[erlang-questions] Private key encryption

Martin Karlsson martink@REDACTED
Tue Apr 14 23:28:50 CEST 2015


Hi Marcus,

It is getting better:)

My only problem with this is that you are still using private_encrypt
(end hence public decrypt).

How are you going the distribute the RSA public key? Normally the
public key is meant to be public but if something is encrypted using
the RSA private key *any* party holding the RSA public key can decrypt
the cipher.

This means that you need to securely deliver the RSA public key. And
if you had a way to securely distribute a key you wouldn't need RSA
crypto in the first place:) (you would of course then securely
distribute the shared secret)

Public Key Crypto is mainly there to be able to share a secret key and
this can be done in one of two ways:

1) Your friends send their public RSA key to you. You do encryption as
above but replace step 3 with a public encrypt using your friends RSA
key. Then they will decrypt the shared secret using their private key.

In this case it doesn't matter who gets the public key because it is
only the one holding the private key that can decrypt.

2) You send your friends your public RSA key. They generate a shared
secret which they encrypt using your public key and then sends to you.
You decrypt the shared secret with your private key and then use that
shared secret to encrypt the file and send to you friend.

Hopefully I've got this right.

Cheers,
Martin



More information about the erlang-questions mailing list