I'm working on a security app and want to use RSA to encrypt with a private key and decrypt with a public key. I tried using crypto++ to decrypt plain text and then re-encrypt the decrypted plain text, but this always gives me error messages. I also tried using a signature, but this transmits the message in plain text, which I can't have. Before I get waist deep in OpenSSL, is there a good approach for doing this type of thing?
I don't think this is possible. In asymmetric key encryption, the public key is a (more-or-less) a very long prime number, and the private key is (more-or-less) the factors of that number. It's being able to factor the long public key that makes the decryption possible for the private key holder. The algorithm just doesn't work if the keys are exchanged. However, signatures are typically done with the private key. I can't remember exactly how that algorithm works, but it allows anyone who holds the public key to confirm the signature was performed by the private key holder. Would that help you?
Rob Wehrstein wrote:I'm working on a security app and want to use RSA to encrypt with a private key and decrypt with a public key.
Greg Charles wrote:I don't think this is possible.
Technically, in theory, it is possible, but it wouldn't be very useful. Basically, RSA encryption uses two keys -- that has a few properties.
First, given any key, it should not be possible to determine the other key in the pair. The algorithm that generate the keys generates the pair from a random number, and should not be reversible.
Second, encryption with either key can only be decrypted by the other key. It actually doesn't matter which key you make the public key -- just pick one as the public key and one as the private key. The public key can be released without any concern for security, while the private key should *never* be released.
So, encypting with the private key is not very useful, because the public key is ... well ... public, so anyone can decrypt the cipher text. The correct practice is to encrypt with the receiver's public key, so that the receiver can decrypt it with its private key.
Greg Charles wrote:However, signatures are typically done with the private key. I can't remember exactly how that algorithm works, but it allows anyone who holds the public key to confirm the signature was performed by the private key holder.
Basically, how it works is an agreed upon text is encrypted with the private key, which can be decrypted with the public key. As already mentioned, this is not very useful for data protection, as anyone can decrypt the cipher text.
However, with signatures, we are not trying to protect the data -- instead we are trying to authenticate the sender. If you can take a signature, decrypt it with the public key (assuming from an authenticated source), and get the value that you expected.... then you authenticated the sender, as only the owner of the private key can create the signature.
It is theoretically possible to encrypt with the RSA private key and decrypt with the associated public key. The public and private key have a common modulus and different exponents but these exponents can be used in exactly the same way regardless of whether one is using the private or public exponent. But - one can perform decryption much more efficiently using the private exponent if one also has φ(n) (see Wikipedia RSA entry) . It is normal for the public exponent to be very small (the Sun/Oracle JRE uses 65537 by default) so if one has the private key the public key can usually be easily deduced which makes encrypting with the private key just about useless except when used to generate a signature.
permaculture is a more symbiotic relationship with nature so I can be even lazier. Read tiny ad:
SKIP - a book about connecting industrious people with elderly land owners