.NET encryption techniques

Question

I am learning encryption in .NET. It seems there are 2 methods, symmetric:AES and asymmetric:RSA or DSA.

So in both above cases, when a user encrypts a message, does he use his private key and publish public key to the public so they can check the message? Please correct me if wrong.

Or does user hash the string, then encrypt with his private key? or public key?

I am confused whether encryption in .NET is used as a means for authenticity of a message or actually encrypting the contents of the message

Answer 1

Symmetric encryption algorithms use one key only, shared by both parties. Symmetric algorithms are faster at encrypting large amounts of data.

Asymmetric algorithms use two keys: one private used by the sender to encrypt a message, one public used by the recipient to decrypt it.

Or does user hash the string, then encrypt with his private key? or public key?

This is called "signing", not "encrypting". To sign a message, you usually hash it, and then "encrypt" the hash using an asymmetric private key. The recipient will then decrypt the signature using the sender's public key and obtain the sender's hash, hash the original message to obtain his own hash, and check whether the two hashes match.

Asymmetric algorithms are slower, but since the hash is a LOT smaller than the original message, speed is not a big issue.

Signing is a means of guaranteeing authenticity, it guarantees it hasn't been tampered with by a third party.