How Does Public Key Encryption Works

March 13th, 2014 by Rossy Guide

Introduction

Public key :

Public-key refers to a cryptographic mechanism. It has been named public-key to differentiate it from the traditional and more intuitive cryptographic mechanism known as: symmetric-key, shared secret, secret-key and also called private-key. Symmetric-key cryptography is a mechanism by which the same key is used for both encrypting and decrypting. In traditional environments, encrypted information is sent between parties that use the same key to encoding and decoding information. This is called symmetric encryption. Public-key on the other hand, introduces another concept involving key pairs: one for encrypting, the other for decrypting.

Public-key is commonly used to identify a cryptographic method that uses an asymmetric-key pair: a public-key and a private-key. Public-key encryption uses that key pair for encryption and decryption. The public-key is made public and is distributed widely and freely. The private-key is never distributed and must be kept secret.

Public key encryption :

Public-key encryption, in which a message is encrypted with a recipient’s public key. The message cannot be decrypted by anyone who does not possess the matching private key, who is thus presumed to be the owner of that key and the person associated with the public key. This is used in an attempt to ensure confidentiality.

 

SSL and TLS

A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the “http” in the address line is replaced with “https,” and you should see a small padlock in the status bar at the bottom of the browser window. When you’re accessing sensitive information, such as an online bank account or a payment transfer service like PayPal or Google Checkout, chances are you’ll see this type of format change and know your information will most likely pass along securely.  TLS and its predecessor SSL make significant use of certificate authorities.

 

Authentication

Authentication in a digital setting is a process whereby the receiver of a digital message can be confident of the identity of the sender and/or the integrity of the message. Authentication protocols can be based on either conventional secret-key cryptosystems like DES or on public-key systems like RSA; authentication in public-key systems uses digital signatures. It allows the recipient of information to determine its origin-that is, to confirm the sender’s identity. Public key authentication is an alternative means of identifying yourself to a login server, instead of typing a password. It is more secure and more flexible, but more difficult to set up.  Symmetric key and public key encryption are used, often in conjunction, to provide a variety of security functions for network and information security.

Comments are closed.