How does public key encryption work?


Public Key Cryptography Explained: What Is It? Public key infrastructure (PKI) is used khổng lồ manage identity and security in mạng internet communications. The core technology enabling PKI is public key cryptography, an encryption mechanism that relies upon the use of two related keys, a public key và a private key. These two keys are used together lớn encrypt và decrypt a message. Pairing two cryptographic keys in this manner is also known as asymmetric cryptography. Public key cryptography uses cryptographic algorithms khổng lồ protect identities & data from unauthorized access or use, guarding against attacks from cybercriminals & other malicious actors.

Bạn đang xem: How does public key encryption work?

How Public Key Cryptography Works

The public key is comprised of a string of random numbers và can be used to encrypt a message, which only the intended recipient can decipher & read by using the associated private key, which is also made of a long string of random numbers. This private key is a secret key, and must remain known only to the recipient. The key pair is mathematically related so that whatever is encrypted with a public or private key can only be decrypted by its corresponding counterpart.

The Benefits of Public Key Cryptography

The primary benefit of public key cryptography is increased data and identity security at scale. What makes the process secure is that the private key is kept secret by its owner, & no one is ever required to lớn reveal or giới thiệu a private key.

While it may seem counterintuitive, using a key pair consisting of two private keys for encrypting and decrypting sensitive information is not more secure than asymmetric cryptography. Using symmetric key algorithms, with two private keys, requires that both parties in the communication have access to the secret keys, increasing the risk as both now need to keep the secret. Additionally, symmetric key algorithms cannot easily scale as it is nearly impossible to coordinate the vast number of connections necessary to privately tóm tắt all necessary combinations of private keys.

The public key cryptography architecture is so scalable that it is able to lớn secure billions of messages exchanged daily by organizations over their own networks & across the internet. What enables this is that public keys can be distributed widely and openly without malicious actors being able khổng lồ discover the private key required to lớn decrypt the message.

The Difference Between Public Keys & Private Keys

In public key cryptography, an encryption key (which could be the public or private key) is used khổng lồ encrypt a plain text message and convert it into an encoded format known as cipher text. Then the other key is used as a decryption key to decrypt this cipher text so that the recipient can read the original message. In short, the main difference between a public key vs private key is that one encrypts while the other decrypts.


Note that this encryption & decryption happens automatically & is invisible lớn the user.

How the Public Key Works

What is a public key? The public key is published for all the world to see. Public keys are created using a complex asymmetric algorithm lớn pair them with an associated private key. The most common algorithms used to lớn generate public keys are:

Rivest–Shamir–Adleman (RSA)Elliptic curve cryptography (ECC)Digital signature algorithm (DSA)

These algorithms use various computation methods to generate random numeric combinations of varying length so that they cannot be exploited with a brute force attack. The key size or bit length of public keys determines the strength of protection. For example, 2048-bit RSA keys are often employed in SSL certificates, digital signatures, and other digital certificates. This key length offers sufficient cryptographic security to keep hackers from cracking the algorithm. Standards organizations like the CA/Browser diễn đàn define baseline requirements for supported key sizes.

How the Private Key Works

What is a private key? Unlike the publicly accessible public key, the private key is a secret key known only by its owner, with the private key và public key paired such that the recipient can use the corresponding key to lớn decrypt the cipher text và read the original message. Private keys are generated using the same algorithms that create public keys to create strong keys that are bonded mathematically.

Xem thêm: Hướng Dẫn Cách Nạp Tiền Vào Ví Shopee Để Mua Hàng Không Cần Tiền Mặt

Using Public Key Pairs to Ensure Both Security & Identity

One of the chất lượng advantages of asymmetric encryption using public key pairs is the ability khổng lồ ensure both the security of encrypted messages & the identity of the sender. When looking khổng lồ ensure security of messages, the sender looks up the recipient"s public key and uses it to encrypt the message. The message can be transmitted openly over the Internet, và since only the recipient can decrypt the message with the appropriate private key, secure transmission is ensured.

But the order of using the key pairs can flip khổng lồ ensure the identity of the sender. If a sender uses a private key lớn encrypt a message, the recipient can use the sender"s public key to lớn decrypt and read it. Since anyone can decrypt the message with the sender"s public key, the message transmission is not necessarily secure, but since the private key is known only khổng lồ the sender, the message is guaranteed khổng lồ have come from that machine.


Common Applications of Public Key Cryptography

Many protocols rely on asymmetric cryptography, and there are many applications of the technology, including Web server security, digital signatures và document signing, & digital identities.

Web server Security

Public key cryptography is the basis for the secure sockets layer (SSL) & transport layer security (TLS) protocols that are the foundation of HTTPS secure browser connections. Without SSL certificates or TLS to establish secure connections, cybercriminals could exploit the internet or other IP networks using a variety of attack vectors, such as man-in-the-middle attacks, khổng lồ intercept messages & access their contents. Public key cryptography serves as a sort of digital fingerprint verification to lớn authenticate the recipient’s & sender’s identities and can thwart man-in-the-middle attacks.

Digital Signatures & Document Signing

In addition khổng lồ being used to encrypt messages, key pairs can be used for digital signatures & document signing. Public key cryptography uses the sender"s private key to verify a digital identity. This cryptographic verification mathematically binds the signature khổng lồ the original message to lớn ensures that it has not been altered.

Digital Identities

Public key and private key pairs also provide effective identity authentication. As data and applications expand beyond traditional networks to mobile devices, public clouds, private clouds, & Internet of Things devices, securing identities becomes more important than ever. And digital identities don"t have lớn be restricted to devices; they can also be used khổng lồ authenticate people, data, or applications. Digital identity certificates using asymmetric cryptography enable organizations to lớn improve security by replacing passwords, which attackers have become increasingly adept at stealing.

Other applications of public key cryptography include S/MIME certificates, which validate e-mail senders & encrypt e-mail contents lớn protect against spear fishing attacks & SSH keys to control employee access khổng lồ servers.

The Role of Certificate Authorities in Public Key Cryptography

A critical component enabling public key cryptography is a trusted agent khổng lồ publish the public keys associated with individuals" private keys. Without this trusted authority, it would be impossible for senders to lớn know they are in fact using the correct public key associated with the recipient"s private key, and not the key of a malicious actor intending to lớn intercept sensitive information & use it for nefarious purposes.

Xem thêm: 5 Cách Đầu Tư Tiền Nhàn Rỗi Hiệu Quả ? Đầu Tư Vào Đâu Sinh Lời Hiệu Quả

These trusted agents are known as certificate authorities (CAs). Trusted, third-party organizations like act as private certificate authorities, but many enterprises và technology providers also choose khổng lồ act as their own CAs. Either way, the certificate authority must be trusted to check and vouch for the identity of all senders whose public keys they publish, ensure that those public keys are indeed associated with the private keys of the senders, và safeguard the levels of information security within their own organization to lớn guard against malicious attack.