Using RSA encryption, should I use the same certificate to sign and encrypt a message?

Question

Using RSA encryption, should I use the same certificate to sign and encrypt a message?

If I want to sign and encrypt a message using an X509 certificate, is there any reason not to use the same certificate for encryption and signing?

Update: Looking back, I think this should be the most wavy question I have ever asked. Sorry.

+5

encryption rsa signing

Daniel Allen Langdon May 20, '10 at 18:02

source share

2 answers

The sender uses his private key to sign the message. The message is encrypted with the recipient's public key. The certificate contains a public key. Presumably, the sender’s public key (corresponding to the sender’s private key used to sign the message) is also presented in the certificate.

( ) . ( ) .

, , . , ( ), ( , , , .. ). , ( , , , ). : ( / /) , ?

, RSA RSA , ( ) "RSA-". , .

, , . - , , . "" ( , , ...). , , , , . , , - . , . - , ( ). .

+5

Thomas Pornin 21 '10 15:21

James k polk · Accepted Answer · 2010-05-21T01:17:17+0000

The X509 certificate contains a public key. For encryption, you use the recipient’s public key, supposedly obtained from your certificate. To subscribe, you use your private key, presumably from a secure vault. The recipient verifies the signature using your public key, presumably from your certificate. These are the basics.

Using RSA encryption, should I use the same certificate to sign and encrypt a message?

More articles: