Why would you use something like PGP if you have to send your encryption key unencrypted to the party you are sending to? And if you leave this key out on something like Twitter for example, couldn’t law enforcement or a third party if they gained access to the other persons email still read the contents of the encrypted email by using this key? Doesn’t this defeate the purpose of using encryption?
In: Technology
No. Asymmetric, AKA public/private key, encryption isn’t compromised by sharing your public key. Asymmetric encryption uses two different keys to encrypt and decrypt messages. The public key (which you share) is for encrypting messages to you. The private key (which you don’t share) is the only way to decrypt messages. Your public key won’t work for decrypting messages, so nobody intercepting a message can read it.
In order to have a PGP encrypted conversation with somebody, you need to exchange public keys, so that you can each encrypt a message for the other person. But only the person with the correct private key can decrypt it.
Latest Answers