Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How are public and private keys different?

Tags:

cryptography

I have a follow up question to Given a private key, is it possible to derive it’s public key?

Are the public and the private keys the 'same' (in the sense that you just choose to make one public) or can you do more with the private key than with the public key?

EDIT - to better state my question:

When the two keys are generated, could I just randomly choose one of them to be the public key?

like image 668
laktak Avatar asked Mar 30 '09 09:03

laktak

People also ask

How does public key and private key work?

Public key cryptography is a method of encrypting or signing data with two different keys and making one of the keys, the public key, available for anyone to use. The other key is known as the private key. Data encrypted with the public key can only be decrypted with the private key.

What is public key and private key with example?

Public and private keys: an exampleBob wants to send Alice an encrypted email. To do this, Bob takes Alice's public key and encrypts his message to her. Then, when Alice receives the message, she takes the private key that is known only to her in order to decrypt the message from Bob.

Why is public key better than private key?

Using Public Key Pairs To Ensure Both Security and Identity The message can be transmitted openly over the Internet, and since only the recipient can decrypt the message with the appropriate private key, secure transmission is ensured.

1 Answers

Some paper descriptions present roles of public and private keys as quite symmetrical but you definitely can't swap roles of private and public key in real world.

Common usage:

  • the public key must be used for encryption and verifying signature
  • the private key must be used for decryption and signing

There is several reasons for that:

  • you don't want to leave a choice to the user as to which key should be published and which not. The public key is published worldwide and you can consider it as your public identity. The private part is needed when you have to prove to someone else that you have more insight than others about this identity: you can read messages sent to it, you are able to sign messages that can be verifyed by anyone who knows your public id. If what part of public/private key to publish were left to the user you'll end end with users publishing both. But that's not the main reason.

  • when you have private keys, you really have both keys every common implementation I know offer tools to extract public keys from private files. That's true for pgp, gpg, openssl. It means so called private key files store both private and public keys as described in algorithms. That's by design.

For exemple with openssl the sequence of commands to generate a RSA key pair can be:

openssl genrsa -out private.key 2048
openssl rsa -in private.key -pubout -out public.key

It should be clear enough that the first command generate both keys in the private key file and that the public key is merely extracted from it.

The consequence is that if your private key is ever compromized, both your keys would be compromized. The other way around is secure, you can't deduce the private key if you know the public key neither from the file nor from a mathematical attack.

  • encryption with private key is mathematically weak: well, the previous point is already enough, but some devious users could be considering using asymmetric cryptography keeping both keys hidden for exchanging data. Don't, use symmetric ciphering if you want to do that kind of exchanges. Yes it is possible to crypt a message using private key and decrypt it using public one (that's basically what is used for signing, but the use case is different as you also have initial message). Internal parameters of the two keys are not the sames and all the strongness of cryptography has been prooved only for the usual direction and common usage.
like image 54
kriss Avatar answered Oct 04 '22 08:10

kriss
Sign in to Comment

Related questions

Length of Encrypted String
AES Encryption and C#
OpenSSL using EVP vs. algorithm API for symmetric crypto
.NET implementation (libraries) of elliptic curve cryptography
What's the difference between the hash algorithms SHA-2 and SHA-3? [closed]
How to use .key and .crt file in java that generated by openssl?
Public key encryption with RSACryptoServiceProvider
Node.js - How to generate random numbers in specific range using crypto.randomBytes
How to convert from String to PublicKey?
Undefined function sha256()
PasswordDeriveBytes vs Rfc2898DeriveBytes, Obsolete but way faster
Complete list of MessageDigest available in the JDK
How to implement Triple DES in C# (complete example)
Tradingview Drawing
Does any published research indicate that preimage attacks on MD5 are imminent?
What is the difference between the x.509 V3 extensions Basic Constraints and Key Usage to create a CA certificate?
AES - Encryption with Crypto (node-js) / decryption with Pycrypto (python)
Is there an easier way to sign an XML document in Java?
AES in GCM mode in Python [closed]
Encryption: Use of initialization vector vs key?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!