Return to Answer

	4	Formatting, spelling and grammar source \| link	edit approved Jul 14 at 20:51 Jedi 2,149730
inline side-by-side side-by-side markdown There are some reasons that we should not use the same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if. If we use the same key for encryption and signing, the attacker can use this for to decrypt our encrypted message, this is what he/she should do: Attacker The attacker must choose a random number r (r must have GDC(N`r`, r) = 1 where `r` must have `GDC(N, r) = 1`, N is and `N` is the number use used for creating private and public key (N = pq)`N = pq`) then he Then the attacker chooses a new message (`m′ = m^e.r^e` ((e,n) is public key ) and send sends this message (m′) for signing to the sender, when: `m′ = m^e.r^e` ....(here `(e,n)` is the public key) When the sender sign m′ we signs `m′` we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then attacket Now the attacker only need needs to multiply "divide" it by r^-1 to `r` to get m `m` (the secret message). There are some reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = pq)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then attacket only need to multiply it by r^-1 to get m (the secret message). There are some reasons that we should not use the same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important. If we use the same key for encryption and signing, the attacker can use this to decrypt our encrypted message, this is what he/she should do: The attacker must choose a random number `r`, where `r` must have `GDC(N, r) = 1`, and `N` is the number used for creating private and public key (`N = pq`) Then the attacker chooses a new message (`m′` ) and sends this for signing to the sender: `m′ = m^e.r^e` ....(here `(e,n)` is the public key) When the sender signs `m′` we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` Now the attacker only needs to "divide" it by `r` to get `m` (the secret message).

	3	added 15 characters in body source \| link	edited Jul 14 at 19:21 Am1rr3zA 1,10721014
inline side-by-side side-by-side markdown There are some reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = pq)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then we just attacket only need to multiply it to by r^-1 to get m (secretthe secret message). There are some reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = pq)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then we just to multiply it to r^-1 to get m (secret message). There are some reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = p*q)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then attacket only need to multiply it by r^-1 to get m (the secret message).

	2	edited body source \| link	edited Jul 14 at 18:28 Am1rr3zA 1,10721014
inline side-by-side side-by-side markdown We have There are some reason reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, maybe later we want to decrypt some old encrypted message messages but we don't need to backup out our secret key for signing. if If attacker find finds the key we can tell CA and put make it in as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = pq)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then we just to multiply it to r^-1 to get m (secret message). We have some reason that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, maybe later we want to decrypt some old encrypted message but we don't need to backup out secret key for signing. if attacker find the key we can tell CA and put it in expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = pq)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then we just to multiply it to r^-1 to get m (secret message). There are some reasons that we should not use same key for encryption and signing. 1- We need to backup our secret key for encrypted data, later we want to decrypt some old encrypted messages but we don't need to backup our secret key for signing. If attacker finds the key we can tell CA and make it as expired key and get new secret key for signing without need of backup. 2- The second reason is more important, if we use same key for encryption and signing attacker can use this for decrypt our encrypted message, this is what he should do: Attacker must choose random number r (r must have GDC(N, r) = 1, N is the number use for creating private and public key (N = p*q)) then he chooses new message `m′ = m^e.r^e` ((e,n) is public key) and send this message (m′) for signing to sender, when sender sign m′ we get `m′^d ≡ (m^e.r^e)^d ≡ m.r (mod N)` then we just to multiply it to r^-1 to get m (secret message).

	1	source \| link	answered Jan 22 '11 at 22:51 Am1rr3zA 1,10721014

Technology			Life / Arts	Culture / Recreation	Science	Other
Stack Overflow Server Fault Super User Web Applications Ask Ubuntu Webmasters Game Development TeX - LaTeX	Programmers Unix & Linux Ask Different (Apple) WordPress Development Geographic Information Systems Electrical Engineering Android Enthusiasts Information Security	Database Administrators Drupal Answers SharePoint User Experience Mathematica Salesforce ExpressionEngine® Answers more (13)	Photography Science Fiction & Fantasy Graphic Design Movies & TV Seasoned Advice (cooking) Home Improvement Personal Finance & Money Academia more (9)	English Language & Usage Skeptics Mi Yodeya (Judaism) Travel Christianity Arqade (gaming) Bicycles Role-playing Games more (21)	Mathematics Cross Validated (stats) Theoretical Computer Science Physics MathOverflow Chemistry Biology more (5)	Stack Apps Meta Stack Exchange Area 51 Stack Overflow Careers

site design / logo © 2016 Stack Exchange Inc; user contributions licensed under cc by-sa 3.0 with attribution required

rev 2016.8.18.3903

Information Security Stack Exchange works best with JavaScript enabled