+ Reply to Thread
Results 1 to 5 of 5
  1. Senior Member
    Join Date
    Dec 2007
    Location
    Bay Area, California
    Posts
    430

    Certifications
    A+, Network+, MCP, MCDST, MCTS; Vista
    #1

    Default Question about Digitally Signed Data

    I was reading the book on page 11-3 and it states that "if you want to send someone a message and have them be absolutely sure that it came from you, you can digitally sing it by using your private key to encrypt all or part of the data. Anyone receiving the message can then decrypt the encoded data by using your public key"

    Question is the statement saying that there are 2 public keys between each client? I'm confused when it says using YOUR public key. Or is there 1 public key?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member Nishesh.Prasad's Avatar
    Join Date
    Jan 2007
    Location
    Dubai UAE
    Posts
    186

    Certifications
    VCP 5 DCV, VCP 4, MCITP EA 2008, MCSE 2003 Security, CCNA, ITIL V3, Security+, MCDST
    #2
    When using a key pair, the Logic behind Public Keys are that they are 'Publicly' available to Trusted parties ... having said that, the public key can also be transferred during the initial security negotiation that takes place while, lets say, Client A attempts to connect to Client B. Thus, there can be only 1 Public key corresponding to 1 Private key for any entity. Hence, when we say 'your' public key ... we mean 'Your' public key corresponding to 'Your' private key. Therefore, when you transmit a message encrypted with your Private Key .... the other party would be able to read it only after decrypting it & to do that it needs 'Your' public key.

    cheers.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Dec 2007
    Location
    Bay Area, California
    Posts
    430

    Certifications
    A+, Network+, MCP, MCDST, MCTS; Vista
    #3
    Ah ok. Thanks for clearing that up! One more question. I just finished the lesson about digital certificates and was wondering where are the private keys stored? I know they should be stored in a safe place.
    Reply With Quote Quote  

  5. Senior Member Nishesh.Prasad's Avatar
    Join Date
    Jan 2007
    Location
    Dubai UAE
    Posts
    186

    Certifications
    VCP 5 DCV, VCP 4, MCITP EA 2008, MCSE 2003 Security, CCNA, ITIL V3, Security+, MCDST
    #4
    The archived version of the Private Key pair is stored in the CA Database - normally the Root. The key can be retrieved from the CA Database ONLY by a Certificate Manager which is in an encrypted PKCS #7 file format. Mind you, the key can only be 'retrieved' in the encrypted format but cannot be decrypted by the Certificate Manager. The CM then forwards the PKCS #7 file encrypted with the KRA's public key to KRA [Key Recovery Agent] who can first decrypt the encrypted PKCS #7 file using his own Private key and then decrypt the PKCS #7 file using the KRA Certificate onto a PKCS # 12 file which is the User's Private Key. This PKCS #12 file is then sent to the original user encrypted with a Secret Key for the User to decrypt it on the Other end.

    cheers.
    Reply With Quote Quote  

  6. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #5
    C:\Documents and Settings\%username%\Application Data\Microsoft\Crypto\RSA
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks