Encrypting with private key in Public Key InfraStructure

Question

In Public key infrastructure, the MD5 of a piece of data is encrypted with the private key of a sender and this encrypted MD5 – along with the data – is again encrypted using an algorithm like AES or 3DES.

Here, the private key of a sender is used to encrypt with AES… is that correct?

This is a rough implementation of what I think I’ve understood:

DATA
= text which should be send through PKI hash = MD5(DATA)
encrypthash = RSAENCRYPT(privatekey,hash)
= hash encrypted using private key of sender
cipher= AES(KEY,DATA+hash)
= param 1 is the key to encrypt, and param 2 is the DATA and hash which have been concatenated
encryptkey = RSAENCRYPT(privatekey,KEY)
= AES key, encrypted with private key of sender
masterKEY = RSAENCRYPT(publickey,KEY)
= encryptkey, encrypted with public key of receiver

Is this correct, or am I missing something important?

You are doing it wrong. Encryption of hash with RSA private key is called signing. Note, that RSA is one of the few ciphers that provide signature as encryption with private key. The goal of second operation is not clear. Why you encrypt a symmetric key? I see you need classic sign-then-encrypt scheme. — Pavel Ognev, Nov 23 '12 at 06:35
This question badly needs repair before it can be answered meaningfully. In particular it is unclear which public/private key belongs to who (sender/receiver); the use of RSAENCRYPT to sign a hash is wrong; the role of encryptkey is unclear at best (why is is computed? who will get to know it?); the formula for computation of masterKEY (which makes sense) does not match the comment alongside (and I fail to grasp its intend). See this answer — fgrieu, Nov 23 '12 at 16:20
I guess this should probably be opened and reclosed as "too specific". Unless the original questioner comes back or someone else comments that they have also had this problem, I'll find it hard to believe this will be of general use — Cryptographeur, Mar 27 '14 at 18:30

score 2 · Answer 1 · answered Nov 23 '12 at 12:28

It is not correct. Actually, your usage of RSA is entirely wrong.

In a public key scheme, there are 2 keys, one for encryption and one for decryption. If you use the private key to encrypt.... the public key would be used to decrypt. That means everyone can decrypt, as the public key is public.

If you use a public key scheme and the private key to create something, this can only be a signature. And in that case, you would have to use some kind of sign function instead of encrypt; they are not equal.

If we ignore the wrong RSA encryptions, there isn't much left:

You hash the data with MD5
you encrypt data+key with AES under key KEY.
you transmit KEY with RSA and the receivers public key (this is how RSA encryption is used).

However... this is just a simple "send encrypted message" algorithm: encrypt with symmetric cipher and random key, encrypt key with public key scheme and receivers public key. The MD5 hash value does not serve any purpose at all: It is not checked, it doesn't help authenticate the sender, it doesn't achieve message integrity.

But even if we assume, you wanted to sign with RSA instead of encrypting.... I still don't understand what you are trying to achieve here.

Encrypting with private key in Public Key InfraStructure

1 Answers1