I am sorry but my mind suddenly goes blank for this question....
EDIT (Scenario)
If I want information to bypass simple filters like f-ck, is it OK to encrypt the information with public key, and sign by private key?
The public key may have already exchanged by both sides, and it is even hard to get the public key.
EDIT 2
The information itself may not that much credential.
The point of encryption and signature is for bypassing and integrity.
RSA is two algorithms: one for asymmetric encryption and one for signatures. It so happens that both algorithms can use the same private key structure (this is a source of confusion: many documentations, including the RSA standard, try to explain the signature as "an encryption with the private key", which is, at best, inaccurate).
Using the same key for both usages is possible, but not really recommended, because interactions between both kind of usages have not been fully explored; also, keys for encryption and keys for signatures usually have different life cycles with distinct protection mechanisms (for instance, you normally want to keep a backup of the private key for encryption, to prevent data loss: losing the private key means losing all data which has been encrypted with that key; while you do not want a backup of the signature key).
Your scenario is a bit unclear. Asymmetric encryption uses the public key, while generating the signature uses the private key. If A wants to send a message to B with encryption (for confidentiality) and a signature (for integrity), then A will encrypt the data with a public key for which B knows the private key; and A will sign the data with a private key for which B knows the public key. This calls for two pairs of key: one pair is used for encryption and decryption (A encrypts, B decrypts, B knows the private key), and the other pair is used for signatures (A signs, B verifies, A knows the private key). If both A and B know the private key, then they have a shared secret, and it is much simpler (and faster) to use symmetric encryption (AES) and integrity checks (HMAC).
Standard disclaimer: you look like you are designing your own cryptographic protocol. Do not do this. This road leads to the same security failures that countless other smart people have stumbled upon. Use a tried-and-proven protocol such as SSL/TLS or OpenPGP.
Yes:
- encryption: you encrypt with public key, decrypt with private (obviously)
- signing: you encrypt the content digest (hash) with private key, verify with public
来源:https://stackoverflow.com/questions/5421107/can-rsa-be-both-used-as-encryption-and-signature