0

My understanding is that the public key can be used for encryption and the private for decryption and that the public key cannot decrypt the file encrypted by the same public key. Did I misunderstand or am I doing something incorrectly?

1) generate a key

openssl genrsa -out ./private.pem 2048

2) generate a public key

openssl rsa -in ./private.pem -pubout > ./public.pem

3) encrypt a small text file

openssl enc -in ./in.txt -out ./out.enc -e -aes256 -k ./public.pem

4) decrypt file using PUBLIC key

openssl enc -in ./out.enc -out ./out.txt -d -aes256 -k ./public.pem

The last step can decrypt the "out.enc" file. Not what I wanted or expected.

user3661593
  • 1
  • 1
  • 3

2 Answers2

1

Although, the question is really old, yet I must state that TS got it right: the public key cannot decrypt the file encrypted by the same public key. Only the corresponding private key can.

The real problem is that AES is not the public-key algorithm. It uses the same key for both encryption and decryption, and the key can be an arbitrary byte sequence.

Matt
  • 13,674
  • 1
  • 18
  • 27
0

No. That's wrong. The two keys (public and private) can be used for BOTH encrypting and decrypting. The kicker is that you cannot reverse the operation with the same key.

e.g.

encrypt(doc, publickey) -> decrypt(crypteddoc, publickey)  // fails
encrypt(doc, privatekey) -> decrypt(crypteddoc, privatekey) // fails

encrypt(doc, publickey) -> decrypt(crypteddoc,privatekey) // works
encrypt(doc, privatekey) -> decrypt(crypteddoc, publickey) // works

Technically, it doesn't matter which key you share and make public, as long as once you have made one of the keys public, you cannot ever share the other, private, key.

Marc B
  • 356,200
  • 43
  • 426
  • 500
  • And reversing with the same key is precisely what he's trying to do. :) – David Hoelzer Feb 12 '15 at 18:02
  • That's right. I am reversing the operation with the same (public) key I used to encrypt the file. I DO NOT want that to happen. I expected the public key would be able to encrypt the file but not be able to decrypt the same file. – user3661593 Feb 13 '15 at 00:46
  • 1
    Technically, it **does** matter which key to share! Given the private key, anyone can compute the public key easily, but not vice versa. This is why it's called _asymmetric_ cryptography. – Matt Feb 19 '15 at 19:02
  • yes, but the public and private designations are purely arbitrary. you could take the "public" key and never ever reveal it, while taking the "private" key and handing it out to everyone.you could call them "fred" and "barney". the actual math doesn't really care. – Marc B Feb 19 '15 at 19:46
  • -1: in the question the public key is abused as a symmetric passphrase. It is plainly wrong to suggest that revealing of the private key is the same as revealing of the public key in general, because of the reason @Matt wrote. – IljaBek Jun 16 '16 at 14:19