-2

I recently tried to understand how PGP works:

I encrypt plaintext with my private key and if I send that encrypted text to others with my public key they can encrypt that with my public key?

schroeder
  • 123,438
  • 55
  • 284
  • 319
xLogiiC
  • 1
  • 1

2 Answers2

4

What you describe is the process of signing, not encryption.

Encryption

Alice wants to send Bob a private message. Alice needs Bob's public key for that. She can either ask Bob for it, look at Bob's website, download it from a Keyserver, etc..

Alice takes her message and encrypts it using Bob's public key. She then sends the encrypted message to Bob. Bob decrypts the message with his own private key.

Signing

Alice wants to sign a message to that people can guarantee it's from her. She publishes her public key and signs the message using her private key.

Bob sees the message from Alice, but wants to confirm it's really from her. He downloads Alice's public key and verifies that the message corresponds to her public key.

  • so if i encrypt a messange with someones public key i cannot decrypt it again? without the persons private key? – xLogiiC Feb 26 '20 at 06:04
  • @xLogiiC Correct. if you encrypt a message with my public key, you can't decrypt it anymore. However, you can use an approach called "hybrid encryption", which allows you to encrypt a message with multiple public keys. You can then encrypt a message with the recipients and your own public key. Then you and the recipient can read it. The downside to this is that it leaves a cryptographic connection between you and the recipient, which may or may not be problematic, depending on what you want to protect yourself against. –  Feb 26 '20 at 10:15
  • Do encryption and signing use different keys? – Ian Warburton Dec 23 '20 at 03:57
  • @IanWarburton Yes. Encryption uses the public key, signing uses the private key. This makes sense, because you want everybody to encrypt a message for the recipient, but only one person to be able to create a valid signature. Conversely, decryption uses the private key, and signature verification uses the public key. This also makes sense, because you only want the recipient to be able to read the message, but you want everybody to be able to verify a signed message. –  Dec 23 '20 at 23:09
1

Let say you have a padlock and its key to unlock the padlock. And you distributed the padlocks to someone who wants to send you the messages. When someone wants to send the message, he will lock the message with the padlock that you shared. After locking the message with your padlock, you are the only one who can unlock it because you have a unique key to open the padlock.

Crypt0er
  • 101
  • 5
  • The padlock example is more appropriate for symmetric key encryption (i.e. shared key), not asymmetric encryption (i.e. public/private keys). – phbits Feb 25 '20 at 17:21
  • 1
    @phbits only if the padlock keys are shared and that's not the analogy here ... The locks are shared and the key is kept. – schroeder Feb 25 '20 at 19:45
  • @phbits, in this scenario, the user just shared the padlock not the key to lock the message. – Crypt0er Feb 26 '20 at 01:32
  • I see what you're doing now. Your answer does explain asymmetric encryption. – phbits Feb 26 '20 at 16:25