Reputation: 14431
How is public key used to decrypt in .NET assemblies?
.NET signed assemblies contain public key, but the public key is used for encryption in RSA, then how does .NET uses the public key for decryption of signed assemblies?
Ok, the signed assemblies contain the hash, but the hash is encrypted using the private key and not the public key. So, why and how in .NET private keys are used for encryption and public keys for decryption. I mean, that all software like RSACryptoPad uses the public key for encryption and not for decryption.
Upvotes: 4
Views: 2036
Answers (3)
Reputation: 193716
The public-private key pair is not used to encrypt the whole assembly. Instead it is used to sign the assembly.
Simplifying a little, to sign a file - such as an assembly - you take a hash of the file and then ecrypt that hash with your private key. Someone using the file verifies your signature by making a hash of the file themselves and then decrypting your encrypted hash using your public key and confirming these two hashes are the same. This proves two things:
- The assembly is from who is claims to be from - i.e you - as it has been produced with your private key.
- The assembly hasn't been altered by someone else as the hash you made when you released the assembly is the same as the current one. No-one can alter the signed assembly since they would also have to make corresponding changes to the encrypted hash which requires your private key.
There is a lot more detail about Digital Signatures in this Wikipedia article.
The great thing about public-private key pairs is that they work either way around. So something encrypted with your private key can be only decrypted with your public key but also something encrypted with your public key can be decrypted with your private key. This latter use means that if someone wants to send something to you and only you then then can encrypt it with your freely available public key but they know only you with your private key can decrypt it.
As the keys only work as a pair - making the encryption asymmetric - someone else can't simply reverse the encryption they've done with the public key to get the message to you.
Upvotes: 6
Reputation: 2860
The purpose of signing assemblies is to verify their source. If I sign my assembly then send it to you, you should be reasonably sure that's its come from me and it hasn't been tampered with along the way.
Upvotes: 1
Reputation: 27343
The idea is that a signature can only be created using the private key, but after that anyone with a copy of the public key can validate the signature. No decryption is required for a signature--the signature is simply added on to the plain text assembly.
Upvotes: 3
Related Questions
- public key RSA encrption in dotnet c#
- Where is the Public Key in the .NET RSA encryption
- RSA: Using public key for decryption in .NET?
- RSA Encrypt with Public Key
- Decryption using the public key
- How to import a Public Key into RSA For decryption
- Decrypt data using an RSA public key
- RSA in C# public key is same as private key?
- RSA encryption in C#: What part defines the public key?
- Does RSA Private key always contain the Public key, or is it just .NET?