[erlang-questions] Private key encryption

Nuku Ameyibor nayibor@REDACTED
Wed Apr 15 03:25:49 CEST 2015


hi Martin,

just to add a little to

step 1 )
there is also the option of  encrypting one file but using multiple
recipients for that single encryption  step instead of looping and
encrypting it differently for each recipients public key
so  marcus could   obtain a list of all the recipients keys and encrypt the
single file  he wants to send around and get a single output encrypted file
 which is sent to all the recipients .
each recipient can decrypt the output file using his own private key .
this can prove convenient especially when u have multiple recipients  for
the same file .
 i use bash/gpg for this on a daily basis to send sensitive files to
multiple recipients  but the idea can still be used in your scenario above .





On Tue, Apr 14, 2015 at 9:28 PM, Martin Karlsson <martink@REDACTED>
wrote:

> Hi Marcus,
>
> It is getting better:)
>
> My only problem with this is that you are still using private_encrypt
> (end hence public decrypt).
>
> How are you going the distribute the RSA public key? Normally the
> public key is meant to be public but if something is encrypted using
> the RSA private key *any* party holding the RSA public key can decrypt
> the cipher.
>
> This means that you need to securely deliver the RSA public key. And
> if you had a way to securely distribute a key you wouldn't need RSA
> crypto in the first place:) (you would of course then securely
> distribute the shared secret)
>
> Public Key Crypto is mainly there to be able to share a secret key and
> this can be done in one of two ways:
>
> 1) Your friends send their public RSA key to you. You do encryption as
> above but replace step 3 with a public encrypt using your friends RSA
> key. Then they will decrypt the shared secret using their private key.
>
> In this case it doesn't matter who gets the public key because it is
> only the one holding the private key that can decrypt.
>
> 2) You send your friends your public RSA key. They generate a shared
> secret which they encrypt using your public key and then sends to you.
> You decrypt the shared secret with your private key and then use that
> shared secret to encrypt the file and send to you friend.
>
> Hopefully I've got this right.
>
> Cheers,
> Martin
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150415/ef22b5d8/attachment.htm>


More information about the erlang-questions mailing list