On Fri, 15 Feb 2002, Shripal wrote: > |Huh. No. You have private keys and public keys. Public keys are distributed > |and can be used to encrypt data that only the private key can decrypt. > |Private keys can be used to sign data (actually it encrypts a hash value of > |the data such as MD5 or SHA1) and this signature can be verified > |(decrypted) > |by the public key. This is essentially true of all "public key" > |cryptography. > > If the private key is hashed while signing it by MD5 or SHA1 (both of which > are irreversible) then how does the public key decrypt it?? A hash is computed on the data and encrypted with the private key. This is the signature. The recepient then decrypts the signature with the public key and compares it with the hash of the data (which the recipient computes himself).
Mat Matej Pfajfar St John's College, University of Cambridge, UK GPG Public Key @ http://matejpfajfar.co.uk/keys Most people are good people, the rest of us are going to run the world. -- badbytes
