Originally posted by Robin Zhang:
thanks Alberto Dell'era. But in same case, we can use private to encryption ans use public to decryption,exp, in digital signature.
You're correct, if by "encryption" you mean transforming the message in a "crypted" form that can only be decrypted if you know the other key; that is, in fact, the meaning of the word "encryption" used by the mathematicians who study cryptography. Moreover, normally the PK mathematical algorithms speak about a "key pair", and don't distinguish between public and private; both keys have exactly the same power, that is, to be able to encode ("encrypt") a message that can be decoded ("decrypted") only by the other key. So, you can choose any of the two keys as your private and the other as the public.
In the question we are speaking about, I think the meaning of "encryption" was "unreadable by enemies (hackers)", as I said in the previous post.
Another way to say the same thing: if you use the public key (of the recipient), you get Confidentiality (only who knows the private key can read it, and the recipient is the only one that knows the private key) but no Integrity (anyone can substitute your message with another, since S/he knows the public key); if you use the private key (your one, not the one of the recipient, which you don't know anyway), you get no Confidentiality (anyone can use the public key to decode it), even if you get Integrity (no one can forge another message that can be decoded by your public key, since S/he has not your private key).
Moreover, if by using your public key the message decodes succesfully, it means that the message was encoded using the corresponding private key, and so by you, the only one that knows your private key. So, the recipient is sure that you was the sender, and you can't deny it (the latter is called "Non-Repudiability"). It's exactly like a signature, only better because it's much more difficult to break an algorithm than to forge a signature written on paper.
If you need Confidentiality, Integrity, and Signatures, the solution is simple: first encode using your private key, then pick the encoded message and encode it again using the recipient public key (the order does not matter).
Difficult but fascinating stuff. Hard at the beginning, but then simple, once you have understood it.
[ April 14, 2002: Message edited by: Alberto Dell'era ]
[ April 14, 2002: Message edited by: Alberto Dell'era ]