Products > Security

Stupid questions about Public-key cryptography and QR Code Vaccine Passports

(1/2) > >>

edy:
I have had some fascination with public/private-key cryptography for some time and even managed to generate a key-pair back in 2014 and uploaded my public key to the MIT server (and more recently OpenPGP key server). More recently I've played around with it because of the soon-to-be implementation of QR Codes being introduced in my province to validate vaccination status. I've been trying to wrap my head around how it will be done and even created a test-bed using various PGP apps I've downloaded, but I had some extra questions. I'm sure someone here can answer it.

First, the QR code vaccine status. My understanding is that the Health Ministry in my province will be signing a block of text containing information like your name, health card number, vaccination dates, etc. When I used my PGP software and signed my text block with my private key, I would see the text still in "plain-text" but there would be a signature tagged on afterward. If I modified the text at all, when I tried to authenticate it would show it was tampered with.

So I am assuming our Health Ministry will be issuing us basically a signed block of text using their private key, turned into a QR code. I signed some text with my private key, converted the block into QR codes, then scanned them back to retrieve the text, dumped the text back into PGP and authenticated with my public key and it proved I was the one that signed the original message and that it wasn't tampered with.  :-+

This would be a quick way for people to prove they do not have fake vaccine records, as the information presented at public events/restaurants/etc. would have to be authenticated by a highly publicized Health Ministry public key. And you could only get your vaccine record downloaded and properly signed by government using a private key which supposedly will be highly secured on their servers.

Now, my question is this... I want to ENCRYPT the text block with my PRIVATE key as well so that the plain-text isn't immediately obvious. Encrypting in and of itself would automatically authenticate because anyone who wanted to see my message could only see it if they used my PUBLIC key on it, right? Why do I need to "sign" it and have a signature tagged after my plain-text message? Could I not just encrypt the whole message?

My PGP software gives me the option of using my PRIVATE key to sign but the software also asks for a recipient's PUBLIC key, assuming that I want to only send the message to that specific person (then they use their PRIVATE key to unlock it, and my PUBLIC key to authenticate it came from me). Is this a limitation with the software I'm using? It will let me SIGN stuff but includes the original message in plain-text. When I want to ENCRYPT it will *NOT* allow me to choose any private keys to encrypt it with... only PUBLIC keys are available.

I thought maybe a way to get around this is to have 2 key-pairs... one for signing and one for encryption purposes. So the one used for encryption would use the PUBLIC key to encrypt, but recipients would need the corresponding PRIVATE key to decrypt... meaning I would have in fact reverse roles... I'd keep the encryption PUBLIC key secret and share the encryption PRIVATE key with everyone out there so they could decrypt any messages I generate.

Also, the second key-pair for signing only, I would use as normal to sign the message, so everyone can authenticate the message has not been tampered with by authenticating it using my Signing PUBLIC key (whose PRIVATE counterpart was used to sign the message).

I don't know if this is just a software issue or I'm thinking about this all wrong. But this is all because my software doesn't let me encrypt messages with my private key, it only lets me sign them with my private key and so the message is retained in plain-text. It only gives me the option to encrypt with someone else's public key... which automatically targets the message to them only. And to get around that I have to make another key-pair which essentially pretends everyone "out there", aka "the public", is one person and so I have to share the "private" key with everybody instead, and keep the public key for myself, which seems kind of backwards.

Any help wrapping my head around this would be great. I can post some examples too if needed on my trials and errors playing around with it.

 

madires:

--- Quote from: edy on September 24, 2021, 07:11:29 pm ---Now, my question is this... I want to ENCRYPT the text block with my PRIVATE key as well so that the plain-text isn't immediately obvious. Encrypting in and of itself would automatically authenticate because anyone who wanted to see my message could only see it if they used my PUBLIC key on it, right? Why do I need to "sign" it and have a signature tagged after my plain-text message? Could I not just encrypt the whole message?

--- End quote ---

If you encrypt the text with your key then only you are able to decrypt it, or any other person who has a copy of your private key. But your signature can be verified by using your public key. The idea is to keep the private key private and to publish the public key. The public key is used to encrypt a message to you or to verify your signature (and that your message wasn't altered). The private key is used to decrypt or sign messages. Private and public keys are not two different keys. They are a pair of keys, each key part has its special function. BTW, you can encrypt and sign in any combination.


--- Quote from: edy on September 24, 2021, 07:11:29 pm ---My PGP software gives me the option of using my PRIVATE key to sign but the software also asks for a recipient's PUBLIC key, assuming that I want to only send the message to that specific person (then they use their PRIVATE key to unlock it, and my PUBLIC key to authenticate it came from me). Is this a limitation with the software I'm using? It will let me SIGN stuff but includes the original message in plain-text. When I want to ENCRYPT it will *NOT* allow me to choose any private keys to encrypt it with... only PUBLIC keys are available.

--- End quote ---

If you want to encrypt something for yourself then use your own public key. It's the basic philosophy of asymmetric cryptography.


--- Quote from: edy on September 24, 2021, 07:11:29 pm ---I thought maybe a way to get around this is to have 2 key-pairs... one for signing and one for encryption purposes. So the one used for encryption would use the PUBLIC key to encrypt, but recipients would need the corresponding PRIVATE key to decrypt... meaning I would have in fact reverse roles... I'd keep the encryption PUBLIC key secret and share the encryption PRIVATE key with everyone out there so they could decrypt any messages I generate.

--- End quote ---

No, you just need one key pair. Each part of your key pair has its special purpose. But there are signing keys (key pairs) meant for signing other keys. The idea is that a trusted entity signs your key to let others know that you are the person you claim to be.


--- Quote from: edy on September 24, 2021, 07:11:29 pm ---Also, the second key-pair for signing only, I would use as normal to sign the message, so everyone can authenticate the message has not been tampered with by authenticating it using my Signing PUBLIC key (whose PRIVATE counterpart was used to sign the message).

--- End quote ---

Again, you need just one key pair. You could use two key pairs, one for encryption (for you) and one for signing. But it would confuse other users because they might not know which key is for which purpose - they see two different public keys and aren't any wiser.

thm_w:
If you want to read about how it is implemented in BC there are some comments here:

https://old.reddit.com/r/vancouver/comments/pmzil5/so_how_does_the_vaccine_qr_scanner_work_offline/hcltrrj/?context=3
https://old.reddit.com/r/vancouver/comments/ppgy0i/i_made_a_working_decoder_for_the_information/hd3lrks/

Bud:
When you encrypt, the cyphertext size will depend on how big the plaintext message was. When you sign, the signature size will always have same length, equal the size of the public key.

edy:
Thanks for the Reddit links and explanations. It seems to work as I thought, basically just signed plain text (or in the case of the vaccine a base64 coded block). There will be an app to download and they will be releasing source code to provide transparency to reduce public fears of “Big Brother”. I suspected it would not require a live internet connection so this way as long as the app has the government public key embedded in it to authenticate the signature, something to scan the QR code and decode the base64, I assume it will look for the name field in there and display it for the business owner to match against the ID of the person. Otherwise the app will determine if and how many times you were vaccinated. So all it should display the business owner is a name and a green check mark or red “X”. The name so you can verify the person in front of you is who they claim on the photo ID card, and the green/red basically a pass/reject. No encryption seems to be involved so the info can be easily read once you run it through a base64 decoder. It’s only signed to ensure you don’t generate your own fake QR codes.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version