[pycrypto] Pycrypto question.

jd jdsw2002 at yahoo.com
Tue May 4 11:04:27 CST 2010


Thanks for the response.(Sorry ..for late response. Somehow this went in to my spam folder.)

Yes, I indeed want to use private key to encrypt (oops.. sign) and decrypt (verify) using public/private key pairs.


Would anyone point to the example usage/pseudo code that I can try out.

Didnt find method details over here.
http://www.dlitz.net/software/pycrypto/apidoc/Crypto.PublicKey.RSA-module.html

I am assuming that the intent is clear from the example.
Some Text ===> Encrypt (optionally) sign (using private key) ===> encrypted message
encrypted message ==> (optionally) Verify and decrypt (using public key) ==> original message (Some Text)

Also, would appreciate if instead of generating keys as in sample program, is there a way to use publick/private keys used by ssh-keygen -t rsa.

Help is much appreciated.
Thanks




/Jd


--- On Sun, 5/2/10, Lorenz Quack <don at amberfisharts.com> wrote:

> From: Lorenz Quack <don at amberfisharts.com>
> Subject: Re: [pycrypto] Pycrypto question.
> To: "PyCrypto discussion list" <pycrypto at lists.dlitz.net>
> Date: Sunday, May 2, 2010, 1:52 PM
> On 05/02/2010 10:36 PM, Glenn
> Linderman wrote:
> > On 5/2/2010 1:13 PM, Lorenz Quack wrote:
> >> Hi Jd,
> >>
> >> On 05/02/2010 10:02 PM, jd wrote:
> >>
> >>> Hi everyone,
> >>>
> >>> I am trying to implement a simple pub/private
> key scheme. Want to encrypt bunch of things and decrypt it
> using public
> >>> key (which will be distributed).
> >>>
> >> You seem to have some misconceptions about how
> public key cryptography works.
> >> I suggest you (re-)read up on it. Wikipedia will
> probably cover the basics.
> >> For starters, by definition you use the *public*
> key for encrypt and the privat one for decryption.
> >>
> >
> > Indeed, Wikipedia has an article. And in the first
> paragraph [1] they
> > describe one use case for encrypting by public key,
> and decrypting by
> > private key, and another use case for encrypting by
> private key, and
> > decrypting by public key. It might be appropriate to
> figure out what use
> > case the OP has before declaring definitions for a
> particular use case.
> > Now as far as what the APIs are called, that might be
> a different story :)
> >
> > [1] *Public-key cryptography* is a cryptographic
> > <http://en.wikipedia.org/wiki/Cryptography> approach
> which involves the
> > use of asymmetric key algorithms instead of or in
> addition to symmetric
> > key algorithms <http://en.wikipedia.org/wiki/Symmetric_key_algorithm>.
> > Unlike symmetric key algorithms, it does not require a
> secure
> > <http://en.wikipedia.org/wiki/Secure_channel> initial
> exchange
> > <http://en.wikipedia.org/wiki/Key_exchange> of one or
> more secret keys
> > <http://en.wikipedia.org/wiki/Secret_key> to both
> sender and receiver.
> > The asymmetric key algorithms are used to create a
> mathematically
> > related key pair: a secret private key and a published
> public key. Use
> > of these keys allows protection of the authenticity
> > <http://en.wikipedia.org/wiki/Authenticity> of a
> message by creating a
> > digital signature <http://en.wikipedia.org/wiki/Digital_signature> of
> a
> > message using the private key, which can be verified
> using the public
> > key. It also allows protection of the confidentiality
> > <http://en.wikipedia.org/wiki/Confidentiality> and
> integrity
> > <http://en.wikipedia.org/wiki/Integrity> of a
> message, by public key
> > encryption <http://en.wikipedia.org/wiki/Encryption>, encrypting
> the
> > message using the public key, which can only be
> decrypted using the
> > private key.
> >
> 
> Granted "definition" may have been a poor choice of word.
> But AFAIK the use case of "encrypting" via the private key
> is generally called signing.
> So I assumed that the OP had the wrong idea about how the
> scheme is used because he didn't
> use the generally accept terminology. If that was
> presumptuous I hereby apologize.
> 
> So, to come back to the OPs question:
> if you use a RSA key to encrypt a message like you did in
> your example internally it uses the public
> part of the key pair for encryption. you would then have to
> use the private part to decypt it.
> If on the other hand you really want to encrypt with the
> private part and decrypt with the public part
> then know that this is usually refered to as signing and
> verifying (verification?).
> There is also and API for this in PyCrypto.
> 
> Hope this is clearer and more helpful than my last
> message.
> 
> have a nice day
> //Lorenz
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
> 


      



More information about the pycrypto mailing list