Unlike ‘secret-key encryption’, ‘public key encryption’ has two keys that are mathematically related. These key pairs can be used either to provide privacy or authentication. As the name suggests, the secret-key is kept a closely guarded secret by the owner and the public-key is freely circulated. This technique is referred to as RSA (Rivet, Shamir, Adolman of MIT) that is very secure and the algorithm make it expensive to implement. The used of the keys and their role in encryption/decryption is best explained with an example.
‘A’ and ‘B’ wish to communicate with each other such that the communication is private and authentic. ‘A’ generates a secret and a public-key pair from a seed number. ‘B’ similarly generates its key pair using another seed number. ‘A’ provides his public key to ‘B’ and receives ‘B’s public key. The secret keys are kept a closely guarded secret by both ‘A’ and ‘B’. ‘A’ can send a private message to ‘b’ by encrypting the message using ‘B’s public key. This can only be decrypted by ‘B’ using his own secret key. This ensures that only ‘B’ can decrypt the message, but does not guarantee that ‘ A’ has sent it.
To authenticate the message source as ‘A’, he can encrypt the message using this secret key. This can be decrypted by ‘b’ using ‘A’s public key. This mechanism ensures that the message originates from ‘A’ but can be decrypted by anyone who has ‘A’s secret key.
To make the communication between A and B authentic and private, ‘A’ first encrypts the message using his secret key and further encrypts it using ‘B’s public key. ‘B’ first decrypts the message using his secret key and then further decrypts it using ‘A’ public key.
Since public key is comparatively slow to use and require a lot of processing, they can cause significant delays in encryption and decryption.
When public key is being used for authentication, it is undesirable to encrypt the complete message, particularly if it is long. Digital signatures come to the rescue.
Contact us for Free web Design Demo