Why would you use something like PGP if you have to send your encryption key unencrypted to the party you are sending to? And if you leave this key out on something like Twitter for example, couldn’t law enforcement or a third party if they gained access to the other persons email still read the contents of the encrypted email by using this key? Doesn’t this defeate the purpose of using encryption?
In: Technology
PGP uses a key *pair*. A private key and a public key. The private key you keep to yourself, and should *never* be shared with anyone. There is nothing special about the public key, and can be shared with anyone and everyone without affecting security…so long as you maintain sole control of the private key.
Think of it like this. You have 100 friends, and your birthday is coming up. You want all 100 of your friends to be able to send you gifts, but you don’t trust all your friends, so you want to be sure only *you* can open and receive the gifts.
You go out and you buy 100 identical padlocks and 1 master key for those padlocks. This is a magical master key…it can open all 100 of those padlocks, there isn’t another like it in existence, and it cannot be duplicated.
You can now send those 100 padlocks to your 100 friends. And you can give them instructions. “I look forward to having you at my party. Please use the enclosed padlock to secure your gift to me”
Then, when you receive their gift, you, and *only you* can unlock that lock, because you have the only key in existence that opens that lock.
Padlocks = public key
Magical Master Key = private key
Latest Answers