32
submitted 1 year ago by t0mri@lemmy.ml to c/security@lemmy.ml

There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?

you are viewing a single comment's thread
view the rest of the comments
[-] atzanteol@sh.itjust.works 2 points 1 year ago

If you know the private key it is trivial to calculate the public key, but the reverse isn't true

I didn't believe this is true... In public/private key crypto there is no such thing as "private" and "public". They're just a key pair. You choose to make one public by sharing it and the other private by not sharing it.

[-] kevincox@lemmy.ml 2 points 1 year ago

It depends on the cryptosystem. The private and public halves of the pair are often not symmetrical and often have overlap.

The parent is likely confused because in most situations the "private key file" will also contain all of the public key. Whether by necessity or for convenience.

[-] RegalPotoo@lemmy.world 1 points 1 year ago

Ok, semantics - for RSA you generate a private key, then derive the public key from that private key, and you could publicly post your private key if you wanted to. "Public" and "private" are just names.

this post was submitted on 28 Apr 2024
32 points (79.6% liked)

Security

5753 readers
3 users here now

Confidentiality Integrity Availability

founded 5 years ago
MODERATORS