When we talk about crypto-something, we need to talk about Alice and Bob acting as actors in the example section. I hope you don’t get bored with them as I will use them as examples too. Here, Alice and Bob will use RSA for the asymmetric key, SHA256 for hash function, OAEP for encrypt/decrypt, PSS for sign/verify, and Base64 for the encoding.
Alice wants to send Bob an important message securely and
Alice doesn't want anybody to read that message except Bob. It might be a love confession, a nuclear code, or perhaps just private spam. Due to their close relationship, Alice and Bob have exchanged their public keys, so romantic, isn’t it? So Alice thought of creating a small Go program to create encrypted messages to send to Bob and
encrypt the message with Bob's public key.
Alice’s encrypted message looks like this:
When Bob receives the encrypted message from Alice, Bob wants to read it immediately. So Bob created a program to
decrypt the message with his private key.
And finally, Bob was able to read Alice’s message. Because
Bob keeps his private key to himself, People can't decrypt Alice's message including me, so I can’t show the plain message to you in this blog post. Sorry guys.
After receiving the message from Alice, Bob was very happy. Bob wants to reply to Alice’s message. But Bob forgot where to put Alice’s public key. Bob thought of announcing a reply where everyone would know how happy he was after receiving Alice’s message. But the problem is, how can
Bob ensure that the reply isn't modified by others and can be ensured that Bob who announces the reply. Bob starts creating a Go program to
sign the message with his private key so everyone who has Bob's public key can verify that the reply is announced by Bob including Alice.
Bob’s reply looks like this:
Bob’s signature looks like this:
Alice who read the announcement
wants to make sure that the message isn't modified and sent by Bob. So Alice
verified the message using the signature and Bob's public key.
And it’s verified that Bob announced the reply!
To be summarized,
Encrypt is the method you want to use when
you don't want anyone to read the message except the recipient while
Sign is the method you want to use when
you want to make sure the message hasn't been changed and it can be verified that only you who sent it
You can read the whole Golang code here:
Thank you for reading!