Re: PGP scripting...

From: Valdis.Kletnieksat_private
Date: Wed Jan 08 2003 - 15:00:53 PST

  • Next message: David Wagner: "Re: PGP scripting..."

    On Wed, 08 Jan 2003 09:26:04 -1000, Jason Coombs said:
    > Aloha,
    > 
    > The public key is derived from the private key. Anyone in possession of the
    > private key is by definition also in possession of the public key. The same
    > is not true in reverse, a party can possess the public key without the
    > ability to (reasonably) discover the matching private key.
    
    Actually, it's quite possible for the same private key to match with two
    or more different public keys.  So for instance, you could have:
    
    public, private =   37, 13
    public, private =   53, 13
    
    These are of course 2 different key *PAIRS*.
    
    What you may be misunderstanding is that the key *pair* is derived from one
    number, which is usually the product of two primes.  I'd have to do a quick
    UTSL, but I believe that in addition to the "private" key, PGP also stores
    enough other info (like the modulus used, etc) to allow regenerating the public
    key, and anybody who compromises the system gets *all* the different data items
    saved.  But strictly speaking, having the private key *only* doesn't get you
    the public key...
    
    Schneier's "Applied Cryptography" has a good chapter on RSA that explains how
    this all works...
    -- 
    				Valdis Kletnieks
    				Computer Systems Senior Engineer
    				Virginia Tech
    
    
    
    



    This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 17:54:00 PST