Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

I did not understand the DKIM key validation process

byMR
May 27, 2022

I am trying to understand how does the DKIM key validation work.
The steps that I am sure that I understood are:

1- The sender will send a message to a reciver through MUA (e.g. gmail) and it will go to the sender mail server (SMTP/MTA server).

2- Sernder mail server already generated public and private keys before this happen.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

3- The private key is seved secretly in the sender mail server.

4- The public key is already published in the DNS record in the name server as TXT resource record.

5- Sender mail server will use some hash-algorithm methods to generate hashe value for specific mail header fields for example: (From: To: Subject) which for example will be hashed to: Abcd. They call it a "Key_Signing".

6- Sender mail server will encrypt this signed key using the private key!

*** Now before i continue, how the sender mail server will encrypt this hashed value using the private key?? As per I understand that the private key in asymmetric encryption is for decryption not for encryption!!

  • Ok ,let’s continue:-)

7- The receiver mail server (POP3 or IMAP) will receive the message and validate.

8- DKIM key validation done by trying to decrypt the encrypted DKIM key (hashed value).

9- The receiver mail server needs the sender mail server’s public key to decrypt the encrypted DKIM key to fetch the DKIM hashed value.

** How the receiver mail server will decrypt the encrypted DKIM key via the sender mail server public key??? Public key is for encryption not for decryption!!.

10- When the receiver mail server decrypt the encrypted DKIM key it will gain the DKIM key which is nothing but the hashe value for some email headers. In my example it is:Abcd.

11- Receiver mail server will use the same hash method to hash the same email headers and if the it get the exactly similar hsh value, it will accept the email and forward it to the receiver inbox folder.

Please guys, correct me if I am wrong and clarify how the public key are used to decrypt the DKIM key and how the private key is used to encrypt it while the asymmetric mantra says:

"Private key is for decryption and public key is for encryption".

I went through many websites and all of them did not clarify this process step by step in very clear details.

>Solution :

Your understanding is mistaken. Both private and public keys can be used for both encryption and decryption.

The essential property is that a message encrypted with a private key can only be decrypted with the public key, and vice versa.

byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading