>>The public key is derived from the private key. Anyone in possession of the >>private key is by definition also in possession of the public key. The same >>is not true in reverse, a party can possess the public key without the >>ability to (reasonably) discover the matching private key. > Not true, there is no relation between the keys in that way, you can't find > one key from the other in any order. The only difference between the keys is > that you keep the private key secret. Either key can be used to > encrypt/decrypt messages. Here is an Algorithm for finding the public and > private keys: It is true, you can't algorithmically derive one from the other. However OpenPGP secrets contain the public key in the private keyring just in case. From http://www.gnupg.org/(en)/documentation/faqs.html#q4.21 -------- 4.21) I still have my secret key, but lost my public key. What can I do? All OpenPGP secret keys have a copy of the public key inside them, and in a worst-case scenario, you can create yourself a new public key using the secret key. A tool to convert a secret key into a public one has been included (it's actually a new option for gpgsplit) and is available with GnuPG versions 1.2.1 or later (or can be found in CVS). It works like this: $ gpgsplit --no-split --secret-to-public secret.gpg >publickey.gpg One should first try to export the secret key and convert just this one. Using the entire secret keyring should work too. After this has been done, the publickey.gpg file can be imported into GnuPG as usual. -------- So yes, having only the private *keyring* you can recover the public key. -- Brian Hatch "Wonderful lady. Talks Systems and more and says less than Security Engineer anyone I've ever met." www.hackinglinuxexposed.com Every message PGP signed
This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 18:24:22 PST