Penguin
Note: You are viewing an old revision of this page. View the current version.

Also known as public key Cryptography, public key encrypton was introduced by Diffie and Hellman in 1976, and popularised by the RSA algorithm two years later.

Each person has a pair of keys, called the PublicKey and the PrivateKey. Each person's public key is published while the private key is kept secret. Data can be encrypted using the intended recipient's public key and then can only be decrypted using their private key.

The need for sender and receiver to share secret information (keys) via some secure channel is eliminated: all communications involve only public keys, and no private key is ever transmitted or shared.

The system is successful because

  1. PKE is computationally difficult to decode.
  2. PKE does not require a secure channel to send the key; the key is, in fact, public.
  3. PKE can be used as a basis of a personal (digital) signature so that the sender may always be identified.

If you encrypt something with the public key then it can be only decrypted with the private key, and vice versa. Given the public key, you can't deduce the private key, and usually vice versa (although not always). Thus you publish you public key to the world, and everyone can send you encrypted email. (See GPG).

You can "sign" a document by taking a CryptographicHash of the document, and encrypting that with your private key. Everyone can calculate the hash, and then decrypt the version you gave and verify that they are the same (the document hasn't been modified) and they know that it came from you (since you are the only one that has your private key).

You can then sign other peoples' key to say that you verify that it is them. A collection of such signatures is called a WebOfTrust.

See also PublicKeyAuthentication.


Part of CategoryCryptography