File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services Certification (SCDJWS/OCEJWSD) and the fly likes XKMS question from Mikalai's note Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Certification » Web Services Certification (SCDJWS/OCEJWSD)
Bookmark "XKMS question from Mikalai Watch "XKMS question from Mikalai New topic
Author

XKMS question from Mikalai's note

Mark Heron
Greenhorn

Joined: Aug 19, 2010
Posts: 20
Hi,

I was going through XKMS content from Mikalai's online study guide.(http://java.boot.by/scdjws5-guide/ch08s02.html) I came across this statement.

PKI refers to a set of security services for authentication, encryption and digital certificate management under which documents are encrypted with a private key and decrypted using a publicly available key accessible to the recipient via a network.


Shouldn't it be reverse like "...encrypted with a public key and decrypted using private key..."?

Thanks
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Hi!
As far as I understand, you can encrypt data using either the public or private key, as long as you use the other, that is the private or public key, to decrypt the data.
The most common case is encryption using the public key, which is freely distributed. The encrypted data can then only be decrypted by the party that holds the private key, which is supposed to be a well-kept secret.
With signing of data only one party is supposed to be able to produce a signature of some data while anyone is supposed to verify from where the signature came. Thus, the private key is used to sign the data and the public key can then be used to verify the signature.
Best wishes!


My free books and tutorials: http://www.slideshare.net/krizsan
Mark Heron
Greenhorn

Joined: Aug 19, 2010
Posts: 20

Thanks Ivan for your explanation !!
Dan Drillich
Ranch Hand

Joined: Jul 09, 2001
Posts: 1164
Public-key cryptography describes what Ivan just said -
The two main branches of public key cryptography are:

Public key encryption: ...

Digital signatures: a message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key (and therefore is likely to be the person associated with the public key used), and the part of the message that has not been tampered with. On the question of authenticity, see also message digest.


Regards,
Dan


William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: XKMS question from Mikalai's note
 
Similar Threads
Encryption Performance
problem in encryption of encrypted xml file....
each time encryption gives different result......??
Browser and Server SSL communication
Is this Right regarding PKI