After the public key in RSA is known to a third party, the third party uses the public key to encrypt the data; for example: A wants to write a letter to B: 1. B sends the public key to A 2. A gets the public key to encrypt the content of the letter , send the content to B 3. B decrypts it with the private key after getting A’s letter. Then the question comes: Question 1: When B gives A the public key, it is known by the third party C, can C also write to B?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
The public key itself is public and can be known by anyone. The ciphertext encrypted by the public key can only be decrypted by the private key. Even the encrypted party cannot use the public key to decrypt the ciphertext, so no one who gets the public key can decrypt it.
If you want to talk about the issue of authentication, that is, C can pretend to be B and write to A, this involves the issue of authentication.
Public key, as the name suggests, is something you are not afraid of showing to others
Confusing data encryption with authentication.
The public key obtained by C is only used for data encryption.
In order for C to be able to successfully send data to B, it must pass B’s identity authentication level.
B’s identity authentication for C has nothing to do with B’s public key.