|

»

Bouncy Castle - Dev

pgp encryption with PGP private key?

View: New views

7 Messages — Rating Filter: Alert me

	pgp encryption with PGP private key? by Jaiswal :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Some parts of this message have been removed. Learn more about Nabble's security policy. Is it possible to encrypt a file using PGP private key instead of public key using bouncy castle APIs.? Regards, Sunil Sunil Kumar Jaiswal, SCIIM Security & Privacy Services Deloitte & Touche AERS India Pvt Ltd Direct: +1 615 718 2192 Mobile: + 91 995 961 3222 sujaiswal@... www.deloitte.com “ Serving Clients Globally – D&T AERS India” This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. [v.E.1]
	Re: pgp encryption with PGP private key? by Lothar Kimmeringer-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: > > > Is it possible to encrypt a file using PGP private key instead of public > key using bouncy castle APIs.? Sure, it's just not called encryption but signing ;-) Why do you want such a thing? Anyway, in many cases, the private key structure also contains the public key information, so it should be possible to do what you want by creating a public key out of the private key data and perform the encryption in a standard way. Regards, Lothar
	RE: pgp encryption with PGP private key? by Jaiswal :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks Lothar, What I need is encrypt a message with pgp private key and send it to someone who can decrypt using pgp public key. How can we decrypt a message by pgp public key? Regards, Sunil -----Original Message----- From: Lothar Kimmeringer [mailto:job@...] Sent: Tuesday, October 06, 2009 5:12 PM To: dev-crypto@... Subject: Re: [dev-crypto] pgp encryption with PGP private key? Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: > > > Is it possible to encrypt a file using PGP private key instead of public > key using bouncy castle APIs.? Sure, it's just not called encryption but signing ;-) Why do you want such a thing? Anyway, in many cases, the private key structure also contains the public key information, so it should be possible to do what you want by creating a public key out of the private key data and perform the encryption in a standard way. Regards, Lothar This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. [v.E.1]
	Re: pgp encryption with PGP private key? by Lothar Kimmeringer-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: > What I need is encrypt a message with pgp private key > and send it to someone who can decrypt using pgp public key. I already understood that, but not _why_ you need such a thing. > How can we decrypt a message by pgp public key? The same way around, but I'm not sure if you can create a private key out of a DSA public key. With RSA that should be possible. Regards, Lothar
	RE: pgp encryption with PGP private key? by Jaiswal :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----Original Message----- From: Lothar Kimmeringer [mailto:job@...] Sent: Tuesday, October 06, 2009 6:07 PM To: dev-crypto@... Subject: Re: [dev-crypto] pgp encryption with PGP private key? Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: > What I need is encrypt a message with pgp private key > and send it to someone who can decrypt using pgp public key. I already understood that, but not _why_ you need such a thing. [<Set initials in options>] - That's a requirement and I want to see if this can be done or a feasible/secure option > How can we decrypt a message by pgp public key? The same way around, but I'm not sure if you can create a private key out of a DSA public key. With RSA that should be possible. [<Set initials in options>] - I'm not sure if any pgp public key contains private data and private date can be extracted without passphrase. Regards, Lothar This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. [v.E.1]
	Re: pgp encryption with PGP private key? by Lothar Kimmeringer-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: > I already understood that, but not _why_ you need such a thing. > > [<Set initials in options>] - That's a requirement and I want to > see if this can be done or a feasible/secure option (You should configure your mail-program). What happens if the requirement is technically impossible? >> How can we decrypt a message by pgp public key? > > The same way around, but I'm not sure if you can create a > private key out of a DSA public key. With RSA that should > be possible. > [<Set initials in options>] - I'm not sure if any pgp public > key contains private data and private date can be extracted > without passphrase. The same way around was meant in that way, that you have to create a private key out of the public key. A public key never contains the private parts but e.g. with RSA you should be able to put the primenumbers that are part of the public key into the fields of the private key. Because the structure of a DSA- key is different, I'm not sure if this is possible for this type of algorithm. So to sum up things: In some way and for some algorithms this should be possible, but I suggest checking if that requirement can't be changed in a way, allowing to avoid this kind of thing completely. Regards, Lothar
	Re: pgp encryption with PGP private key? by Éric Vigeant :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, Oct 6, 2009 at 8:52 AM, Lothar Kimmeringer <job@...> wrote: > Jaiswal, Sunil Kumar (US - Hyderabad) schrieb: >> I already understood that, but not _why_ you need such a thing. >> >> [<Set initials in options>] - That's a requirement and I want to >> see if this can be done or a feasible/secure option > > (You should configure your mail-program). > What happens if the requirement is technically impossible? > >>> How can we decrypt a message by pgp public key? >> >> The same way around, but I'm not sure if you can create a >> private key out of a DSA public key. With RSA that should >> be possible. >> [<Set initials in options>] - I'm not sure if any pgp public >> key contains private data and private date can be extracted >> without passphrase. > > The same way around was meant in that way, that you have to > create a private key out of the public key. A public key never > contains the private parts but e.g. with RSA you should be able > to put the primenumbers that are part of the public key into > the fields of the private key. Because the structure of a DSA- > key is different, I'm not sure if this is possible for this > type of algorithm. > > So to sum up things: In some way and for some algorithms this > should be possible, but I suggest checking if that requirement > can't be changed in a way, allowing to avoid this kind of > thing completely. > > > Regards, Lothar > If you use (private and public) keys in the normal fashion, then it doesn't make much sense to encrypt the file using the private key. The public key is usually easily available and can decrypt the data, anybody (with the public key) could decrypt the file. Encrypting with the private key only ensures that nobody can modify the file (without the private key) since the file could not be decrypted using the public key. That is exactly what signing provides, confirmation that only the owner of the private key can modify the file. If the public key can be retrieved (relatively) easily, then encrypting with the private key does not provide data confidentiality, which might be misleading... Cheers, Eric