Public-Key Encryption What is Encryption? Encryption refers to any method of hiding the contents of a secret message by converting it into gibberish, thus rendering it unreadable to anyone other than the intended recipient. To convert the gibberish, or ciphertext, back into the original message, or plaintext, the rec requires a certain password, or key. Encryption, or cryptography more generally, has been used in various forms for thousands of years. Itcan be as simple as those cheap, plastic decoder rings that are sometimes used in promotional campaigns, but modern cryptography relies heavily on computers and math. What is Public-Key Encryption? Traditionally, sending an encrypted message requires the sender and the recipient to agree on a key beforehand, which they use to both encrypt and decrypt the message. This is called symmetric encryption. The problem with symmetric encryption is that if you want to send someone a secret message, you need to send them the key first. If anyone were to intercept your key, there would be nothing stopping them from reading your message. Public-key encryption, also known as asymmetric encryption, attempts to solve this problem. Bob Public-key encryption uses two keys instead of one: a private key and a public key, which are both large numbers. If you want people to be able e's to send you secret messages, you distribute your public key Public key to anyone you like. You put it out in the open for everyone to use. You keep your private key a secret. Anyone can encrypt a message using your public key and send it to you, but only your private key can decrypt that message, and only you have your private key. This way, you don’t need to worry about finding a secure way to give someone a secret key. private key Image from Wikimedia Commons, Davidgothberg How Does Public Key Encryption Work? Public-key encryption typically relies on the fact that, using modern technology, it is extremely inefficient to factor very large numbers into primes. A private/public key pair is generated by a function that takes two large prime numbers as input. The product of the two primes is a component of both keys. If someone had your public key and knew the primes thatwent into it, they would be able to figure out your private key. However, if your public key is large enough, it could take a supercomputer years to factor out the primes. This makes it next to impossible to derive someone's private key from their public key. Who Uses Public-Key Encryption? Your browser has probably already been using public-key encryption without your realizing it. For example, when you type “https” at the beginning of a URL, you're using something called TLS (Transport Layer Security). When you first connect to a website over TLS, your browser uses the website's public key to encrypt a random secret key. Your browser and the website then use the secret key to communicate via symmetric encryption, which is somewhat more secure than public-key encryption (once both parties have the key), as well as being faster to encrypt and decrypt.