locked
How private and public key encryption works RRS feed

  • Question

  • i am not sure i heard that with private and public key encryption message is encrypted with public key and that key be only decrypted by private key is it true ?

    please guide me with a easy example that how private and public key encryption works

    thanks

    Friday, December 2, 2016 12:03 PM

Answers

  • i am not sure i heard that with private and public key encryption message is encrypted with public key and that key be only decrypted by private key is it true ?

    I'm not an encryption expert, but there are two thinks that you can do:

    1) Encryption: Encrypt with Public Key - Decrypt with Private Key

    E.g. You give me your Public Key. I encrypt some email with it and send the encrypted data then to you. You are then the only one who can decrypt the original email again using the private key.

    2) Signature: Sign / Encrypt the data with private key - Check / decrypt with public key

    E.g. I encrypt some data with my private key and send you the unencrypted data and the encrypted data (Signature). You can than using my public key "decrypt" the signature again and check if the data was changed after I have signed it.

    Regards,

    David


    • Edited by David Roller Friday, December 2, 2016 6:13 PM Typo
    • Marked as answer by Sudip_inn Monday, December 5, 2016 9:35 AM
    Friday, December 2, 2016 6:10 PM

All replies

  • please guide me with a easy example that how private and public key encryption works

    Use a web search to find answers to broad questions such as this.
    It's expecting too much to ask others to compose a detailed answer
    to complex subjects.

    Public-key cryptography

    https://en.wikipedia.org/wiki/Public-key_cryptography

    Pretty Good Privacy
    https://en.wikipedia.org/wiki/Pretty_Good_Privacy

    - Wayne

    Friday, December 2, 2016 5:32 PM
  • i am not sure i heard that with private and public key encryption message is encrypted with public key and that key be only decrypted by private key is it true ?

    I'm not an encryption expert, but there are two thinks that you can do:

    1) Encryption: Encrypt with Public Key - Decrypt with Private Key

    E.g. You give me your Public Key. I encrypt some email with it and send the encrypted data then to you. You are then the only one who can decrypt the original email again using the private key.

    2) Signature: Sign / Encrypt the data with private key - Check / decrypt with public key

    E.g. I encrypt some data with my private key and send you the unencrypted data and the encrypted data (Signature). You can than using my public key "decrypt" the signature again and check if the data was changed after I have signed it.

    Regards,

    David


    • Edited by David Roller Friday, December 2, 2016 6:13 PM Typo
    • Marked as answer by Sudip_inn Monday, December 5, 2016 9:35 AM
    Friday, December 2, 2016 6:10 PM
  • can u give me some code example which will show me how to Encrypt data with Public Key and later Decrypt with Private Key the same data.

    thanks

    Monday, December 5, 2016 9:35 AM
  • Hi Mou_inn,

    Thank you for posting here.

    Here is a quick answer for understanding.

    >>i am not sure i heard that with private and public key encryption message is encrypted with public key and that key be only decrypted by private key is it true ?

    Yes, it is true. 

    For Encrypting, it has Asymmetric Encryption and Symmetric Encryption.

    The public key and private key are Asymmetric Encryption. 

    Each user has a pair of private and public keys.
    The private key is used to decrypt and sign, is for user own use.
    The public key is public and is used by others to encrypt and verify the signature.

    When the user sends the file, signed with the private key, others use his public key to decrypt, you can ensure that the information is sent by him. Namely a digital signature.
    When the user accepts the file, others use his public key encryption, he used a private key to decrypt, can guarantee that the information can only be received by him. It could avoid the message stealing by others.

    Here is a simple example.

    using System.Collections.Generic;
    using System.IO;
    using System.Linq;
    using System.Text;
    using System.Threading.Tasks;
    using System.Security.Cryptography;
    using System;
    
    namespace SecureTranferTest
    {
        class Program
        {
            /// <summary>
            /// The private key of Anne
            /// </summary>
            public static System.Security.Cryptography.CngKey anlikey = null;
    
            //The public key of Anne
            public static byte[] anlipulicKey = null;
            //The key of Bob
            public static System.Security.Cryptography.CngKey bobkey = null;
            public static byte[] bobpulicKey = null;
    
            static void Main(string[] args)
            {
                CreateKey();
                AnliSendMessage("It is a good day.");//Anne send message to Bob.
                AnliSendMessage("I am so happy.");//Anne send message to Bob.
                Console.ReadKey();
            }
    
            public static void CreateKey()
            {
    
                //Create private key via ECDsaP256
                anlikey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP256);
                //Create public key according to private key.
                anlipulicKey = anlikey.Export(CngKeyBlobFormat.EccPublicBlob);
                //Create private key via ECDsaP256
                bobkey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP256);
                //Get public key according to private key.
                bobpulicKey = bobkey.Export(CngKeyBlobFormat.EccPublicBlob);
    
            }
    
            public static void AnliSendMessage(string message)
            {
                byte[] rowData = Encoding.UTF8.GetBytes(message); //
    
                using (ECDiffieHellmanCng cng = new ECDiffieHellmanCng(anlikey))
                {
    
                    using (CngKey bobkey = CngKey.Import(bobpulicKey, CngKeyBlobFormat.EccPublicBlob))
                    {
    
                        var sumKey = cng.DeriveKeyMaterial(bobkey);
    
                        using (var aes = new AesCryptoServiceProvider())
                        {
                            aes.Key = sumKey;
                            aes.GenerateIV();
    
                            using (ICryptoTransform encryptor = aes.CreateEncryptor())
                            {
                                using (MemoryStream ms = new MemoryStream())
                                {
    
                                    var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write);
    
                                    ms.Write(aes.IV, 0, aes.IV.Length);
    
                                    cs.Write(rowData, 0, rowData.Length);
                                    cs.Close();
                                    var data = ms.ToArray();
    
                                    Console.WriteLine("Anne send encryption message to Bob.");
                                    BobReceivesData(data);
                                }
                                aes.Clear();
                            }
                        }
                    }
                }
            }
    
            //Bob receive message
            public static void BobReceivesData(byte[] data)
            {
                Console.WriteLine("Bob received the massage and decrypt.");
                byte[] rowData = null;
    
                using (var aes = new AesCryptoServiceProvider())
                {
                    var ivlength = aes.BlockSize >> 3;
                    byte[] ivdata = new byte[ivlength];
                    Array.Copy(data, ivdata, ivlength);
    
                    using (ECDiffieHellmanCng cng = new ECDiffieHellmanCng(bobkey))
                    {
    
                        using (CngKey anikey = CngKey.Import(anlipulicKey, CngKeyBlobFormat.EccPublicBlob))
                        {
    
                            var sumKey = cng.DeriveKeyMaterial(anikey);
                            aes.Key = sumKey;
                            aes.IV = ivdata;
                            using (ICryptoTransform decryptor = aes.CreateDecryptor())
                            using (MemoryStream me = new MemoryStream())
                            {
    
                                var cs = new CryptoStream(me, decryptor, CryptoStreamMode.Write);
                                cs.Write(data, ivlength, data.Length - ivlength);
                                cs.Close();
                                rowData = me.ToArray();
                                Console.WriteLine("Succeed. The message is :");
                                Console.WriteLine(Encoding.UTF8.GetString(rowData));
                            }
                        }
                    }
                }
            }
        }
    }

    I hope this would be useful.

    Best Regards,

    Wendy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, December 5, 2016 9:42 AM
  • Hi Mou,

    You could also look into below MSDN reference for how to use Private and Public key. Hope this helps you.

    Walkthrough: Creating a Cryptographic Application


    Thanks,
    Sabah Shariq

    [If a post helps to resolve your issue, please click the "Mark as Answer" of that post or click Answered "Vote as helpful" button of that post. By marking a post as Answered or Helpful, you help others find the answer faster. ]

    Monday, December 5, 2016 10:00 AM