Open bantu opened 9 years ago
hiddentao
commented
9 years ago Not at all, I state "vice versa" to imply that the opposite way is also true, that data encrypted with your public key can only be decrypted by your private key. You can use either key to encrypt followed by the other key to dercrypt.
bantu
commented
9 years ago What you describe might mathematically work for textbook RSA, but it is confusing, misleading and not true in general. See e.g. ElGamal http://crypto.stackexchange.com/a/4042. Most importantly encrypting using a "private key" is pointless, when the counterpart is the public key, which by definition is public and can be used for decryption.
The cryptographic terminology just is:
Public Key:
Private Key:
hiddentao
commented
9 years ago Fair enough. In any case I was trying to keep that documentation simple and as a textbook example, but you're right that it isn't really how things get used. Right now this documentation isn't being used anywhere (Autonomail has been parked for now) so it's not causing any harm.
From https://github.com/autonomail/docs/blob/master/contents/0-security/1-email-encryption.md:
"The key point: data encrypted with the private key can only be decrypted by the corresponding public key, and vice versa.
Thus, if you encrypt data with your private key you can only use the corresponding public key to decrypt it. And vice versa."
You seem to have swapped "public" and "private".