Kenneth Goldman/Watson/IBM@IBMUS wrote on 11/20/2013 10:37:04 AM: > > Encrypt with a private key for integrity purposes: this shows that the > > data that was encrypted corresponds to the owner of the key. > > Encrypt with a public key for confidentiality purposes: this shows that > > the data can only be received by the owner of the key.
A koan of sorts that I've always liked concerns a policeman counseling a pedestrian on crossing a street. It does not matter if there is no traffic if the light is not green. It does not matter if the light is green if there is traffic. That is, you can't cross just because things are clear -- I'll still ticket you if you step off the curb on a red light. On the other hand, if you step off the curb into oncoming traffic, the green light won't prevent broken bones. > > I think in this case the trick would be to encrypt a cryptographically > > sound hash of the source code. > > While you're mathematically correct, common English usage would call the > private key operation on a hash to be a signing operation, not encryption. Well, I think the common technical usage is that this is a signing operation on the document, performed by encryption of the hash. But the "Encrypt with..." couplet is far more poetic. --woody Disclaimer: my phd is indeed in mathematics, although in combinatorial graph theory, and has no direct relationship to cryptography or amusing applications of the law of excluded middle. -- Dr. Robert "Woody" GBS Cybersecurity & Weaver Privacy IT Security Architect Cell: 301-524-8138 -- Whom computers would destroy, they must first drive mad.
