Security Basics mailing list archives

RE: Basic Questions about PKI

From: Erik Rozman <dracula () netvision net il>
Date: Wed, 08 Oct 2003 09:53:24 +0200

Hi Roger,

A. Correct.

B.Correct. There is no danger of tampering since if someone
tampers with the information he will have to re-encrypt the new hash with
your
Private key(something that we hope he doesn't poses).

C.Yup.

D.Yes. That is why we use our Private key to authenticate ourselves and not
to
encrypt information. If we would like to encrypt the information for another
person
we would need his public key.

Take a look at the following document I wrote that summarizes the subject:
http://www.linearc.net/documents/enca.pdf
If you encounter any mistakes or inaccuracies please inform me.

And in addition I recommend the following book:
http://www.amazon.co.uk/exec/obidos/ASIN/0072131233/ref=sr_aps_books_1_1/202
-0155887-6876679

Bye,
Erik.

-----
Erik Rozman, MCSE, MCSA, MCP+I, MCT, MS MVP, CCNA, CNA, (LL.B).
Senior Trainer and Consultant
John Bryce
http://www.linearc.net
 


-----Original Message-----
From: Roger A. Grimes [mailto:rogerg () cox net] 
Sent: Wednesday, October 08, 2003 12:43 AM
To: security-basics () securityfocus com
Subject: Basic Questions about PKI

Can someone that knows PKI cold confirm my knowledge of PKI?

Here's what I think I know about PKI (accurate or not I'm not sure):

a.  People ENCRYPT messages to me with my PUBLIC key and send the encrypted
message to me, and only I can open the encrypted message...because ONLY my
PRIVATE key can decrypt messages encrypted with my PUBLIC key.

b.  If I want to SIGN a message, I use my private key to sign the message
digest (ENCRYPTING the hash result).  The receiver who wants to rely on my
signed message uses my PUBLIC key to DECRYPT my encrypted message digest.

c.  Both private and public keys can decrypt, and both private and public
keys can encrypt.  It just depends on the situation of what we use when.

Is that logic correct?

Could we encrypt messages that we want to send to others with our private
key (but don't because if we did anyone with our public key could read) the
seemingly private message?

Roger


****************************************************************************
****
*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE (NT/2000), CNE (3/4), A+
*email: rogerg () cox net
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of upcoming Honeypots for Windows (Apress)
****************************************************************************
*****


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Attachment: smime.p7s
Description:

Current thread:

Basic Questions about PKI Roger A. Grimes (Oct 07)
- RE: Basic Questions about PKI David Gillett (Oct 08)
- Re: Basic Questions about PKI Meritt James (Oct 08)
- RE: Basic Questions about PKI Erik Rozman (Oct 08)
- Re: Basic Questions about PKI Michael Sconzo (Oct 08)
- <Possible follow-ups>
- RE: Basic Questions about PKI Kenneth Buchanan (Oct 08)
- RE: Basic Questions about PKI Chee Young, Tan (Oct 08)
  - RE: Basic Questions about PKI Hussein Ghazy (Oct 09)
- RE: Basic Questions about PKI Kenneth Buchanan (Oct 08)