My understanding is
for encryption : I use my recipient's PUBLIC KEY to encrypt my message. He will use his PRIVATE KEY to read my message (only HE can do this) => OK with that
for signing : I use my PRIVATE KEY (since no one has it, it proves my identity). But if my recipient use my PUBLIC KEY, every one could do the same and read my message ! Can anyone explain this ?
Then, I thought that what I should do is
I SIGN my message with my PRIVATE KEY => it proves my identity
I ENCRYPT the result of step 1 using my recipient's PUBLIC KEY => to avoid anyone reading it
HE decrypt with his PRIVATE KEY => only he can do this
HE check my identity with MY PUBLIC KEY
Is that correct ?
Your second guess is not bad.
Usually the way is the following for signing (not encryption):
That's it. Transfer the plain message and the signed hash to anyone. The message is not encrypted and therefore readable for all recipients. With the help of your public key everyone can decrypt the hash, calculate his or her own hash of your message and as long as both hashes (the self calculated and the signed and decrypted one) are equal, the signature is valid and the message has not beed changed after you have signed it.
In case your message has to be encrypted as well you usually do not use RSA, because it is to slow and to inflexible for larger messages (that means larger than the modulus of the private key, eg 2048 bit).
Use a symetric algorithm like AES CBC for the encryption of the message. The coincidentally generated key for encryption can be encrypted with the public key of your recipient and then be transfered.
To sum up signing and encryption using RSA with SHA256 (signature) and AES CBC (encryption): 1. Calculate a SHA256 hash H of your message M. 2. Sign H with your public key, ie encrypt H with your RSA private key. That is your signature S. 3. Generate a random key K. 4. Encrypt M with AES CBC to get the encrypted message M'. 5. Encrypt K with the public key of your recipient to get K'. 6. Send K', your signature S and M' to your recipient.
Only the recipient can undo all steps:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.