On Mon, 10 Jan 2000 07:03:19 -0800 (PST), [EMAIL PROTECTED] (Steven Lawson)
wrote:
>> If I should encrypt a message by using a public key, and then transmit the
>> message to you, then there is nothing secret about it, because the key is
>> publicly available. On the other hand, if I should encrypt a message
>> by use of a private key, and if only you and I know what our private key is,
>> then we can encrypt and decrypt secret messages to each other. A public key
>> has no security value whatsoever.
> The explanation in PGP is that messages encrypted with the private key can
> only be decrypted with the public key, and messages encrypted with the
> public key can only be decrypted with the private key.
> So, someone can send me a message encrypted with my public key and only I
> can read it by applying my private key. Anyone trying to decrypt the
> message with the public key will get garbage.
> I can also send out a message and "sign" it (apply my private key to an
> authentication header but not encrypt it). Thus, anyone can read the
> message, and can verify it's from me by checking the signature against my
> public key. Nobody can *modify* my message however, because the
> authentication header also contains a unique value calculated off the
> content of the message which will change if the message is modified.
OK, so I understand enough from your explanation so as to get started in
learning how to use this kind of system. Thanks. What I do not understand
are the technological aspects of how such a system as this can work. The
only kind of encryption/decryption techniques that I truly understand
are those in which both encryption and decryption is performed by a private
key known only to the parties to the communication.
If you folks could refer me to some other web sites that would explain the
elementary principles involved, I would really appreciate it. What I am
looking for is not "how to do it" information. I am looking for some
"how it works" information.
Samuel W. Heywood
-- This mail was written by user of Arachne, the Alternative WWW Browser
