# Signing using private key.

## dE_logics

I've been highly confused lately.

In the concept of digital signatures, a user (to assert that the sent message is authentic) encrypts the checksum of the message using his private key?

Is this true? I mean, you can encrypt using your private key? and the opposite happens in SSL?

----------

## NeddySeagoon

dE_logics,

Your public and private keys are only differentiated by makeing one public for all the world to use and keeping the other private.  Other than that, processes involving keys are reversable.

For someone to send you an encrypted message, they encryppt it with your public key.  Only people with the matching private key can decrypt it.

The converse it true. If you encryot a message with your private key, it can only be decrypted with your public key.

At first sight, thats not very useful but if the message is a digest of another message, then the rest of the world can regenerate the digest from your message, the same way that you did and can compare it against the digest you encrypted with your private key but using your public key to decrypt the digest.

Thats a long way of saying 'yes'

----------

## John R. Graham

Yes. To elaborate on what NeddySeagoon said, there are really only two operations with asymmetric cryptography:A public key operation, which is used for encryption and verification, and

A private key operation, which is used for decryption and signing.There are nuances on how they're used, but there are only two mathematical operations. The other salient fact is that each one reverses the transform performed by the other. If we define Pub() as a function that performs the public key operation for a given key pair and Priv() as a function that performs the private key operation, then, for all qualifying messages "x", thenPub(Priv(x)) is equal to x, and

Priv(Pub(x)) is equal to x.Signing is usually not called "encrypting with the private key" but instead is called "performing the private key operation" on a message digest. Does that make sense?

- John

----------

## dE_logics

Ok, thanks. Verified.   :Smile: 

That's what GNUPG does.

----------

## EasterParade

Thanks NeddySeagoon and John H. Graham; never read the description of what

happens in GnuPG so short and easy. Up to now it always tied a knot in my head   :Confused: 

But do people still actually exchange their keys? 

And if I have properly understood it doesn´t make sense to sign ones e-mails, right?

----------

## NeddySeagoon

transsib,

It depends who you are writing to and why.

A signature on an email is only useful to people you have your public key. It assures those readers that the message was not tampered with/corrupted in transit.

The general idea is that you post your public key to a key server, so its avaiable to anyone who wants it. There is no need to 'exchange keys'.

This step provides no assurance to the senders identity.  That comes next.

Suppose to people A and C who have never met and have no reason to trust one another, wish to exchange email in uch a way that both have an assurance when an email arrives it really is from the person whos signature is attached.

Suppose further that there is a person B who they both trust.  B can sign both of the public keys, so that when signature checking occurs, they can also verify that B says this signature was really produced with A/Cs key.

The web of trust, as this is called can be spread further and more thinly.  We actually all need only six signatures on our public keys (the right 6) to have an assurace that email is really from who it claims to be for any individual in the world.

Yes - key signing are still held. At LUG meets and so on.

Its more difficult with webmail. Its a bit pointless signing a message created on the web - you don't know what has happened to it during creation, but you can still sign attachments before they are attached and create a detached signature and attach that as well.

I sign all my email I send as neddyseagoon. I don't bother with email around the family.

-- edit --

Consider the message "Send reinforcements - am going to advance" sent during wartime being delivered as "Send three and fourpence - am going to a dance"

One is an instruction to send more soliders, the other a sum of money. You will need to read them aloud in English.  The words sound very similar.

A digital signature would have caught that.

----------

## EasterParade

Hello NeddySeagoon,

 *Quote:*   

> A signature on an email is only useful to people you have your public key. It assures those readers that the message was not tampered with/corrupted in transit. 

 

Ya, that´s the general idea which is why I usually sign my e-mails.

 *Quote:*   

> This step provides no assurance to the senders identity. That comes next. 

 

Like triangulating your position?

With "webmail" you talk about free-mail servers of - say gmail - or do you mean when s.o. uses the web gui online instead of a mail-client like claws or thunderbird?

Dun know - anyway, I like the idea of verifying trust but fact is that many many people really don´t care much about securing their personal data on the web. It is quite disturbing how people can say: "Uh, I don´t have anything to hide." 

Most people I exchange mail with don´t even know what they´ve received WHEN they actually take notice of the signature at the bottom of the message at all. Scares the hell out of me.

----------

## NeddySeagoon

transsib,

I mean mail systems in which the mail is composed on the web, not on the local machine.

With such systems, you have no assurace that what you enter is what is actually there.

As you say, gmail is  a fine example.

Think of email as a postcard.  Anyone can read it (or alter it) while its in transit.

----------

## Hu

As a workaround for the issue that Neddy raised with regard to webmail, if you need to use a webmail interface to send e-mail, and you need to send signed content, remember that any file, including a plain text file, can be signed.  Therefore, you could send a one line e-mail "See attached" via the web interface, and attach to the message a locally created signed plain text file with the message that needs to be authenticated.

----------

## dE_logics

This context may help - 

 *Quote:*   

> Or secure socket layer is a protocol standard such that when something it's send over the network, it's encrypted using a key called the 'public key'. If you want to decrpt this message you'll need a 'private key', I.e deception using public key is not possible.
> 
> TSL or transport layer security is it's successor.
> 
> SSL/TSL is never used directly, it's used over a protocol like HTTP, FTP etc... i.e. in order to integrate SSL/TSL to an existing protocol, the protocol has to be modified to use it.
> ...

 

 *Quote:*   

> When information is transmitted over the Internet, it may be modified via eavesdropping or through compromised Windows systems.
> 
> Thus the reviver should have a reason to believe that the message received by him is actually send by this user.
> 
> In real life situations, we may use signatures, but in emails or other transmission of digital information, we use digital signatures which are more secure than personal ones.
> ...

 

----------

## NeddySeagoon

dE_logics,

If you want to play with public key encryption make yourself two mail accounts, A and B.

Make a public/private key pair for each

Post the public keys on a keyserver.

Send a signed clear text email from A to B.

B should complain that the signature can't be verifiy because of a missing key.

Have B fetch A's public key from the keyserver.

Now that B has A's public key, B can encrypt messages to A.

As your quote says, public key encryption is expensive in terms of CPU time, so the public key is used to encrypt the key to a symmetric ciper that is used for this message only.

The symmetric ciper is used with the key to encrypt the message. The recipient decrypts the symmetric key (usinging the private key) and then uses the symmetric key and cipher to decrypt the message.

----------

