I’m reading the doc on PKI and I’m confused, it says:
Suppose person A wishes to send a message M to person B.
We equip person A with a key-pair consisting of a private key
Kpriv and a public key Kpub, the latter of which is publicly
available for person B to use. It is in the interests of both
parties for person B to be able to ensure that the message M
was definitely sent by person A and to detect if it has been
changed during its transmission. To facilitate this, person A
can hash the message M and then decrypt it using their private
key; the result of these operations is called the digital signature
of the message M. Person A then sends both M and its digital
signature to person B. To check that the message M has arrived
intact and unchanged, person B does three things: firstly, he
encrypts the digital signature using person A’s public key to
recover the hash of message M; secondly, person B hashes
the message he received. Finally, person B compares these two
hashes - if they differ, either the message M or its signature has
been altered. If the hashes are the same, the message received
by person B is cryptographically guaranteed to be the piece
of data to which the signature refers, and therefore it is the
message M which person A sent.
Are decrypt and encrypt reversed, or do I not get what they mean?
EDIT: I understand now, this link helped me understand why it seems mixed up.
For the curious:
(Crypto gurus, correct me if I’m wrong)
Both the public and the private key can be used to scramble data, but you can only call this process “encryption” when it’s done using the public key. Understand that the function you use to scramble the data is the same. The only difference between a private and a public key is that you decided to share one and keep the other for yourself, it could be either of them.
So since they are the same and use the same method to scramble the data why can’t you say you are encrypting with the private key? The reason is in the definition of the word “encryption”. When you encrypt something it means that you scramble the data and that only a secret key can decrypt it. So when you scramble with a public key, only the private key can descramble it, the private key is a secret so it matches the definition. But when you scramble with a private key, it’s the public key that is required to descramble it, but since the public key is not a secret, it doesn’t fit the definition of “encryption”.
So what do you call the process of scrambling data with a private key? In the text, they use decrypt, which confused me. Another term you can use is “to sign”. And the term you use to descrambled data with a public is “to verify”. Because the reason you would use a private key to scramble data is to prove to someone that you are the owner of the private key matching the public key. You are, signing, and they are verifying.
The more you know.