On Fri, Dec 09, 2005 at 07:25:12AM +0100, [EMAIL PROTECTED] wrote: > >RSA Public and private keys are not used to encrypt arbitrary data, there > >are many complex traps to avoid because RSA is a commutative group. You > >use RSA private keys to sign carefully constructed message digests that > >avoid the various chosen plain-text attacks on RSA. You use RSA public > >keys to encrypt randomly generated session keys that in turn encrypt > >the message contents. All this specificed in carefully designed PKCS#N > >standards that describe correct standard use-cases of RSA cryptography. > > > >The public key is not suitable for decryption, it is only suitable for > >signature verification. Decryption is only possible with the private > >key and only if chosen-plaintext/chose-ciphertext attacks are carefully > >avoided. > > Hummm.... Victor ? > > You can cipher and decipher what you want as well as with a RSA public > and private keys ;-) > > If you cipher with the public key you have to use the private associate > key of course and vice versa. >
Yes the bit patterns of the two keys are mathematical inverses, but that is not significant. Decryption (rather than signature verification) with a *public* key makes no sense. Also RSA is never used as a bulk cipher, the chosen-plaintext and chosen-ciphertext attacks are not mere theoretical musings. Yes, the bignum value of the public key can be recast as a private key whose public key has the bits of the original private key. Mathematically these may be the same, but they are rather different as typed data structures, one is a public key and the other is a private key. You use public keys to encrypt and verify and private keys to decrypt and sign. In all cases appropriate care is required to avoid falling prey to chosen-<mumble>text attacks. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]