Re: No way to encrypt with private key in C#?

Peter Webb wrote:

"Alun Harford" <devnull@xxxxxxxxxxxxxxxxx> wrote in message news:%23n7ijGuZIHA.484@xxxxxxxxxxxxxxxxxxxxxxx
Alun Harford wrote:
Sin Jeong-hun wrote:
Hello.
As far as my naive textbook knowledge goes;
1)if a file is encrypted with the private key, then it can be
decrypted with the public key,
2)if a file is encrypted with the public key, then it can be decrypted
with the private key.

Only (2) is true.

Re-reading the question, they're both true.


No.

1. is not true. I think the OP (and possibly yourself) is confused by the fact that most real systems have two public and two private keys - one for each end of the link. If a file encrypted with the private key could be decrypted with just the public key, it would be a pretty piss-poor security mechanism. What actually happens is that the sender encrypts with the recipient's public key, not his own (public or private) key.



You should be able to run data through the RSA algorithm both ways, when thinking about the keys.

The two ways are usually called encryption and signing, from public to private and back again.

The fact that signing *typically* works on a hash does not mean that it can only work on a hash, and this is what the .NET algorithm seems to be limited to. There is nothing prohibiting an application using RSA to "encrypt" the entire file using the private key and release it, so that everyone that wants to use it must first decrypt it with the public key. Since most people associate cryptography with secure information hiding, this usually rings wrong.

The reason this isn't typically done is usually both practicality and performance. To use the file, *everyone* must decrypt it. Decryption using RSA is much slower than ordinary symmetrical encryption algorithms.

So to first take a hash of the file and then encrypt that using the private key (in fact, signing the data), is both more practical (only people that wants to verify the signature needs to decrypt it) and speedier (much less data to run through like this).

If you look up RSA on wikipedia and read the signing messages section, you'll see the following text:

"Suppose Alice wishes to send a signed message to Bob. She produces a hash value of the message, raises it to the power of d mod n (as she does when decrypting a message), and attaches it as a "signature" to the message. When Bob receives the signed message, he raises the signature to the power of e mod n (as he does when encrypting a message), and compares the resulting hash value with the message's actual hash value."

The important thing to notice is that with a private and public key of the RSA algorithm, the two ways are *typically* called encryption and signing, because people tend to associate cryptography with "hiding information securely".

Another source of information is this:
http://www.di-mgt.com.au/rsa_alg.html

If you read through encryption/decryption and digital signing/signature verification you'll notice it's the exact same thing, except for which key is being used, and the addition of a message digest.

Especially noteworth is the 5th note, which reads:
"Decryption and signing are identical as far as the mathematics is concerned as both use the private key. Similarly, encryption and verification both use the same mathematical operation with the public key."

While I would typically still hold that producing a hash and signing that using the RSA algorithm with a private key, the .NET implementation is still not as useful to every and all cases as it could've been, if it had implemented both ways identicaly, and just documented how to sign and verify using one of the many hash algorithms also provided.

--
Lasse Vågsæther Karlsen
mailto:lasse@xxxxxxxxxxx
http://presentationmode.blogspot.com/
PGP KeyID: 0xBCDEA2E3
.

Relevant Pages

  • Re: CryptAPI(encryption/decryption)
    ... It seems like you're missing the Base64 decode step when trying to decrypt ... I misspelled the Private Key as Primary Key. ... Is there any variation in the encryption format in openssl compared to ... "Dylan DSilva " wrote: ...
    (microsoft.public.pocketpc.developer)
  • RE: PGP scripting...
    ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ...
    (SecProg)
  • Re: RSACryptoServiceProvider decrypt with public key
    ... private key which my programs could decipher using a public key I've ... But since private key encryption and public key decryption isn't ... > If Alice gives Bob her public key, ...
    (microsoft.public.dotnet.security)
  • RE: PGP scripting...
    ... that you keep the private key secret. ... Here is a quick over view of the public key encryption routines (the ... Since only he, through the use of his private key, can decrypt the ...
    (SecProg)
  • RSA frustrations - encrypt with private, decrypt with public - possible?
    ... -User with name "Foo" requests license. ... -User has public key, ... sufficient - I want to encrypt / decrypt a small amount of arbitrary ... "distribute private key, ...
    (microsoft.public.security)