英文:
Could we technically decrypt a signed message using public key?
问题
因为我以为我们只能验证一个签名是由公钥签名的。否则,每个人都可以解密签名,因为公钥是公开的。这篇文章和这篇都似乎说我们可以解密。
还有这张来自SO的图片 -> https://i.stack.imgur.com/q28Zw.png
英文:
Cos I thought we can only verify that a signature was signed by a public key. Cos otherwise everyone can decrypt the signature since public key is, well, public. This article and this both seem to say yes we can decrypt.
And this image from SO too -> https://i.stack.imgur.com/q28Zw.png
答案1
得分: 2
可以使用公钥技术上解密签名的消息吗?
签名的消息实际上不需要首先进行加密。相反,消息签名是对消息的密码哈希,然后使用签名算法对该哈希进行签名。这样的签名算法可能类似于加密(在RSA的情况下)或其他某种算法(如ECDSA)。
然而,原始消息无法从哈希中恢复,因此也无法从签名中“解密”出来。除此之外,消息是针对接收者进行加密的,而签名是由发送者完成的 - 在这里涉及到不同的密钥。
否则的话,每个人都可以解密签名,因为公钥是...
解密签名与解密消息是不同的。至于“解密”部分 - 在RSA的情况下,签名验证涉及解密,但对于ECDSA和其他算法来说则不同。
英文:
> Could we technically decrypt a signed message using public key?
A signed message does not even need to be encrypted in the first place. Instead a message signature is a cryptographic hash over the message and this hash is then signed using a signature algorithm. Such signature algorithm might be like an encryption (in case of RSA) or something else (ECDSA).
Still, the original message cannot be restored from the hash and thus also not "decrypted" from the signature. Apart from that the message is encrypted TO the recipient while the signature is done BY the sender - different keys are involved here.
> Cos otherwise everyone can decrypt the signature since public key is ...
Decrypting the signature is different from decrypting the message. As for the "decrypt" part - signature validation involves decrypting in case of RSA but with ECDSA and others it is different.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论