Public - Private key

Secure Home | Search | About

Lost Password?

Microsoft Applications Security

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Public - Private key

amsical

06-28-2007

Re: Public - Private key

jwgoerlich

06-28-2007

Re: Public - Private key

ams

07-03-2007

Re: Public - Private key

S. Pidgorny

07-04-2007

Posted by =?Utf-8?B?YW1zaWNhbA==?= on June 28, 2007, 11:46 am

If you were Registered and logged in, you could reply and use other advanced thread options

Hi,

If PC1 has public key P1 and private key A1

and

PC2 has public key P2 and private key A2

When PC1 communicates securely with PC2, PC1 will encrypt the data using the
key P2, which can be decrypted ONLY by using private key A2.

My question is,
1. If data has been encrypted using P2 why it can't be decrypted using the
same key?

2. SN.exe generates pair of public and private keys, why can't a utility be
written which will generate a Private key for a given Public key?

Thanks,
Tim

Posted by on June 28, 2007, 12:47 pm

If you were Registered and logged in, you could reply and use other advanced thread options

The short answer to (1) is that asymmetric encryption requires one key
to encrypt and a different key to decrypt. Mathematically, P1 can only
decrypt A1 and likewise A1 can only decrypt P1.

The answer to (2) is that a utility which derives a private key from a
given public key would of course break the system, because then
anything could be decrypted. Crypto systems are designed to resist
such attacks. There may be ways to do it (reaction attacks against
known plain text comes to mind) but they are not much of a risk.

Regards,

J Wolfgang Goerlich

wrote:

> Hi,

> If PC1 has public key P1 and private key A1

> and

> PC2 has public key P2 and private key A2

> When PC1 communicates securely with PC2, PC1 will encrypt the data using the

> key P2, which can be decrypted ONLY by using private key A2.

> My question is,

> 1. If data has been encrypted using P2 why it can't be decrypted using the

> same key?

> 2. SN.exe generates pair of public and private keys, why can't a utility be

> written which will generate a Private key for a given Public key?

> Thanks,

> Tim

Posted by =?Utf-8?B?YW1zaWNhbA==?= on July 3, 2007, 9:54 am

If you were Registered and logged in, you could reply and use other advanced thread options

Thanks for the reply.

I understand that these keys have large length hence these are difficult to
crack. Can you give me a simple example regarding 1.

As to what could be a very small private key and veyr small public key so
that I can see
- some data getting encrypted by public key
- the data can not be decrypted using public key
- the data can only be decrypted using private key

Thanks,
Tim

"jwgoerlich@gmail.com" wrote:

> The short answer to (1) is that asymmetric encryption requires one key

> to encrypt and a different key to decrypt. Mathematically, P1 can only

> decrypt A1 and likewise A1 can only decrypt P1.

> The answer to (2) is that a utility which derives a private key from a

> given public key would of course break the system, because then

> anything could be decrypted. Crypto systems are designed to resist

> such attacks. There may be ways to do it (reaction attacks against

> known plain text comes to mind) but they are not much of a risk.

> Regards,

> J Wolfgang Goerlich

> wrote:

> > Hi,

> >

> > If PC1 has public key P1 and private key A1

> >

> > and

> >

> > PC2 has public key P2 and private key A2

> >

> > When PC1 communicates securely with PC2, PC1 will encrypt the data using the

> > key P2, which can be decrypted ONLY by using private key A2.

> >

> > My question is,

> > 1. If data has been encrypted using P2 why it can't be decrypted using the

> > same key?

> >

> > 2. SN.exe generates pair of public and private keys, why can't a utility be

> > written which will generate a Private key for a given Public key?

> >

> > Thanks,

> > Tim

Posted by S. Pidgorny on July 4, 2007, 5:55 am

If you were Registered and logged in, you could reply and use other advanced thread options

I reckon you need to do some reading on public key cryptography. Here's a
good description of RSA, one of the algorithms:

http://en.wikipedia.org/wiki/RSA

It requires some knowledge of math. To put it simply, attacking RSA (and
most other public key algorithms) is little more complex than calculating
prime factors of a huge number. That task is complex (there is a proof of
that - understanding of which requires real knowledge of math, see
http://en.wikipedia.org/wiki/NP-complete).

Alternatively, you can just trust us: if you know public key, you don't know
private, and if you know public key and intercept communication, it's very
hard to recover the plain text.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

> Thanks for the reply.

> I understand that these keys have large length hence these are difficult

> to

> crack. Can you give me a simple example regarding 1.

> As to what could be a very small private key and veyr small public key so

> that I can see

> - some data getting encrypted by public key

> - the data can not be decrypted using public key

> - the data can only be decrypted using private key

> Thanks,

> Tim

> "jwgoerlich@gmail.com" wrote:

>> The short answer to (1) is that asymmetric encryption requires one key

>> to encrypt and a different key to decrypt. Mathematically, P1 can only

>> decrypt A1 and likewise A1 can only decrypt P1.

>> The answer to (2) is that a utility which derives a private key from a

>> given public key would of course break the system, because then

>> anything could be decrypted. Crypto systems are designed to resist

>> such attacks. There may be ways to do it (reaction attacks against

>> known plain text comes to mind) but they are not much of a risk.

>> Regards,

>> J Wolfgang Goerlich

>> wrote:

>> > Hi,

>> >

>> > If PC1 has public key P1 and private key A1

>> >

>> > and

>> >

>> > PC2 has public key P2 and private key A2

>> >

>> > When PC1 communicates securely with PC2, PC1 will encrypt the data

>> > using the

>> > key P2, which can be decrypted ONLY by using private key A2.

>> >

>> > My question is,

>> > 1. If data has been encrypted using P2 why it can't be decrypted using

>> > the

>> > same key?

>> >

>> > 2. SN.exe generates pair of public and private keys, why can't a

>> > utility be

>> > written which will generate a Private key for a given Public key?

>> >

>> > Thanks,

>> > Tim

Similar Threads	Posted
public and private cert	January 8, 2008, 12:05 am
help understanding private/public certs	September 2, 2007, 5:30 pm
RSA frustrations - encrypt with private, decrypt with public - possible?	October 24, 2005, 9:03 pm
Public Keys, Private Keys, & Certificates	January 29, 2006, 10:16 am
Using MS CA as public CA	March 31, 2007, 11:23 am
Public Key Infrastructure	September 12, 2005, 2:40 am
Public Addresses Used Internally	September 2, 2006, 5:20 pm
public xp media edition	February 20, 2007, 8:47 am
Where's my private key?	February 16, 2007, 4:57 pm
PKY gurus: why it is not necessary to install a cert under "Public	July 23, 2005, 12:16 am

The site map in XML format XML site map