March 20th, 2011, 10:31 AM
A question about the authentication and signature by public key system
If a pair of key can be both used to authentication and signature ?
For example, Jack has generated a pair of keys and send the public key to Mike. Then they send information to each other.Mike's information need to be secret and Jack's information must be signature .Hence Mike send some information encrypted by the public and at the same time, Jack use the same pair of key to signature the information which is send to Mike.
Is this situation secure ?
March 29th, 2011, 10:22 PM
Well yes, that works the way you state it.
The problem is that, assuming that the public key is really public, anyone can send a message to Jack and he won't be able to tell it wasn't from Mike. Similarly, any message that Jack sends can be read by anyone. Maybe you don't care.