Public & Private Key
in [Cryptography]
|
Prev: Workshop “Medical Imaging Systems” within EUROMEDIA 2010 – Announce & Call for Papers
Next: Diffie Hellman Question
From: Giuliano Bertoletti on 19 Dec 2009 06:59 Hello, In general the only requirement for an assymmetric cryptosystem is that the private key cannot be derived from the public key. The opposite might or might not be true depending on the PK system, but in general is not important. For example in RSA the opposite is true because private and public exponents are equivalent in the sense that what one does is undone by the other. Then for convenience we choose small (and therefore easily guessable) exponents we elect to be public but that's only to speed up encryption and verification (two public operations). Also, along with the private exponent you need also public data (i.e. the modulus) to perform any meaningful operation (like signature and decyption), so the idea is that public is public, private is private + public. If you include all the public stuff in the private, you've the advantage that you keep data in only one place and your system is perfectly functional; at most you might have to ask a CA for resigning your public key. Finally there exist PK systems like HFE where the public key has to be derived from the private. Cheers, Giulio. Pink ha scritto: > Since the private key cannot be derived from the public key in a PKI, I > always assumed that the reverse was also true. > However, looking at the way openssl rsautl command line generates a > keypair - seems to be a 2 step process. > 1st step is a private key & the second step is generation of the public key > from the private key, looks like my assumption may not be true or is that > the first step in the openssl command line generates both & the > second step just extracts the public key from the public-private key pair? > > > > |