Hacker News new | past | comments | ask | show | jobs | submit login

> Usually, the keys are entirely symmetrical. You just name one public and the other private.

Nice try, General Alexander. :P

In DSA, the public key is (p,q,g,y) and the private key is (p,q,g,x). The public "y" is computed directly from the private key using the formula: y = g^x mod p. Thus, anyone who has the private key can compute the public key.

In RSA, the public key is (n,e) and the private key is (n,d). They're not interchangeable because of two speedups that we use:

1. Small public exponents. Most of the time, e is either 65537, 5, or 3. This speeds up encryption and signature verification, but also means you can trivially guess the public key.

2. CRT exponentiation. The private key is actually (n,d,p), where p is one of the prime factors of n. This speeds up decryption and signature verification, but recall that the security of RSA is based upon the difficulty of factoring n.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: