Understanding Shake on IT key exchange

Question

I am reading a paper about key exchange and trying to understand the protocol described in Figure 4 on page 6 in the above paper. I understand the majority of the notation but am having a hard time understanding steps 7 and 11.

It states that PE (device 1) signs some data using its own private key in step 7, and later PV (device 2) verifies this data. How does PV verify the data if it had been signed with PE's private key? Wouldn't it need to be signed with PV's public key, so PV could verify the content with its own private key?

I just do not understand why the signed data is useful to PV.

Sorry if this is a novice question and thanks for any clarifications.

A signature is created with a private key and verified with a public key. The intent is to prove that whoever signed the data knows the private key. — AndrolGenhald, Jun 07 '18 at 16:26

score 3 · Accepted Answer · answered Jun 07 '18 at 16:45

Public Key Cryptography has two basic primitives -

Encryption - data encoded using the Public Key can only be read using the Private Key

Signing - data that can be decoded using the Public Key must have been written using the Private Key

As you can see, these are really just two sides of the same coin, both depending on the Private Key being Private and the availability of the Public Key to other parties.

How does PV verify the data if it had been signed with PE's private key?

If the data decodes using PE's Public Key, than it can only have been encoded using PE's Private Key, therefore verifying that it "came from" PE.

I love this distinction between encryption and signing. I'd never thought of it that way before. — Kieveli, Jun 07 '18 at 17:32

Understanding Shake on IT key exchange

1 Answers1