Public-key encryption, or asymmetric encryption involves the use of two keys, one that can be used to encrypt messages (the public key) and one that can be used to either encrypt them or decrypt them (the private key).
These key pairs can be used in two different ways, to provide privacy or authentication.
Privacy is ensured by encoding a message with the public key as it can only be decoded by the holder of the private key.
Authentication is achieved by encoding a message with the private key. Once the recipient has successfully decrypted it with the public key they can be assured it was sent by the holder of the private key.
As the public key can be made widely available (for example from a server or third party), public-key cryptography does not suffer from the same key distribution and management problems as the secret-key system.
One disadvantage of the public-key system is that it is relatively slow, so when it is being used only for authentication it is not desirable to encrypt the whole message particularly if it is a long one. To get round this a digital signature is used.
Related Posts:
- Enabling Technologies – Secret Key Encryption - Secret-key encryption, also known as single-key or symmetric encryption, involves the use of a single key that is shared by both the sender and the...
- Enabling Technologies – Encryption Overview - Many Web store merchants understandably want to concentrate their energies on what they do best – selling – and either ignore the technical aspects or...
- Enabling Technologies – Secure Sockets Layer (SSL) - Netscape’s Secure Sockets Layer (SSL) protocol is currently the most widely used method for performing secure transactions on the Web and is supported by most...
- Enabling Technologies – Frequently Asked Questions (FAQ) - Why is encryption needed for Web commerce? Encryption performs four key functions which enable secure Web transactions to take place: Authentication allows customers to be...
- Enabling Technologies – Cryptography Export Restrictions - What have a bomb and a cryptography got in common? Under current US law, cryptography is classified as a munition and the export of software...