I understand that:
1. A pair public/private key is used
2. Public key can be shared publicly, but private one is never shared
3. Something encrypted with the private key can only be decrypted with the respective public key and vice-and-versa
4. Private key can be used to confirm authenticity of the message
The thing I don’t understand is how it allows a secure communication between to parties, since anyone with the public key can decrypt at least one side of the communication (i.e. the messages encrypted with the private key).
In: Technology
When it comes to asymmetric encryption you need two things to happen for it to work. You need to be able to encrypt a message AND make sure the message comes from the correct person.
Each person has two keys for the encryption. A private key and a public key. They are complimentary of one another. This means that you can use a public key to decrypt a private key and a private key to decrypt a public key.
For asymmetric encryption to work everyone needs to know each others public key and no one can know someone’s private key.
When it comes to sending an encrypted message you first need to pass the message through the recipients public key and then through your private key. This means that on the other end they can use your public key and then the private key to make sure the message received comes from you and only you and that only they can decrypt the message as only they have their private key.
Now the way this encryption method is commonly done is by using the RSA algorithm. This method uses two LARGE prime numbers as the keys. The private key is the two numbers. Whilst the public key is the two numbers multiplied together. The RSA method is typically only used for the initial contact. This is due to the RSA algorithm becoming very very slow when you send a large message.
Latest Answers