Subject PKCS and RSA keys
Author Jim Starkey
A good time back I said that within the RSA cryptosystem neither the
public nor private keys can be feasibly computed from the other. While
this is correct in theory, it is not true in practive. One of the two
private key formats used by RSA contains redundant information from
which the public key can be trivially computed.

The base RSA crypto system consists of a modulus (public), which is the
product of two or more large primes, and two integers. Cleartext is
represented as an integer. The message is encrypted by raising it to
the power on one integer and dividing by the modulus. The remainder is
the cryptotext. Cryptotext is decrypted by raising it to the power of
the other integer and dividing by the modulus. The remainder is the
cleartext. Note that the operation is symmetrical, and each integers
can decrypt a message encrypted by the other.

It isn't quite this simple in practice, however, since an official RSA
encryption requires that the clear text be encoded with a random number
and secure hash before encryption and decoded after decryption. But the
process is still symmetric if the short form of keys are used.

If, however, you encrypt with a public key thinking that an embedded but
retrievable secret key is going to be secure, you are going to be sorely

Sorry about this misinformation.


Jim Starkey
Netfrastructure, Inc.
978 526-1376