Verifying an encrypted message?

[BlackHatCoiner]

Is it possible to get the public key by only having the encrypted message? I want to somehow verify that the unencrypted message can only be read from the person that has the given public key. The algorithm I'm talking about is ECIES and an example of an encrypted message is:

Code:

QklFMQKz5dc3hpCY5qRDHi0WUIJd45ejY2hDQWn8DlZJMQXxWhTjuBWXS5wJE7oj3fWMYp8Y1Yw+Ty0HbFUwW3V2rBKu+nVRa/IctNQl+Jp7Wmdvbg==

"Locked" on this public key:

Code:

02d124037a06126960644eaf515113b0bd69ca9f93d93f01f223b864e50f530b9a

In other words, is it possible to somehow derive the public key given only the encrypted message?

[1713560066]

1713560066

[1713560066]

1713560066

[1713560066]

1713560066

[Coding Enthusiast]

Is it possible to get the public key by only having the encrypted message?

Since ECIES uses a symmetric encryption algorithm (AES) I don't think there is any way to derive the user's public key. The result contains the encrypted message from AES and the public key of the ephemeral key used to derive the encryption key. Neither could be used to derive the user's pubkey.

[NotATether]

Although the public key is passed to a KDF to make the cipher, you cannot extract the public key from it. This is why both the public key and the cipher have to be transmitted together in an encryption handshake.

The fact that it's passed through a KDF precludes any kind of extraction, since c is a ciphertext and the KDF result is used as the key for the encryption function E.

[BlackHatCoiner]

Since ECIES uses a symmetric encryption algorithm (AES)

How can it use a symmetric encryption algorithm? The message can only be decrypted by x where g^x is the public key, but by no other keys. Only by the receiver's. On symmetric encryption (AES) both private keys can decrypt it. You, also, had included EciesTests.cs on the Asymmetric/KeyPairs directory back when you were implementing ECIES on Autarkysoft.Bitcoin.

Although the public key is passed to a KDF to make the cipher, you cannot extract the public key from it. This is why both the public key and the cipher have to be transmitted together in an encryption handshake.

Question:  Can you extract it by having the encrypted and the unencrypted message?

[fxsniper]

I don't know about signature mush, can I ask some question for know more

my question

encrypted message not store on blockchain right

bitcoin message signature not store on bitcoin network right

I understand correct or not?
verify message is one way method?

just method proof  by give message and code to check
because code generate from private key

viewer must have 3 thing
1. know IP
2. know message
3. know signature key

signature key mad from private key
 
What difference encrypt message and sign/verify message?

[BlackHatCoiner]

encrypted message not store on blockchain right

On bitcoin, you never have to encrypt a message to transact so no, there is no encrypted message stored on the blockchain.

bitcoin message signature not store on bitcoin network right

Of course and it's stored. How will you prove that you own your keys? Your transaction must be included in a block along with the signature to provide a proof that you signed it when you broadcasted it.

viewer must have 3 thing
1. know IP
2. know message
3. know signature key

Why should one know the IP? What difference does it make?

What difference encrypt message and sign/verify message?

Are you asking what is the difference of those two? Because I can't fully understand your english. Signing a message means that you can give anyone your public key, the message and a signature to prove that you signed it. To do that you'll need the private key of that public key. In order for someone to verify it he/she needs the public key, the message and the signature.

If you encrypt a message, on asymmetric encryption, only the person that you've "locked" the message can "unlock" it and read it.

[NotATether]

Since ECIES uses a symmetric encryption algorithm (AES)

How can it use a symmetric encryption algorithm? The message can only be decrypted by x where g^x is the public key, but by no other keys. Only by the receiver's. On symmetric encryption (AES) both private keys can decrypt it. You, also, had included EciesTests.cs on the Asymmetric/KeyPairs directory back when you were implementing ECIES on

I think you're missing something here. AES encryption function takes (message, key) arguments and outputs encrypted text. On the other hand, the AES decryption function takes (encrypted_text, key) arguments that returns the message.

No other key can decrypt it, except for the one that was passed to the encryption function. Same for ECIES, which is what makes it symmetric also.

Although the public key is passed to a KDF to make the cipher, you cannot extract the public key from it. This is why both the public key and the cipher have to be transmitted together in an encryption handshake.

Question:  Can you extract it by having the encrypted and the unencrypted message?

No you can't, because the unencrypted text has no useful info inside so this reduces to your first question of extracting the public key from the encrypted cipher (text).

And it's not possible to combine these somehow to get the public key because one is generated from each other using each of these two functions, but both also depend on the public key being passed as a second argument to them.

encrypted message not store on blockchain right

bitcoin message signature not store on bitcoin network right

AFAIK bitcoin doesn't encrypt transaction data, only signs parts of it and it gets put on the blockchain.

What difference encrypt message and sign/verify message?

Encryption is two-way and is used to "hide" information from adversaries while signing uses a private key to create a signature which is associated  to the public key and is used to prove various kinds of information.

Example: bitcoin signed messages you see on the forum that really came from that user (assuming their private key was not compromised).

[fxsniper]

Thank you both  BlackHatCoiner and NotATether

help  me know more and some I miss understand

I never try use  Verifying an encrypted message before

Do encrypted message and signature have cost?

need do transaction or not?
if free will be try to use it one for education.

[BlackHatCoiner]

I never try use  Verifying an encrypted message before

This is my fault when I wrote the topic's title. There isn't such thing as encrypted message verification, so don't be confused. You verify only if there's a message, a public key and a signature. You decrypt only if there's the private key and the encrypted message.

You should differ signing/verifying and encrypting/decrypting.

In order to sign you need:

• Your private key.
• A message.

In order to verify you need:

• Someone's public key. (The one's that has signed the message)
• The message.
• The signature.

In order to encrypt you need:

• Someone's public key.
• The message.

In order to decrypt you need:

• Your private key. (You will have given your public key to someone)
• The encrypted message.

By "verifying" an encrypted message I meant if I can find out what's the public key of an encrypted message. It seems that I can't extract it somehow.

[Coding Enthusiast]

Since ECIES uses a symmetric encryption algorithm (AES)

How can it use a symmetric encryption algorithm? The message can only be decrypted by x where g^x is the public key, but by no other keys. Only by the receiver's. On symmetric encryption (AES) both private keys can decrypt it. You, also, had included EciesTests.cs on the Asymmetric/KeyPairs directory back when you were implementing ECIES on Autarkysoft.Bitcoin.

ECIES is basically combining 2 things: symmetric encryption and asymmetric key exchange.

In order to encrypt/decrypt a message using a symmetric algorithm like AES you need a key (like a password) this means when A wants to send an encrypted message to B it has to also send the "password" alongside it. Obviously that is hard and unsafe so this is where asymmetric cryptography part (Elliptic Curve) comes in. A has to use a key (password) that B can also reproduce on its own but nobody else can.

In this process we have 3 public keys:
1. Ephemeral public key chosen by A and is published with the encrypted message, lets call the key pair (d_e,Q_e) where d is private key and Q the public key.
2. B's public key (d_B,Q_B) and it is not published but may be known.
3. Result of (d_eQ_B) which is the encryption key and can be equally computed using (d_BQ_e) which is obviously not published but can be calculated by both A and B but nobody else.

You see none of these have anything to do with the message which is why they can't be computed using the message or encrypted message.
And as far as the EC part goes even if you had both public keys that A and B have (#1 and #2) you can never compute the third public key (#3 ie the encryption key).

[NotATether]

In order to encrypt/decrypt a message using a symmetric algorithm like AES you need a key (like a password) this means when A wants to send an encrypted message to B it has to also send the "password" alongside it. Obviously that is hard and unsafe so this is where asymmetric cryptography part (Elliptic Curve) comes in. A has to use a key (password) that B can also reproduce on its own but nobody else can.

In theory one would use Diffie-Hellman key exchange to make a shared private key that's only known to the two parties while using it to send encrypted information instead of using using AES for that, or ECIES (which is even less used than AES)