Public-Key Encryption
What is Encryption?
Encryption refers to any method of hiding the contents of a secret message by converting it
into gibberish, thus rendering it unreadable to anyone other than the intended recipient. To
convert the gibberish, or ciphertext, back into the original message, or plaintext, the rec
requires a certain password, or key. Encryption, or cryptography more generally, has been
used in various forms for thousands of years. Itcan be as simple as those cheap, plastic
decoder rings that are sometimes used in promotional campaigns, but modern cryptography
relies heavily on computers and math.
What is Public-Key Encryption?
Traditionally, sending an encrypted message requires the sender and the recipient to agree
on a key beforehand, which they use to both encrypt and decrypt the message. This is called
symmetric encryption. The problem with symmetric encryption is that if you want to send
someone a secret message, you need to send them the key first. If anyone were to intercept
your key, there would be nothing stopping them from reading your message. Public-key
encryption, also known as asymmetric encryption,
attempts to solve this problem. Bob
Public-key encryption uses two keys instead of
one: a private key and a public key, which are
both large numbers. If you want people to be able e's
to send you secret messages, you distribute your public key
Public key to anyone you like. You put it out in the
open for everyone to use. You keep your private
key a secret. Anyone can encrypt a message
using your public key and send it to you, but only
your private key can decrypt that message, and
only you have your private key. This way, you
don’t need to worry about finding a secure way to
give someone a secret key.
private key
Image from Wikimedia Commons,
Davidgothberg
How Does Public Key Encryption Work?
Public-key encryption typically relies on the fact that, using modern technology, it is
extremely inefficient to factor very large numbers into primes. A private/public key pair is
generated by a function that takes two large prime numbers as input. The product of the two
primes is a component of both keys. If someone had your public key and knew the primes thatwent into it, they would be able to figure out your private key. However, if your public key is
large enough, it could take a supercomputer years to factor out the primes. This makes it next
to impossible to derive someone's private key from their public key.
Who Uses Public-Key Encryption?
Your browser has probably already been using public-key encryption without your realizing it.
For example, when you type “https” at the beginning of a URL, you're using something called
TLS (Transport Layer Security). When you first connect to a website over TLS, your browser
uses the website's public key to encrypt a random secret key. Your browser and the website
then use the secret key to communicate via symmetric encryption, which is somewhat more
secure than public-key encryption (once both parties have the key), as well as being faster to
encrypt and decrypt.