Can one encrypt with a private key/decrypt with a public key?

Question

[Disclaimer: I know, if you know anything about crypto you\'re probably about to tell me why I\'m doing it wrong - I\'ve done enough Googling to know this seems to be the ty

Answer 1

Public keys are by definition, public. If you're encrypting with a private key and decrypting with a public key, that's not safe from prying eyes. All it says: "this data is coming from person X who holds private key X" and anyone can verify that, because the other half of the key is public.

What's to stop someone you don't trust putting public key X on a server you don't trust?

If you want a secure line of communication between two servers, you need to have all of those trusted servers have their own public/private key pairs, we'll say key pair Y for one such server.

Server X can then encrypt a message with private key X and public key Y. This says "server X sent a message that only Y could read, and Y could verify it was from X."

(And that message should contain a short-lived symmetric key, because public key crypto is very time-consuming.)

This is what SSL does. It uses public key crypto to set up a session key.

That being said, use a library. This stuff is easy to screw up.