[pycrypto] Pycrypto question.

death Deathzor at Deathzor.com
Tue May 4 17:56:10 CST 2010


Could be a typo here but you use the PUBLIC key to encrypte and verify
and you use the Private key to SIGN and decrypte and generated the
public key. 



On Tue, 2010-05-04 at 10:04 -0700, jd wrote:
> Thanks for the response.(Sorry ..for late response. Somehow this went in to my spam folder.)
> 
> Yes, I indeed want to use private key to encrypt (oops.. sign) and decrypt (verify) using public/private key pairs.
> 
> 
> Would anyone point to the example usage/pseudo code that I can try out.
> 
> Didnt find method details over here.
> http://www.dlitz.net/software/pycrypto/apidoc/Crypto.PublicKey.RSA-module.html
> 
> I am assuming that the intent is clear from the example.
> Some Text ===> Encrypt (optionally) sign (using private key) ===> encrypted message
> encrypted message ==> (optionally) Verify and decrypt (using public key) ==> original message (Some Text)
> 
> Also, would appreciate if instead of generating keys as in sample program, is there a way to use publick/private keys used by ssh-keygen -t rsa.
> 
> Help is much appreciated.
> Thanks
> 
> 
> 
> 
> /Jd
> 
> 
> --- On Sun, 5/2/10, Lorenz Quack <don at amberfisharts.com> wrote:
> 
> > From: Lorenz Quack <don at amberfisharts.com>
> > Subject: Re: [pycrypto] Pycrypto question.
> > To: "PyCrypto discussion list" <pycrypto at lists.dlitz.net>
> > Date: Sunday, May 2, 2010, 1:52 PM
> > On 05/02/2010 10:36 PM, Glenn
> > Linderman wrote:
> > > On 5/2/2010 1:13 PM, Lorenz Quack wrote:
> > >> Hi Jd,
> > >>
> > >> On 05/02/2010 10:02 PM, jd wrote:
> > >>
> > >>> Hi everyone,
> > >>>
> > >>> I am trying to implement a simple pub/private
> > key scheme. Want to encrypt bunch of things and decrypt it
> > using public
> > >>> key (which will be distributed).
> > >>>
> > >> You seem to have some misconceptions about how
> > public key cryptography works.
> > >> I suggest you (re-)read up on it. Wikipedia will
> > probably cover the basics.
> > >> For starters, by definition you use the *public*
> > key for encrypt and the privat one for decryption.
> > >>
> > >
> > > Indeed, Wikipedia has an article. And in the first
> > paragraph [1] they
> > > describe one use case for encrypting by public key,
> > and decrypting by
> > > private key, and another use case for encrypting by
> > private key, and
> > > decrypting by public key. It might be appropriate to
> > figure out what use
> > > case the OP has before declaring definitions for a
> > particular use case.
> > > Now as far as what the APIs are called, that might be
> > a different story :)
> > >
> > > [1] *Public-key cryptography* is a cryptographic
> > > <http://en.wikipedia.org/wiki/Cryptography> approach
> > which involves the
> > > use of asymmetric key algorithms instead of or in
> > addition to symmetric
> > > key algorithms <http://en.wikipedia.org/wiki/Symmetric_key_algorithm>.
> > > Unlike symmetric key algorithms, it does not require a
> > secure
> > > <http://en.wikipedia.org/wiki/Secure_channel> initial
> > exchange
> > > <http://en.wikipedia.org/wiki/Key_exchange> of one or
> > more secret keys
> > > <http://en.wikipedia.org/wiki/Secret_key> to both
> > sender and receiver.
> > > The asymmetric key algorithms are used to create a
> > mathematically
> > > related key pair: a secret private key and a published
> > public key. Use
> > > of these keys allows protection of the authenticity
> > > <http://en.wikipedia.org/wiki/Authenticity> of a
> > message by creating a
> > > digital signature <http://en.wikipedia.org/wiki/Digital_signature> of
> > a
> > > message using the private key, which can be verified
> > using the public
> > > key. It also allows protection of the confidentiality
> > > <http://en.wikipedia.org/wiki/Confidentiality> and
> > integrity
> > > <http://en.wikipedia.org/wiki/Integrity> of a
> > message, by public key
> > > encryption <http://en.wikipedia.org/wiki/Encryption>, encrypting
> > the
> > > message using the public key, which can only be
> > decrypted using the
> > > private key.
> > >
> > 
> > Granted "definition" may have been a poor choice of word.
> > But AFAIK the use case of "encrypting" via the private key
> > is generally called signing.
> > So I assumed that the OP had the wrong idea about how the
> > scheme is used because he didn't
> > use the generally accept terminology. If that was
> > presumptuous I hereby apologize.
> > 
> > So, to come back to the OPs question:
> > if you use a RSA key to encrypt a message like you did in
> > your example internally it uses the public
> > part of the key pair for encryption. you would then have to
> > use the private part to decypt it.
> > If on the other hand you really want to encrypt with the
> > private part and decrypt with the public part
> > then know that this is usually refered to as signing and
> > verifying (verification?).
> > There is also and API for this in PyCrypto.
> > 
> > Hope this is clearer and more helpful than my last
> > message.
> > 
> > have a nice day
> > //Lorenz
> > _______________________________________________
> > pycrypto mailing list
> > pycrypto at lists.dlitz.net
> > http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
> > 
> 
> 
>       
> 
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto




More information about the pycrypto mailing list