrypt, private keys decrypt. You're assuming there is a symmetry in the algorithm used, which can't be inferred.

In a conversation, only public keys are shared; ever. Only A would have A's private key, so there is no conversation.
Was This Post Helpful? 0
  • +
  • -

#7 Momerath  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1012
  • View blog
  • Posts: 2,444
  • Joined: 04-October 09

Re: Private Public key quesiton

Posted 03 April 2013 - 06:11 AM

From http://en.wikipedia....y_cryptography:

The two main uses for public-key cryptography are:

Public-key encryption: a message encrypted with a recipient's public key cannot be decrypted by anyone except a possessor of the matching private key it is presumed that this will be the owner of that key and the person associated with the public key used. This is used to attempt to ensure confidentiality.

Digital signatures: a message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key and, therefore, is likely to be the person associated with the public key used. This also ensures that the message has not been tampered with (on the question of authenticity, see also message digest).
Was This Post Helpful? 0
  • +
  • -

#8 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 8010
  • View blog
  • Posts: 13,716
  • Joined: 19-March 11

Re: Private Public key quesiton

Posted 03 April 2013 - 06:25 AM

Yes, but the question didn't ask about signing. It asked about encryption. You're describing an authentication protocol: A wants to ensure that B knows that the messsage was sent by A, and that it's the message that A sent.
If a message can be decrypted using A's public key, then this is proof that it was encrypted using A's private key, and that exactly that message was encrypted. (because changing the ciphertext will result in complete garbage on decryption)

So yes, there is an encryption step here, so you could say that A sends encrypted data to B.
However you would not say that the message is encrypted, since anyone in the world can decrypt it using publicly available information.
Was This Post Helpful? 1
  • +
  • -

#9 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5932
  • View blog
  • Posts: 12,857
  • Joined: 16-October 07

Re: Private Public key quesiton

Posted 03 April 2013 - 11:27 AM

View PostMomerath, on 03 April 2013 - 09:11 AM, said:

Digital signatures: a message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key and, therefore, is likely to be the person associated with the public key used. This also ensures that the message has not been tampered with (on the question of authenticity, see also message digest).


Read further:

Quote

A digital signature scheme typically consists of three algorithms:

A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
A signing algorithm that, given a message and a private key, produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.

Two main properties are required. First, a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.
-- http://en.wikipedia....gital_signature


This does not imply the message in encrypted. Rather, given message and a public key you can validate the signature, than can only have been generated with the private key. They authenticates BOTH the message and the sender.
Was This Post Helpful? 0
  • +
  • -

#10 Momerath  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1012
  • View blog
  • Posts: 2,444
  • Joined: 04-October 09

Re: Private Public key quesiton

Posted 08 April 2013 - 03:45 PM

You are missing the point. Yes, it's possible to have a signing algorithm that doesn't encrypt. But you can use a public key system as a signing system. That's still not the point. The problem is you want to send encrypted data. It does say that it must be secure from decryption by anyone but system B. Option A is perfectly viable but insecure method.

Quote

In an encryption scheme the public key is used to encrypt and the private key is used to decrypt.
Not always. If you wish to send a message that you can prove only came from you, you first encrypt with your private key, then encrypt with the receivers public key. He would decrypt with his private key, then your public key. Only he could read it and could verify that you sent it.

Quote

owner of the key could encrypt messages, but everyone could read them. If everyone can read the encrypted messages, there'd be no point in encrypting them in the first place.
Other than proving that you sent that message as only you know your private key.

Quote

You're assuming there is a symmetry in the algorithm used, which can't be inferred.
No, I'm assuming there is asymmetry, as it is a public/private key system.

Quote

Yes, but the question didn't ask about signing. It asked about encryption.
You miss the point. Encryption can be uses as signing. The problem doesn't say the message has to be secure! You are making that assumption.

Quote

However you would not say that the message is encrypted, since anyone in the world can decrypt it using publicly available information.
Are DVDs encrypted? But there is publicly available information that anyone in the world can get and decrypt it. Does not mean that it isn't encrypted.
Was This Post Helpful? 0
  • +
  • -

#11 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 8010
  • View blog
  • Posts: 13,716
  • Joined: 19-March 11

Re: Private Public key quesiton

Posted 08 April 2013 - 05:02 PM

Oh, please. The question is pretty clear. If they meant digital signature, they would have said digital signature. Don't confuse the poor noobs.
Was This Post Helpful? 1
  • +
  • -

Page 1 of 1