summaryrefslogtreecommitdiff
path: root/pipermail/pycrypto/2012q4/000635.html
blob: e5e8a24e5f47c8b5abfd90c97d8283907a5bf10c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
 <HEAD>
   <TITLE> [pycrypto] Confused about some code in PubKey/RSA/_slowmath.py
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Confused%20about%20some%20code%20in%20PubKey/RSA/_slowmath.py&In-Reply-To=%3C50996C30.4080407%40amberfisharts.com%3E">
   <META NAME="robots" CONTENT="index,nofollow">
   <style type="text/css">
       pre {
           white-space: pre-wrap;       /* css-2.1, curent FF, Opera, Safari */
           }
   </style>
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="000634.html">
   <LINK REL="Next"  HREF="000636.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py</H1>
    <B>Lorenz Quack</B> 
    <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Confused%20about%20some%20code%20in%20PubKey/RSA/_slowmath.py&In-Reply-To=%3C50996C30.4080407%40amberfisharts.com%3E"
       TITLE="[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py">don at amberfisharts.com
       </A><BR>
    <I>Tue Nov  6 14:59:44 EST 2012</I>
    <P><UL>
        <LI>Previous message: <A HREF="000634.html">[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py
</A></li>
        <LI>Next message: <A HREF="000636.html">[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#635">[ date ]</a>
              <a href="thread.html#635">[ thread ]</a>
              <a href="subject.html#635">[ subject ]</a>
              <a href="author.html#635">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>Hi Shoufu,

first things first:
A) Cryptography is *very* hard to get right even if use a crypto library. So if
you ask these questions out of curiosity or educational purposes that is fine but
please don't use your own crypto in production code where you really need security!

B) I'm myself not a cryptography expert so take my answers with a grain of salt.

First some general explanations that might be helpful.
For answers to your actual questions scroll down to the &quot;---&quot; mark.

 From a mathematical standpoint encryption and decryption are the same operation.
Namely raise a number (this is either your plain text &quot;m&quot; or your cipher text &quot;c&quot;)
to an exponent modulo a large number (usually called &quot;n&quot;). The only difference is
what you take as the exponent. So in RSA you have two different exponents a private
one (let us call it &quot;d&quot;) and a public one (let us call it &quot;e&quot;). combined with &quot;n&quot;
these are in essence your private and public key. So now we have one mathematical
operation but four variables (&quot;m&quot;, &quot;c&quot;, &quot;d&quot;, and &quot;e&quot;) giving you these combinations:

1) m**e mod n    --&gt; encryption
2) m**d mod n    --&gt; sign
3) c**e mod n    --&gt; verify
4) c**d mod n    --&gt; decryption

---

so to answer your first question:
&quot;encrypting&quot; using your private key is called signing. Think of it this way. if you
&quot;encrypt&quot; with your private key everybody would be able to decrypt it because what
could be done with your public key which is ... well *public*

as for the second question:
this question seems to stem from the same misconception as the first one.
encryption happens with the *public* key and decryption with the *private* key.
Everybody (i.e. the public) is allowed to send you encrypted messages but only you
should be able to decrypt them in private!

I hope that answers your questions.

Sincerely yours,
Lorenz



On 11/05/2012 06:26 AM, Shoufu Luo wrote:
&gt;<i> Hi all,
</I>&gt;<i>
</I>&gt;<i> I'm trying to encrypt a message with my private key and release the encrypted to
</I>&gt;<i> others who will use my public key to decrypt. But, I failed.
</I>&gt;<i>
</I>&gt;<i> I was confused by the follwing code from PubKey/RSA/_slowmath.py of pyCrypto-2.6.
</I>&gt;<i> If anyone can give any clues to answer the following questions, I will appreciate.
</I>&gt;<i>
</I>&gt;<i> 1. Theoretically, if I encrypt date using private key, I can decrypt the encrypted
</I>&gt;<i> data using public key, and vice versa. Why the key must be a private key in
</I>&gt;<i> decryption function, line 51-52? Can't I use private key to decrypt?
</I>&gt;<i>
</I>&gt;<i> 2. _sign() should be the signature process using private key to encrypt a piece of
</I>&gt;<i> data, why it is trying to decrypt at line 70, and it should be decryption in
</I>&gt;<i> '_verify', but why it is _encrypt()?
</I>&gt;<i>
</I>&gt;<i>   49     def _decrypt(self, c):
</I>&gt;<i>   50         # compute c**d (mod n)
</I>&gt;<i>   51         if not self.has_private():
</I>&gt;<i>   52             raise TypeError(&quot;No private key&quot;)
</I>&gt;<i>   53         if (hasattr(self,'p') and hasattr(self,'q') and hasattr(self,'u')):
</I>&gt;<i>   54             m1 = pow(c, self.d % (self.p-1), self.p)
</I>&gt;<i>   55             m2 = pow(c, self.d % (self.q-1), self.q)
</I>&gt;<i>   56             h = m2 - m1
</I>&gt;<i>   57             if (h&lt;0):
</I>&gt;<i>   58                 h = h + self.q
</I>&gt;<i>   59             h = h*self.u % self.q
</I>&gt;<i>   60             return h*self.p+m1
</I>&gt;<i>   61         return pow(c, self.d, self.n)
</I>&gt;<i>   62
</I>&gt;<i>   63     def _encrypt(self, m):
</I>&gt;<i>   64         # compute m**d (mod n)
</I>&gt;<i>   65         return pow(m, self.e, self.n)
</I>&gt;<i>   66
</I>&gt;<i>   67     def _sign(self, m):   # alias for _decrypt
</I>&gt;<i>   68         if not self.has_private():
</I>&gt;<i>   69             raise TypeError(&quot;No private key&quot;)
</I>&gt;<i>   70         return self._decrypt(m)
</I>&gt;<i>   71
</I>&gt;<i>   72     def _verify(self, m, sig):
</I>&gt;<i>   73         return self._encrypt(sig) == m
</I>&gt;<i>
</I>&gt;<i>
</I>&gt;<i> Thanks,
</I>&gt;<i> Shoufu
</I>&gt;<i>
</I>
</PRE>


<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI>Previous message: <A HREF="000634.html">[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py
</A></li>
	<LI>Next message: <A HREF="000636.html">[pycrypto] Confused about some code in PubKey/RSA/_slowmath.py
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#635">[ date ]</a>
              <a href="thread.html#635">[ thread ]</a>
              <a href="subject.html#635">[ subject ]</a>
              <a href="author.html#635">[ author ]</a>
         </LI>
       </UL>

<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
View Lorry Controller Status