Authentication in Pretty Good Privacy Confusions

Authentication in Pretty Good Privacy Confusions

Postby shivajikobardan » Thu Jun 02, 2022 8:46 am

We want authentication ie
-> the source written in the received message should be the actual real source that sent the message.
->information should not be altered in the way (data integrity)

So to support this, book does this.

https://engineering.purdue.edu/kak/comp ... ture20.pdf

go to page number 10.

But I can’t realize how it is helping authentication? How do we know the source in the received message is actual source? (You might say by comparing the received hash and computed hash of received email message) but that I can’t feel it how.

Leaving PGP aside, What is the best way in real life to know that the message is sent to me by someone whom I know? Maybe if we have some well established secret code between us.

authentication means-:

1) when information is received from a source, authentication means that source is indeed as alleged in the information.
2) information was not altered along the way. this authentication is also referred to as maintaining data integrity.

RSA at sender-:
with sender's private key

My genuine questions(I am aware about symmetric and assymetric encryption-here the text explicity said public key for encryption and private key for decryption. Any scientific reason behind that)

{ Why not use sender's public key here?
Why not use receiver's private key here?
Why not use receiver's public key here?
}

RSA at receiver-:
with sender's public key.


{ Why not use sender's private key here?
Why not use receiver's private key here?
Why not use receiver's public key here?
}
shivajikobardan
 
Posts: 29
Joined: Sat Jan 08, 2022 2:13 pm
Reputation: 1

Return to Programming and Algorithms



Who is online

Users browsing this forum: No registered users and 1 guest