Silk Road forums
Discussion => Newbie discussion => Topic started by: fargo55 on February 18, 2013, 04:57 am
-
It seems basic, but no one ever mentions this in instructions: I encrypt my address, or whatever, using the seller's public key - Fine... but that is done using my own private key also. Nowhere have I read that I must supply my private or public key, with the order. How can the the seller read my info without me inputting my own key along with the order message/address? Should I supply my public key where paste my encrypted address in the order? Doesn't this compromise the security of the process??
-
They give you a public key that only they have the password(or private key) to unlock. You give them your public key and they do the same and you unlock it with your own. I've yet to be sent a message back to decrypt but anyone I've sent messages to didn't seem confused.
-
its the same as having a conversation on here except only you two have the keys to the mass of random shit
-
OK... but are you saying that I also MUST include my public key in the address block, where I post my encrypted address??
What if I just encrypt using the seller's public key....Can they decrypt my address???
-
ya you have to give them yours also
-
If you encrypt it with just their public key, only they can read it. If you encrypt it with both then you can go back and reread it if needed. Yes, you need to send them your public key, it doesn't matter who gets hold of it but you should have a fake name and email in the details of your key as anyone can see that.
If you don't give them your public key they can't encrypt a message back to you.
-
Thanks much for that answer -- just what I needed to know..... I've read a dozen sets of instructions... all about encryption and making orders. Yet no one has said that you also must include your own public key with your order. I think Silk Road should have a special place for that, along with the block that says "type your address...."
-
Nowhere have I read that I must supply my private or public key, with the order.
Because you shouldn't supply your private key anywhere ever.
Yet no one has said that you also must include your own public key with your order.
Because you don't have to. When you encrypt a message, only the public keys selected can read the message. You can send a message to someone if you know their public key; they can read it no problem without ever knowing yours. If you want them to encrypt a message to you, then yes, they must know your public key.
Personally, I always provide my main public key with my address, but I encrypt that entire message to 1) the vendor and 2) a once-use keyset of my own. That way if I really need to decrypt the address/message at later date for whatever reason (order dispute, to see if I ordered the right strain mix of weed or whatever if they send me the wrong stuff), I can, but if the order goes well, I just delete it and then I can never read that message ever again. If somehow LE were to get my main public and private key and also the message with every order I've ever placed, they still wouldn't be able to decrypt anything (and neither would I).
Good luck. Stay safe. Protect yourself.
-
Personally, I always provide my main public key with my address, but I encrypt that entire message to 1) the vendor and 2) a once-use keyset of my own. If somehow LE were to get my main public and private key and also the message with every order I've ever placed, they still wouldn't be able to decrypt anything (and neither would I).
Good idea, I never thought of doing that before.