32
submitted 6 months ago by t0mri@lemmy.ml to c/security@lemmy.ml

There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?

you are viewing a single comment's thread
view the rest of the comments
[-] atzanteol@sh.itjust.works 2 points 6 months ago

If you know the private key it is trivial to calculate the public key, but the reverse isn't true

I didn't believe this is true... In public/private key crypto there is no such thing as "private" and "public". They're just a key pair. You choose to make one public by sharing it and the other private by not sharing it.

[-] kevincox@lemmy.ml 2 points 6 months ago

It depends on the cryptosystem. The private and public halves of the pair are often not symmetrical and often have overlap.

The parent is likely confused because in most situations the "private key file" will also contain all of the public key. Whether by necessity or for convenience.

[-] RegalPotoo@lemmy.world 1 points 6 months ago

Ok, semantics - for RSA you generate a private key, then derive the public key from that private key, and you could publicly post your private key if you wanted to. "Public" and "private" are just names.

this post was submitted on 28 Apr 2024
32 points (79.6% liked)

Security

5010 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS