1

Is there a way to produce two keys in string format, that are dependent on each other?

  1. Master key (to decrypt data)
  2. Slave key (dependent on the Master key, can only decrypt data)
Improve this question
3
  • 1
    Yes, it's called "asymmetric encryption" although the "slave" key - public key here - can only encrypt and not decrypt. For decryption you use the private key. en.wikipedia.org/wiki/Public-key_cryptography Commented Nov 22, 2017 at 10:40
  • 2
    @jeroen public key [...] can only encrypt and not decrypt is not exactly right: both keys can encrypt and decrypt, but one cay can only decrypt what has been encrypted with the other key. Commented Nov 22, 2017 at 11:16
  • @MatteoTassinari That is not always true, see for example cs.stackexchange.com/questions/59675/… Commented Nov 22, 2017 at 11:19

2 Answers 2

Reset to default
4

Nothing like a code story to explain the concept ;p

Here is an example where alice sends an encrypted message to bob using only bobs public key, bob then responds with an encrypted message using only alices public key.

In both cases their own private keys are used to decrypt the messages. 

<?php

// define an example, our people, messages and their keys
$people = [
    'alice' => [
        'keys' => gen_keys(),
        'msg' => 'Hi Bob, I\'m sending you a private message'
    ],    
    'bob' => [
        'keys' => gen_keys(),
        'msg' => 'Thanks Alice, message received'
    ]  
];

//
$encrypted = $decrypted = [
    'alice' => '',
    'bob'   => ''
];

// public keys get exchanged, not private

// alice encrypts her message to bob
$encrypted['bob'] = encrypt(
    $people['alice']['msg'],         // message to encrypt
    $people['bob']['keys']['public'] // bobs public key, which he sent to alice
);

// message sent to bob

// bob decrypts his message
$decrypted['bob'] = decrypt(
    $encrypted['bob'],                // message to decrypt
    $people['bob']['keys']['private'] // bob's private key, which he uses to decrypt the message
);

// bob now responds

// bob encrypts his message to alice
$encrypted['alice'] = encrypt(
    $people['bob']['msg'],             // message to encrypt
    $people['alice']['keys']['public'] // alice public key, which she sent to bob
);

// alice decrypts her message
$decrypted['alice'] = decrypt(
    $encrypted['alice'],                // message to decrypt
    $people['alice']['keys']['private'] // alice's private key, which she uses to decrypt the message
);

//
print_r($decrypted);

/*
Array
(
    [alice] => Thanks Alice, message received
    [bob] => Hi Bob, I'm sending you a private message
)
*/

/**
 * Functions - wraps for openssl operations
 */
// generate public and private key pair
function gen_keys() {
    $res = openssl_pkey_new(array('private_key_bits' => 2048));

    /* Extract the private key */
    openssl_pkey_export($res, $privateKey);

    /* Extract the public key */
    $publicKey = openssl_pkey_get_details($res);

    return ['public' => $publicKey["key"], 'private' => $privateKey];
}

// encrypt using public key
function encrypt($msg, $key) {
    $ret = '';
    openssl_public_encrypt(
        $msg, // message to encrypt
        $ret, // &encrypted message
        $key  // public key
    );
    return $ret;
}

// decrypts using private key
function decrypt($msg, $key) {
    $ret = '';
    openssl_private_decrypt(
        $msg, // message to decrypt
        $ret, // &decrypted message
        $key  // private key
    );
    return $ret;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

:) sooo embarrassing!!! im always getting that word wrong its my nemesis!!
1

Yes, it's called Asymmetric Cryptography. Data is encrypted by using public key and then the private key is used to decrypt the data. This is used in many places e.g. in blockchains, payment portals etc.

You can find some helpful algorithms and theories here for understanding: https://www.tutorialspoint.com/cryptography/public_key_encryption.htm

In PHP, you can use - openssl_encrypt() & openssl_decrypt() - to get the similar result or - base64_encode() & base64_decode() or you can mix both to get a more secured solution.

One simple example can be:

function my_simple_crypt( $string, $action = 'e' ) {
    // you may change these values to your own
    $secret_key = 'my_simple_secret_key';
    $secret_iv = 'my_simple_secret_iv';

    $output = false;
    $encrypt_method = "AES-256-CBC";
    $key = hash( 'sha256', $secret_key );
    $iv = substr( hash( 'sha256', $secret_iv ), 0, 16 );

    if( $action == 'e' ) {
        $output = base64_encode( openssl_encrypt( $string, $encrypt_method, $key, 0, $iv ) );
    }
    else if( $action == 'd' ){
        $output = openssl_decrypt( base64_decode( $string ), $encrypt_method, $key, 0, $iv );
    }

    return $output;
}

To encrypt:

$encrypted = my_simple_crypt( 'Hello World!', 'e' );

To decrypt:

$decrypted = my_simple_crypt( 'Hello World!', 'd' );

Source: https://nazmulahsan.me/simple-two-way-function-encrypt-decrypt-string/

Improve this answer

2 Comments

Hi, thx for the answer! However that is not exactly what I want. I am looking for a method is to have the public key created out of the private key. Even more, the public key needs to be able to unencrypt the content only, not encrypt. My idea is to have two PCs. Still one PC has the private key and is able to generate public keys, which can be used for other PCs to only decrypt the content.
The public key actually is not allowed to encrypt at all

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.