Public-key cryptography

Public-key cryptography, also called asymmetric cryptography, is a communication where people send messages that can only be read by those who have the key.

In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the private key being kept secret.

A Metaphor

This kind of cryptography is like two magical paper shredders. Each can shred messages that the only the other can unshred.

Explanation

In public key cryptography, each user has a pair of cryptographic keys, which are long strings of random data. One of the keys is public, and can be shared with anyone, even bad actors. One of the keys is private, and must be kept secret. Information encrypted with the public key can be decrypted with the private key, and vice versa.

Incoming messages are encrypted with the recipient's public key and can only be decrypted with their corresponding private key. The keys are related mathematically, but it is nearly impossible to get a private key from a public key.

The two main branches of public key cryptography are:

• Public key encryption: a message encrypted with a recipient's public key cannot be decrypted except by the recipient private key. This is used to ensure secrecy.
• Digital signatures: a message signed with a sender's private key can be verified by anyone who has the sender's public key. So if the sender signed the message no one can alter it. This is used to ensure authenticity.

They are often used together on the same message.

Related pages

• Symmetric-key algorithm
• RSA algorithm