Win a copy of Pipeline as Code this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Rob Spoor
  • Henry Wong
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Carey Brown
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh
  • Jj Roberts

Want to encrypt with private key decrypt with public key

 
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm working on a security app and want to use RSA to encrypt with a private key and decrypt with a public key. I tried using crypto++ to decrypt plain text and then re-encrypt the decrypted plain text, but this always gives me error messages. I also tried using a signature, but this transmits the message in plain text, which I can't have. Before I get waist deep in OpenSSL, is there a good approach for doing this type of thing?
 
Sheriff
Posts: 3036
12
Mac IntelliJ IDE Python VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't think this is possible. In asymmetric key encryption, the public key is a (more-or-less) a very long prime number, and the private key is (more-or-less) the factors of that number. It's being able to factor the long public key that makes the decryption possible for the private key holder. The algorithm just doesn't work if the keys are exchanged. However, signatures are typically done with the private key. I can't remember exactly how that algorithm works, but it allows anyone who holds the public key to confirm the signature was performed by the private key holder. Would that help you?
 
author
Posts: 23897
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Rob Wehrstein wrote:I'm working on a security app and want to use RSA to encrypt with a private key and decrypt with a public key.



Greg Charles wrote:I don't think this is possible.




Technically, in theory, it is possible, but it wouldn't be very useful. Basically, RSA encryption uses two keys -- that has a few properties.

First, given any key, it should not be possible to determine the other key in the pair. The algorithm that generate the keys generates the pair from a random number, and should not be reversible.

Second, encryption with either key can only be decrypted by the other key. It actually doesn't matter which key you make the public key -- just pick one as the public key and one as the private key. The public key can be released without any concern for security, while the private key should *never* be released.

So, encypting with the private key is not very useful, because the public key is ... well ... public, so anyone can decrypt the cipher text. The correct practice is to encrypt with the receiver's public key, so that the receiver can decrypt it with its private key.

Henry
 
Henry Wong
author
Posts: 23897
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Greg Charles wrote:However, signatures are typically done with the private key. I can't remember exactly how that algorithm works, but it allows anyone who holds the public key to confirm the signature was performed by the private key holder.



Basically, how it works is an agreed upon text is encrypted with the private key, which can be decrypted with the public key. As already mentioned, this is not very useful for data protection, as anyone can decrypt the cipher text.

However, with signatures, we are not trying to protect the data -- instead we are trying to authenticate the sender. If you can take a signature, decrypt it with the public key (assuming from an authenticated source), and get the value that you expected.... then you authenticated the sender, as only the owner of the private key can create the signature.

Henry
 
Bartender
Posts: 1166
17
Netbeans IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It is theoretically possible to encrypt with the RSA private key and decrypt with the associated public key. The public and private key have a common modulus and different exponents but these exponents can be used in exactly the same way regardless of whether one is using the private or public exponent. But - one can perform decryption much more efficiently using the private exponent if one also has φ(n) (see Wikipedia RSA entry) . It is normal for the public exponent to be very small (the Sun/Oracle JRE uses 65537 by default) so if one has the private key the public key can usually be easily deduced which makes encrypting with the private key just about useless except when used to generate a signature.
 
permaculture is a more symbiotic relationship with nature so I can be even lazier. Read tiny ad:
SKIP - a book about connecting industrious people with elderly land owners
https://coderanch.com/t/skip-book
reply
    Bookmark Topic Watch Topic
  • New Topic