Derive new public keys from a public key?

0 0

As others have noted, if you have a RSA CRT KEY, then you can extract the public key from that. However it is actually not possible to retrieve a public key from a pure private key.

The reason for that is easy: When generating RSA keys, there is actually no difference between the private and the public key. One is choosen to be private, the remaining one is public then.

So if you could compute the public key from a pure private key, you could by Definition compute the private key from the public key...

If you have both, you can actually easily test if they match:

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) privateKey; return rsaPublicKey.getModulus().equals( rsaPrivateKey.getModulus() ) && BigInteger.valueOf( 2 ).modPow( rsaPublicKey.getPublicExponent().multiply( rsaPrivateKey.getPrivateExponent() ) .subtract( BigInteger.ONE ), rsaPublicKey.getModulus() ).equals( BigInteger.ONE...
0 0
0 0

I've found the answer on Serverfault: Create a public SSH key from the private key?

The option -y outputs the public key:

ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/

As a side note, the comment of the public key is lost. I've had a site which required the comment (Launchpad?), so you need to edit ~/.ssh/ and append a comment to the first line with a space between the comment and key data. An example public key is shown truncated below.

ssh-rsa AAAA..../VqDjtS5 ubuntu@ubuntu

For keys that were added to the SSH Agent (a program that runs in the background and avoids the need for re-entering the keyfile passphrase over and over again), you can use the ssh-add -L command to list the public keys for keys that were added to the agent (via ssh-add -l). This is useful when the SSH key is stored on a smartcard (and access to the private key file is not...

0 0

Wallets are containers for private keys, usually implemented as structured files or simple databases. Another method for making keys is deterministic key generation. Here you derive each new private key, using a one-way hash function from a previous private key, linking them in a sequence. As long as you can re-create that sequence, you only need the first key (known as a seed or master key) to generate them all. In this section we will examine the different methods of key generation and the wallet structures that are built around them.

Nondeterministic (Random) Wallets

In the first bitcoin clients, wallets were simply collections of randomly generated private keys. This type of wallet is called a Type-0 nondeterministic wallet. For example, the Bitcoin Core client pregenerates 100 random private keys when first started and generates more keys as needed, using each key only once. This type of wallet is nicknamed "Just a Bunch Of Keys," or JBOK, and such wallets are...

0 0

Before you can use public key cryptography, other people must have a copy of your public key. To send your key to correspondents or to a keyserver, you must export the key.

To export your key, so you can display it on a webpage or paste it in email, type the following command:

You do not see any output, because not only did you export your public key, you redirected the output to a file called, for example, mykey.asc. (Without the addition of > mykey.asc, the key would have been displayed as the standard output on the monitor screen.)

Now, the file mykey.asc can be inserted into email or exported to a keyserver. To see the key, type less mykey.asc to open the file in a pager (type [q] to quit the pager). It should look like the following:

B.5.1. Exporting to a Keyserver

If you are only writing to a few correspondents, you can export your public key and send it to them personally. If you correspond with many people, however, distribution...

0 0

This utility can be used to replace either a public key token or variable in a file with a public key token derived from a strong name assembly key (.snk) file.

This utility might be useful when a developer is writing a script that uses the BTSTask Command-Line Reference to deploy an assembly. For the deployment to succeed, the fully qualified name of the assembly must be provided, which includes its public key token. The public key token for an assembly is extracted from an .snk file and assigned to the assembly when it is built. Before the assembly is deployed into a new environment, however, it is often rebuilt using a different public key token. As a result, the developer may not know what public key token will be used for the assembly when the deployment script is run.

There are two ways that you can use the Replace Public Key Token utility to address this situation:

Scenario 1. In the deployment script, the developer can use either a public key token or a...

0 0
Public keys

increase the level of security in authenticating users and allow the use of authentication options like smart cards and other physical devices.

All of these functions rely on management and processing of

public keys


ZixCorp's patented secure transmission system simplifies the exchange of

public keys

and certificates by retrieving a recipient's

public key

from an external key server in real time just before the message is sent so that no prior key exchange is necessary and the complication of a certificate revocation list (CRL) is avoided.

SecureTier(TM) locates and delivers

public keys

from anywhere in the world to anywhere in the world within milliseconds.

SynCrypt's standards-based key management easily integrates with certificate authority solutions, which link the identity of individual key holders to their

public keys

in notarized digital certificates.

This issue is easily addressed by a...

0 0

The existence of public key cryptography was first postulated in print in the fall of 1975 by Whitfield Diffie and Martin Hellman. The two researchers, then at Stanford University, wrote a paper in which they presupposed the existence of an encryption technique in which information encrypted with one key (the public key) could be decrypted by a second, apparently unrelated key (the private key). Robert Merkle, then a graduate student at Berkeley, had similar ideas at the same time, but because of the vagaries of the academic publication process, Merkle's papers were not published until the underlying principles and mathematics of the Diffie-Hellman algorithm were widely known.

Since that time, a variety of public key encryption systems have been developed. Unfortunately, there have been significantly fewer developments in public key algorithms than in symmetric key algorithms. The reason has to do with how these algorithms are created. Good symmetric key algorithms simply...

0 0
Using public keys for SSH authentication

Previous | Contents | Index | Next

8.1 Public key authentication - an introduction

Public key authentication is an alternative means of identifying yourself to a login server, instead of typing a password. It is more secure and more flexible, but more difficult to set up.

In conventional password authentication, you prove you are who you claim to be by proving that you know the correct password. The only way to prove you know the password is to tell the server what you think the password is. This means that if the server has been hacked, or spoofed (see section 2.2), an attacker can learn your password.

Public key authentication solves this problem. You generate a key pair, consisting of a public key (which everybody is allowed to know) and a private key (which you keep secret and do not give to anybody). The private key is able to generate signatures. A signature created using your private key cannot be forged...

0 0
0 0

"Recovering" Public Keys in OpenSSH

ssh-keygen -y does not actually recover the public key, but just reads it from the private key, where it is always attached if stored in OpenSSH format.

"Recovering" Public Keys in OpenPGP

Similar for OpenPGP: if exported in an OpenPGP-compliant way, the private key will always contain the public key - import it on a computer you own and trust, and export the public key afterwards. With GnuPG, do something like:

gpg --import [private-key-file] gpg --export [key-id]

gpg --export will by default only export the public key.

Where the Public Key Also Might be Found

If you shared the public key, chances are high you either find it on public key servers (eg., or some friend of you has it on his computer (where he can easily gpg --export...

0 0
TITLE: Public key authentication with ssh

This LinuxAnswer describes how to set up public key authentication with ssh{1}.
It will include all sub components like scp too.
I will refer to the client machine{2} as the "client" and the server machine{3} as "server"

1) You know how to open up a terminal and type a few basic commands.
2) You have a working ssh server and client installed. If not then see:

Why would you want to?
There are many reasons so I'll just list a few:
1) You don't need to type your password each time you want to login to a remote system. This can protect against malicious applications such as keyloggers
2) You can run automated maintenance tasks/checks on other machines.
3) You can run secure backups over ssh using rsync. See LinuxAnswer Using rsync to mirror data between servers

The real howto
1) Create the...

0 0
0 0

Public Key vs Private Key

Cryptography is the study of hiding information, and it is used when communicating over an untrusted medium such as internet, where information needs to be protected from other third parties. Encryption uses an algorithm called a cipher to encrypt data and it can be decrypted only using a special key. Encrypted information is known as ciphertext and the process of obtaining the original information (plaintext) from the ciphertext is known as decryption. One of the two widely used encryption methods is Public Key Encryption (other being the Symmetric Key Encryption). Specialty of public key encryption is that two different but mathematically related keys called public key and private key are used (as opposed to symmetric key encryption, which uses the same private key for encryption and decryption).

Public key encryption encrypts data using the recipient’s public key and it cannot be decrypted without using a matching private key. In...

0 0