Unable to understand PKI concept in Hyperledger Fabric?

Question

I am just starting Hyperledger Fabric. I was reading about PKI concept in Hyperledger fabric.I am reading form this link

Below is the diagram they explain Marry uses her private key to sign the document. But in general its is explain in this link

that public key is used for encryption.

So which key is used for encryption ?

Answer 1

There are various aspects to Asymmetric Cryptography. A confidential message can be encrypted and disseminated over the network in various ways. Let's assume there are two participants in the network - A and B, each of them have registered themselves with a certificate authority and have obtained their crypto pair - a public key and a private key. Now, if A wants to send a message to B, he has two options

1. encrypt the message M using his private key and send. Now, if B has access to A's public key over the network, he will be able to decrypt the message. Now, assuming A's public key is generally available over the consortium network, people other than B also will have access to A's public key. Now, does this compromise the message integrity? Well, no. This is because the encryption is a function of the private key as well as the message, so people having the right access can decrypt and see the message but will not be able to tamper it unless A's private key is compromised.
2. Another way in which A can send message to B, is by encrypting it with B's public key. Now, this message can only be decrypted only by B and whoever B chooses to share his private key with in a secure manner. Here, again the encryption will be a function of B's public key and the message - that said the integrity of message can be assured.

Hyperledger Fabric follows the first method - the messages are encrypted by sender's private key and recipient's access to the sender's public key or to the message per say is managed by by consortium/organization's membership, access control rules and channel policies.