Any information you store in the clients and that is propagated by the clients to the rest of the network can easily be changed.

Moreover, any signature that are sent over a public network where everybody could read it, are easily spoofed. - Don't forget, that the source of many gnutella clients is open to everyone. If you know the algorithm to decrypt a signature, you can easily reverse it (reversing an encryption algorithm can mean a lot more work).

Taliban: of course "decrypting" a signature is easy to do: that's how you verify that the signature is authentic! What's important is that an attacker cannot forge a user's signature. This is only feasible if the attacker gains access to the user's private key, which is stored on the user's local machine. Without that key, forging a signature is computationally very difficult. It doesn't matter whether the attacker knows the source code -- the private key is the only thing that must be kept secret.

Whatever you can decrypt, you can also encrypt.

Your idea of one key only being able to decrypt something will not work. Current cryptographic programs work about this way:

There's key A and key B, you only need key A to encrypt but key A and key B to decrypt. So if you can decrypt something, you'll have both keys and therefore you'll be able to encrypt it also.

There is no crypto-algorithm that works the other way round.

"Data scrambled with Bob's private key can only be unscrambled with Bob's public key."

- PKI for Dummies: http://www.nwfusion.com/news/64452_05-17-1999.html

You're right, I forgot it's possible for RSA when you have a very short message.

Not just short messages.


If I encrypt, say, my database with my public key, only i could use it. This is where key management comes in.

I get my friends private key. Via AIM, email, secret meeting, whatever

I can then encrypt to it during export.

But why need to encrypt anything? (my method of local databases, anyway. But I'm not sure I like that. (convenience issues).

Taliban, I'm referring to standard public key cryptosystems. Each user has a private key (stored locally, so only they know it) and a public key that everyone can know about. A user signs a message using his private key. Other users can check the signature with the user's public key. There is no need for any user to ever reveal their private key to anyone.

In RSA, signatures are typically implemented by encrypting a hash of the signed file with the user's private key. To verify a signature, other users decrypt the signature block and check that it matches the hash of the signed file.

Note that actually encrypting data (such as mail messages in PGP) simply reverses this process. A sender encrypts his message with the receipient's public key. The recipient decrypts the message with her private key.

Note that in both cases, the security-sensitive operation (signing and decrypting) is done using the private key, which is never revealed to anyone.