All geek questions in one place

Are interchangeable keys and private keys interchangeable?

On the one hand, I hear people say that these two keys are completely interchangeable, the first will decrypt what is encrypted by the second. This makes me think that these two keys are interchangeable.

But, on the other hand, the generated RSA keys have different lengths, and in another topic, encryption using the private key was called “signature” and was considered less secure than public key encryption. (2)

In addition to this comes the idea that the secret key should remain undisclosed when the public key must be openly distributed in the wild. (3)

I planned to receive data from a unique server, so my idea was to keep the public key on this server to encrypt data and distribute the private key to all possible clients, but this contradicts (3). Conversely, if I distribute public keys and encrypt my data using a private key, encryption is less secure in accordance with (2).

Do I have to distribute the public key and encrypt using the private one to satisfy (2) or vice versa?

NB: in my case, performance is not a problem.

+6
source share
3 answers

Your public key is used to encrypt the message, and your private key is to decrypt it. Thus, with the public key that you distribute, anyone can encrypt the message in security, knowing that only you (or someone with your private key) can decrypt it. To answer your question directly, no, they are not interchangeable . You should never distribute your private key.

If you want to share the key with several potential customers, then there really are two options. Either you refuse asymmetric cryptography, or find a safe way to distribute a symmetric key for use with something like AES instead of RSA, each of them or ask each of them to create a key pair and provide you with your public key. Then you can decrypt what comes from the server and re-encrypt for each client. The number of customers will help dictate your choice between them.

+4
source

The answer depends on whether you ask your question out of mathematical curiosity or for purely practical cryptographic reasons.

  • If you implement a cryptosystem, you should never disclose your private key, so in this sense, the keys are absolutely not interchangeable. In addition, the use case that you describe seems like a good match for authentication, not privacy, so the message sent by the server to the clients really needs to be signed and not encrypted. If you need privacy, you will need a few more steps in your protocol.

  • From a mathematical point of view, the OTOH answer is yes, assuming that you are using an internal representation of a private key that contains only module N and indicator D, and another indicator E is generated randomly, The formula describing the relationship between the two indicators is 1 = E * D (mod phi (N)), therefore, from a mathematical point of view, it doesn’t really matter what indicator it is.

But, on the other hand, the generated RSA keys have different lengths

If you use an implementation that creates RSA private keys that are significantly longer than the corresponding public keys, this almost always means that the implementation is completely unsuitable for using public and private keys interchangeably. The difference in length is usually associated with a combination of the following:

  • The public metric E is not randomly generated, but is a small fixed constant, such as 3 or 0x10001. On the other hand, the private exponent D will be almost the same as the module, so the secret key data will be almost twice as large as the public key data. If you only have the RSA private key (N, D), your first guess about a public exponent would be either from 3 or 0x10001, and it would be easy to verify the guessing. If you want the keys to be interchangeable, the exponent that you select first must be randomly selected as an odd integer greater than 1 and less than phi (N), and without any simple factors related to N or phi (N )
  • The private key data includes the coefficients P, Q of the common module N.
  • The private key data includes the public metric E.
+13
source

public key encryption. private keys are decrypted. they do not switch.

What should you do to understand that each client (client) has a pair of private / public keys. When the server needs to send some data, it must request the public key from the client (s) and use it for encryption. Then the client (and only the right client) will be able to decrypt the information they receive (using the private private secret key).

-1
source

Source: https://habr.com/ru/post/908025/

More articles:


All Articles