What is Public Key Encryption And Why Does It Matter?
Public key encryption is one of the most used security technologies on the internet. In this post, we provide an overview of what private key encryption is, how it works and why it’s important.
How does encryption work?
When using encryption, the message being sent is combined with a key in the encryption algorithm. This key can be thought of as providing the settings that the algorithm uses, and is generally viewed as a seemingly random string of characters. In the early days, these encryption algorithms would use the same key for encrypting the message and decrypting it (known as symmetric key encryption). These keys would need to be exchanged between both parties planning on using the encryption before they could encrypt any messages to each other. The issue with this method was that it was very important to ensure that the key was transferred between both parties securely to ensure it wasn’t compromised. This was often done with a face-to-face meeting or through a trusted third party to ensure the key was not intercepted.
Public Key Encryption
Public key encryption was designed to solve the problem of having to securely share the keys for symmetric key encryption techniques. The concept concerned using two different keys when using the encryption, one to encrypt the message and another to decrypt it. These keys are referred to as public and private. The encryption algorithm is used to create a matching pair of public and private keys prior to communication taking place. The public key has that name as it should be possible to share the key publicly without any reduction to the security of the encrypted messages.
On the other hand, it is very important that the private key is kept secret and isn’t shared with anyone. However, the keys have different uses: the public key is used to encrypt messages destined for the owner of the private key, these encrypted messages can only be decrypted by using the private key. The private key can be used to create a signature for a message. This signature can be verified using the public key to prove that it came from the owner of the private key. It provides no security for the message. It would still be in plain text, but does verify the authenticity of the message.
Meeting in the middle
To communicate securely the two parties can share their public keys with each other, after which further communication can be continued securely by encrypting in either direction. One downside to this system is that when communicating with someone remotely there is no method to guarantee the authenticity that they are who they claim to be, so other systems may be required for that. Another downside to public key encryption is that the encryption methods used are generally computationally expensive to use when compared to symmetric key encryption. To speed things up, many systems use public key encryption for an initial handshake to set up communication during which they will negotiate an alternative symmetric key encryption method and share a key that they will then use for further encrypted communications.
Public key encryption has become a part of many of the encryption and security systems in use on the internet today. It is used as part of setting up communications for services such as Secure Shell Protocol (SSH) and Transport Layer Security (TLS). It’s also used for message communication systems such as Pretty Good Privacy (PGP). WhatsApp take things a step further in that their algorithms update and change the keys being used during the conversations, so should anyone intercept the encrypted messages and later manage to get a private key, they will only be able decrypt a small selection of the messages.