RSA with PyCrypto
A.M. Kuchling
amk at amk.ca
Wed Dec 11 15:35:58 EST 2002
On 11 Dec 2002 18:53:36 +0100,
> # Give B's public key to A... I think...
> privkeyA.e = pubkeyB.e
> privkeyA.n = pubkeyB.n
Don't do this.
Think of an RSA key as a mailbox. Any passer-by can drop messages
into the mailbox through the little slot, but passers-by can't get a
message back once it's been placed inside the mailbox; the slot is too
small for them to reach in. The mailbox owner has a key that permits
opening up the mailbox and taking out all of the messages.
RSA keys are like this. Given the public key, anyone can take a
message and encrypt it using the key. Only the person who has the
private key can reverse this encryption to get the original message.
So, in your example, A doesn't need an RSA key at all. A simply needs
to get a copy of B's public key, does 'msgc = pubkeyB.encrypt(msg,"")'
and sends msgc to B. B then does 'msgd = privkeyB.decrypt(msgc)'
to retrieve the original message.
--amk (www.amk.ca)
It's more serious than death, Mr Stevenson. He's changing form.
-- The Doctor, in "The Seeds of Doom"
More information about the Python-list
mailing list