Crypt signature question


#1

Hi, i use RSA keypair for singing. How jimc sayed here

Usual approach is to take a hash of the message. Encrypt the hash with your private key. People can verify the sig by decrypting the hash with your public key and seeing that it’s the same as the hash of the message.

But I can not understand why, after replacing the public key with a private key and a private one on a public key. it still works?

For example:

BigInteger encodedValue(testValue);
publicKey.applyToValue(encodedValue);
te.setText(te.getText() + "encoded             :" + encodedValue.toString(16) + "\r");

BigInteger decodedValue(encodedValue);
privateKey.applyToValue(decodedValue);
te.setText(te.getText() + "deencoded         :" + decodedValue.toString(16) + "\r");

output:

encoded :315b8ab6577ff3a11d61bc67ce6a93242b8389b454cecb8515c7988dbb283b67
deencoded :2f206edbfc83d49a7321f4e49b125ec00909645779d0333cd7292c95a06cf430

BigInteger encodedValue(testValue);
privateKey.applyToValue(encodedValue);
te.setText(te.getText() + "encoded             :" + encodedValue.toString(16) + "\r");

BigInteger decodedValue(encodedValue);
publicKey.applyToValue(decodedValue);
te.setText(te.getText() + "deencoded         :" + decodedValue.toString(16) + "\r");

output

encoded :4a8c91a3bc823f43848ec055df29593dd9d9a9760d36771ce89e5fa2324603f4
deencoded :2f206edbfc83d49a7321f4e49b125ec00909645779d0333cd7292c95a06cf430

Encoded strings are different, but the decoded ones are the same

What is the difference between a public key and a private key? Is it possible that a private key is used to create a public key? Because of this, we keep the secret key secret? Can anyone explain?


#2

Hi Navira,

The difference between key types is fairly straightforward. See https://en.wikipedia.org/wiki/Public-key_cryptography

However, encrypting and hashing are not the same thing & and have different intended uses. It sounds like you need to understand what is doing what.

Normally, one would never “decrypt” a hash, but rather compare a hash of something against a predetermined hash to determine if they are the same (e.g. digital signature). Doing this, one can verify that a message was generated by the holder of the private key.

So, the pattern described in your post would be (1) write a message, (2) hash the message, (3) encrypt the message.

Upon receipt, the receiver will (1) unencrypted the message, (2) verify the sender by comparing the hash of the message to an expectation, and (3) read the message, trusting that since the hash matched, it is from the sender.

But I can not understand why, after replacing the public key with a private key and a private one on a public key. it still works?

Keys are, as you show, just weird strings, so public vs. private is based upon how they are used.

I hope that helps.