On 04/12/17 19:20, Nicolas Therrien wrote: > " Asymmetric encryption uses a public and a >> private encryption key. The public key, which as its name states, is >> public, i.e. it is available to all. The private key is and must be >> closely guarded. A message encrypted with the private key can be >> decrypted by the public key and vis-a-versa." > > This is not true.
Yes, it is true. > > The principle of asymmetric encryption is based on the fact that this is a > one-way communication channel. Only the public key can encrypt data, and > only the private key can decrypt data. The above statement is incorrect. > This is not reversible. The private key cannot be used to encrypt and the > public key cannot be used to decrypt. So is the statement above. > This is why it is called asymmetric, as opposed to symmetric where both ends > can both encrypt and decrypt. Again, no. It is called asymmetric because whichever key you use to encrypt, you must use the other key to decrypt. In symmetric encryption there is a single key that encrypts and decrypts. As an aside, encrypting with the private key and decrypting with the public key is a key element of how digital signatures work. I recommend viewing the "Introduction to Tomcat and TLS" presentation from this page: http://tomcat.apache.org/presentations.html It is a little simplistic, but it covers the basics. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
