Digital Certificate Operation in a Complex Environment
navigation search
search query:

PKI Primer and Project Background

8.2.2. Asymmetric key encryption

Asymmetric encryption was invented independently by academic cryptographers at Stanford University in the USA (in the 1970s) and by military cryptographers at Britain's GCHQ (probably in the 1960s). It is the basis of public key encryption, although a 'public' key is not strictly necessary. Information is encrypted by using one key of a pair and can only be decrypted using the other key.

This is like the equivalent of having a code-sheet (as in the previous example) but you would be able to hand out your code-sheet without worrying about the bad guys seeing it. You could even pin it to the supermarket notice board. If anyone wanted to send you a secret message, they can encrypt some information using your 'public' key, but no-one else could de-crypt it. No-one can de-crypt a message using the same (public) key. Only the private key can be used to de-crypt the message.

NOTE: Keys occur in pairs, with usually one private (i.e. kept secret). Something that is encrypted with a public key can only be decrypted with the private key. The reverse is also true: something encrypted using a private key can only be decrypted using the public key.

So, you've received a message from Alice who used your public key that was pinned up in public. (Actually, you don't have to keep the key in public - it just doesn't matter where you keep it!). When you receive Alice's unintelligible message, you de-crypt her message using your private key. Now that key is really private and should be kept top secret. Therefore, two keys have been used: one to encrypt and another to de-crypt.

However, you can't send Alice a message back unless you know her public key.

But let's assume that Alice has sent you a message using your public key. She could also send you an encrypted message to you that included a symmetric key. That would then allow you and her to communicate (more easily - as it needs less processor time) using symmetric encryption!

Up: Contents Previous: 8.2.1. Symmetric key encryption

Oxford University Computing Services Mimas Athens access management services Oxfore e-Science Centre Systems and Electronic Resources Service Joint Information Systems Committee