Liu Weihan-about public and private key _ algorithms

Author: Liu Weihan-Learning crisp
Link: https://www.zhihu.com/question/25912483/answer/31653639
Source: Know
Copyright belongs to the author. Commercial reprint please contact the author to obtain authorization, non-commercial reprint please indicate the source.

Let's review the RSA encryption algorithm.

Therefore, we can see from the description of the algorithm that the public key is used to encrypt the data, and the private key is used to decrypt the data. Of course, this can also be intuitive to understand: Public key is the public key, it is public to use it to encrypt data. The private key is private, and whoever has the key can decrypt the text. Otherwise everyone can see the private key, can decrypt, that is not a mess.

================= Split Line =================

Therefore, in the signature algorithm, the private key is used to sign the data, and the public key is used to authenticate the signature. This can also be intuitively understood: the signature of a file, of course, with the private key, because we hope that only ourselves to complete the signature. The verification process, of course, wants everyone to be able to perform, and everyone sees that the signature is verified by verification that I signed it myself.

================= Split Line =================

Why, then, does the Lord ask such a question? We can see that RSA's encryption/verification, decryption/signature process is too similar. At the same time, the RSA system itself is symmetrical: if we turn to e as the private key, D as the public key, the system can also be well executed. I think it is for this reason that the Lord is learning the RSA system when this confusion occurs. So what is the solution? The main idea is to learn about other public key cryptography and the signature system. Other systems are not of this symmetry. For example, public key cryptography can take a look at ElGamal encryption and more secure Cramer-shoup encryption. The signature system can further look at the ElGamal signature, even the BLS signature, which may help the master to better understand the difference between encryption and signature and the potential connection. As for the main question of the encryption and signature is how to combine. This system is called the Signcryption Scheme (signcrypt), in RSA, this signcryption scheme looks particularly like, it can easily cause confusion. I do not want to introduce the encryption and signature scheme in RSA in detail. I would like to remind the main is that encryption and signature when the combination of two sets of public key is different.

=======================================================
In addition, the following examples were provided: