我们能在技术上使用公钥解密签名的消息吗?

huangapple go评论63阅读模式
英文:

Could we technically decrypt a signed message using public key?

问题

因为我以为我们只能验证一个签名是由公钥签名的。否则,每个人都可以解密签名,因为公钥是公开的。这篇文章这篇都似乎说我们可以解密。

还有这张来自SO的图片 -> https://i.stack.imgur.com/q28Zw.png

英文:

Cos I thought we can only verify that a signature was signed by a public key. Cos otherwise everyone can decrypt the signature since public key is, well, public. This article and this both seem to say yes we can decrypt.

And this image from SO too -> https://i.stack.imgur.com/q28Zw.png

答案1

得分: 2

可以使用公钥技术上解密签名的消息吗?

签名的消息实际上不需要首先进行加密。相反,消息签名是对消息的密码哈希,然后使用签名算法对该哈希进行签名。这样的签名算法可能类似于加密(在RSA的情况下)或其他某种算法(如ECDSA)。

然而,原始消息无法从哈希中恢复,因此也无法从签名中“解密”出来。除此之外,消息是针对接收者进行加密的,而签名是由发送者完成的 - 在这里涉及到不同的密钥。

否则的话,每个人都可以解密签名,因为公钥是...

解密签名与解密消息是不同的。至于“解密”部分 - 在RSA的情况下,签名验证涉及解密,但对于ECDSA和其他算法来说则不同。

英文:

> Could we technically decrypt a signed message using public key?

A signed message does not even need to be encrypted in the first place. Instead a message signature is a cryptographic hash over the message and this hash is then signed using a signature algorithm. Such signature algorithm might be like an encryption (in case of RSA) or something else (ECDSA).

Still, the original message cannot be restored from the hash and thus also not "decrypted" from the signature. Apart from that the message is encrypted TO the recipient while the signature is done BY the sender - different keys are involved here.

> Cos otherwise everyone can decrypt the signature since public key is ...

Decrypting the signature is different from decrypting the message. As for the "decrypt" part - signature validation involves decrypting in case of RSA but with ECDSA and others it is different.

huangapple
  • 本文由 发表于 2023年6月12日 17:03:37
  • 转载请务必保留本文链接:https://go.coder-hub.com/76455083.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定