Quote:
Originally posted by pod
A message encrypted with your private key will be readable by anyone who has your public key. You publish your public key so that when people use it to decrypt this message they are sure it came from you, because only you have the corresponding private key that could be used to create the message.
|
A little clarification.... as Mazer already noted, in normal message exchange public keys are used for encryption; private keys are used for decryption. Anybody can encrypt a message with your public key (assuming it is publicly distributed), and without further information in the message itself or communications with the other party you cannot tell who has done the encryption.
This being said, what Pod says is correct too: private keys can also be used to encrypt data - a handy feature for message source autenthication.
Quote:
Originally posted by pod
So if you want secure comms, you exchange your public keys, and send messages to each other using the other's public key.
|
Yes, although usually the communicating parties want to switch into a more efficient crypto method as soon as they have verified each other's identities with public/private key cryptography. As these more efficient methods (called symmetric ciphers) require sharing a
secret key (secret to outsiders), public key crypto needs to be used first to establish a secure channel through which the secret can be safely shared.
- tg
