Asymmetric Encryption
• Asymmetric encryption (also known as Public-Key Encryption) gives us the means to give the sender
and receiver two different keys:
- Public key
- Private key
• To simplify how asymmetric encryption works, we will use names to describe communication:
• Mulder has both a private and public key – he sends Scully his public key.
- The Scully is only allowed to encrypt data using the public key.
- Scully cannot decrypt AND encrypt read her own data – she can’t even read her own data that she
encrypted.
- So, even if someone stole Mulder’s public key, they can only encrypt data – but they can’t read any
data that they might intercept.
• The private key is used by only Mulder.
- Mulder decrypts Scully’s data using his private key.
- Mulder cannot encrypt AND decrypt his own data with just the one key.
- If Mulder wants to read his own encrypted data, he has to decrypt it using the reciprocal key.
- So, even if someone has the private key, they can only read data – but they can’t send data and pose as
the sender.
• For obvious reasons, public keys are “shared” but private keys are kept secret.
- This way, anyone can encrypt data but only those who are intended to read the data are allowed to.
- For this reason, private keys are more important and need to be protected.
• For example, lets say your company has a server room with a special door:
- Every employee has a key that can lock the door.
- However, only authorized employees have a different key that can unlock the same door.
- In this scenario, the key used to unlock the door (the private key) needs to be kept secure more than the
standard key (the public key).
• However, there are two main drawbacks to asymmetric encryption:
1) It is slower than symmetric encryption
2) The actual distribution of the public key is somewhat tricky
• The following are respective solutions to these problems (which we will cover in the following sections):
1) Hybrid/Session key encryption systems
2) Digests, Signatures and Certificates
• Asymmetric encryption (also known as Public-Key Encryption) gives us the means to give the sender
and receiver two different keys:
- Public key
- Private key
• To simplify how asymmetric encryption works, we will use names to describe communication:
• Mulder has both a private and public key – he sends Scully his public key.
- The Scully is only allowed to encrypt data using the public key.
- Scully cannot decrypt AND encrypt read her own data – she can’t even read her own data that she
encrypted.
- So, even if someone stole Mulder’s public key, they can only encrypt data – but they can’t read any
data that they might intercept.
• The private key is used by only Mulder.
- Mulder decrypts Scully’s data using his private key.
- Mulder cannot encrypt AND decrypt his own data with just the one key.
- If Mulder wants to read his own encrypted data, he has to decrypt it using the reciprocal key.
- So, even if someone has the private key, they can only read data – but they can’t send data and pose as
the sender.
• For obvious reasons, public keys are “shared” but private keys are kept secret.
- This way, anyone can encrypt data but only those who are intended to read the data are allowed to.
- For this reason, private keys are more important and need to be protected.
• For example, lets say your company has a server room with a special door:
- Every employee has a key that can lock the door.
- However, only authorized employees have a different key that can unlock the same door.
- In this scenario, the key used to unlock the door (the private key) needs to be kept secure more than the
standard key (the public key).
• However, there are two main drawbacks to asymmetric encryption:
1) It is slower than symmetric encryption
2) The actual distribution of the public key is somewhat tricky
• The following are respective solutions to these problems (which we will cover in the following sections):
1) Hybrid/Session key encryption systems
2) Digests, Signatures and Certificates
Asymmetric Encryption
Table of Contents
Copyright (c) 2008. Intertech, Inc. All Rights Reserved. This information is to be used exclusively as an
online learning aid. Any attempts to copy, reproduce, or use for training is strictly prohibited.
online learning aid. Any attempts to copy, reproduce, or use for training is strictly prohibited.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Courseware
Training Resources
Tutorials