this post was submitted on 11 Apr 2025
217 points (95.8% liked)

Programmer Humor

22354 readers
2832 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
217
me when i find out i can use ssh to sign my git commits (lemmings.world)
submitted 3 days ago by [email protected] to c/[email protected]
35 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 days ago (1 children)

Mathematically, signing is encryption using the private key. That's how the algorithm works. The input to the function is irrelevant.

[–] [email protected] 0 points 3 days ago* (last edited 3 days ago) (1 children)

Mathematically, they're not even close to the same. How you could ever assert such an indefensibly and empirically incorrect statement is beyond my reasoning skills to understand.

PKC Key signing uses hashing algorithms like RSA, ElGamal, DSA, and ECDSA to create one way cryptographic hashes for given input data. The singular purpose of these signatures is to verify the integrity of data. Not to protect the data in any way whatsoever or to be reversed into clear text; again, the hash is one way.

PKC encryption uses encryption algorithms like AES, Blowfish, Twofish, PGP, and Diffie-Hellman to create reversible cipher text. The difference being, the cipher text of an encryption process can be reversed and represents the data itself.

All of this is clearly outlined in the RFC: https://www.ietf.org/rfc/rfc4880.txt

[–] [email protected] 3 points 2 days ago

I know it because I've actually implemented RSA as an exercise and know how it works.

What you're talking about with hashes is an implementation detail. It's an important one, because using exactly the same algorithm for signing and encryption has some security pitfalls, and it will usually be slower. However, the function you call is exactly the same. The hash is encrypted with the private key. It can be verified by generating the same hash, decrypting with the public key, and matching the two hashes.

See also: https://cryptobook.nakov.com/digital-signatures/rsa-signatures

Signing a message msg with the private key exponent d:

  • Calculate the message hash: h = hash(msg)
  • Encrypt h to calculate the signature: s = h^d^ (mod n)

The operation "h^d^ (mod n)" is just RSA encryption, but with the private key.