LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-31-2006, 06:17 AM   #1
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Rep: Reputation: 31
public key encryption


Hi,
Although Im googling on this topic but I thought it would be wise of me to post this question on the forum too..

I wanted to know.

Can I encrypt a document using my public key, and then send this public key over my intranet to the respective users so that they can decrypt my document using my public key...

in short words..I want a

one to many relationship..


Thanks

Danish
 
Old 07-31-2006, 06:41 AM   #2
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Rep: Reputation: 18
When you encrypt a file, you use the public key if your intended recipient. He will have to use his pivate (secret) key to decrypt your message. If you want to encrypt a document for multiple recipients, you have to encrypt it with each one's personal public key.

On Linux systems, you usually use gpg. Just visit www.Gnupg.org for Howtos and FAQs.

Have fun,

Lotharster
 
Old 07-31-2006, 07:43 AM   #3
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Yes...What u said is absolutely correct...and I knew about that too..Ive been using GnuPG for that. But my boss came up to me and suggested that it would be easier for the users in my LAN to just have my public key so that when I encrypt a document ( such as a doc with passwds) with my public key, the users are able to decrypt the document with the my public which I would be giving to them..

Is it possible..

Danish
 
Old 07-31-2006, 07:57 AM   #4
raskin
Senior Member
 
Registered: Sep 2005
Location: France
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900

Rep: Reputation: 69
By the way, to make confusion less:
Your public key is known to everyone. At least theoretically. Practically you should assume it is known to all enemies and to friends whom you have given it. So if you do something with your public key, it can be done by everyone. If something is intended to be decrypted with your public key, it can be simply rot13 with nearly the same effect.. If you do something with your secret key, it can be proof that only you could do it. So your secret key can be intended to sign something or decrypt a message to you. Or maybe it can be shared secret key between two parties to communicate. Your public key can be used to encrypt message to you or verify your signature - in both cases it can be done by anyone.

Maybe you want to have a shared private key, which you will personally hand to every recipient. After that any of you will be able to encrypt with common public key, and only people sharing decryption key will be able to read message - but it will not be public key.. For details read man gpg...
 
Old 07-31-2006, 07:58 AM   #5
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Don't you mean that you want to encrypt with your private key and they will decript with the public key? Otherwise it sounds like you are describing symetric encryption
 
Old 07-31-2006, 08:36 AM   #6
raskin
Senior Member
 
Registered: Sep 2005
Location: France
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900

Rep: Reputation: 69
Nearly symmetric. Private key is shared among trusted parties and is used for decryption, public key is really public and is used for encryption. It doesn't complicate things too much (relatively to symmetric encryption), but it will not need readjusting when someone will want to get encrypted messages from untrusted parties that can be read only by members of trusted intranet (holding keys).
 
Old 07-31-2006, 08:46 AM   #7
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Yes, Raskin what you say does make sense. Does Gnu Privacy assistant under GPL provide the Nearly Symmetric encryption that you are talking about..

Raskin, could you please give me advise as to how to go about it...

But, just to satisfy my boss,s thirst :-(, can the encryption take place according to what I had said earlier because I had clarified from him and he wants it that way.

Sometime's, I just don't understand my boss.


Danish
 
Old 07-31-2006, 09:38 AM   #8
raskin
Senior Member
 
Registered: Sep 2005
Location: France
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900

Rep: Reputation: 69
I guess steps are following:
1. Read man gpg.
2. Create keyrings for every user.
3. 'gpg --editkey' for one user.
4. Generate new key - either symmetric or asymmetric (note: I hope you will implement everything. Consider not telling boss you use asymmetric-capable scheme. If you do not distribute public key (and guard it instead..), difference is very little).
5. export new key.
6. Import the key for every user.
7. Write scripts to encode/decode using this generated key or configure their clients they will use.
8. Force users to change passwords for keyrings.
 
Old 08-01-2006, 02:48 AM   #9
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by raskin
I guess steps are following:
1. Read man gpg.
2. Create keyrings for every user.
3. 'gpg --editkey' for one user.
4. Generate new key - either symmetric or asymmetric (note: I hope you will implement everything. Consider not telling boss you use asymmetric-capable scheme. If you do not distribute public key (and guard it instead..), difference is very little).
5. export new key.
6. Import the key for every user.
7. Write scripts to encode/decode using this generated key or configure their clients they will use.
8. Force users to change passwords for keyrings.

Thanks a lot..i will get back to u if required ASAP


Danish
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
USB key encryption carcassonne Linux - Hardware 1 07-22-2006 09:55 PM
public key not available? buwaleed Debian 4 01-04-2006 05:52 PM
GPG Data, Secret Key but no Public Key? Aeiri Linux - Software 5 07-20-2004 07:00 PM
Encryption - Public Keys - How secure? mymojo Linux - Security 8 10-21-2003 09:09 AM
RSA public key encryption/private key decription koningshoed Linux - Security 1 08-08-2002 08:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration