Public Key Encryption (original) (raw)

Last Updated : 11 Jul, 2025

Public key cryptography provides a secure way to exchange information and authenticate users by using pairs of keys. The public key is used for encryption and signature verification, while the private key is used for decryption and signing.

When the two parties communicate with each other to transfer the intelligible or sensible message, referred to as plaintext, is converted into apparently random unreadable for security purposes referred to as ciphertext.

Public Key Cryptography

Public key cryptography is a method of secure communication that uses a pair of keys, a public key, which anyone can use to encrypt messages or verify signatures, and a private key, which is kept secret and used to decrypt messages or sign documents.

This system ensures that only the intended recipient can read an encrypted message and that a signed message truly comes from the claimed sender. Public key cryptography is essential for secure internet communications, allowing for confidential messaging, authentication of identities, and verification of data integrity.

Cryptographic Key

A cryptographic key is a piece of information used by cryptographic algorithms to encrypt or decrypt data, authenticate identities, or generate digital signatures. It serves as a parameter to control cryptographic operations, ensuring the security and privacy of digital communications and transactions.

How Does TLS/SSL Use Public Key Cryptography

TLS/SSL uses public key cryptography to keep our internet connections secure. It does this in two main ways:

• **Encryption: When you visit a secure website (HTTPS), TLS/SSL helps encrypt data exchanged between your browser and the website's server.
  It uses a combination of public and private keys to create a secure connection. Your browser and the server agree on a secret key for this session, which keeps your data safe from eavesdroppers.
• **Authentication: TLS/SSL verifies the identity of websites. When you connect to a site, it presents a digital certificate signed by a trusted authority. Your browser checks this certificate to ensure you're really connecting to the right site and not a fake one trying to steal your information.

By using public key cryptography, TLS/SSL protects our privacy online and ensures that the websites we visit are genuine and trustworthy.

**Components of Public Key Encryption

• **Plain Text: This is the message which is readable or understandable. This message is given to the Encryption algorithm as an input.
• **Cipher Text: The cipher text is produced as an output of Encryption algorithm. We cannot simply understand this message.
• **Encryption Algorithm: The encryption algorithm is used to convert plain text into cipher text.
• **Decryption Algorithm: It accepts the cipher text as input and the matching key (Private Key or Public key) and produces the original plain text.
• **Public and Private Key: One key either Private key (Secret key) or Public Key (known to everyone) is used for encryption and other is used for decryption.

Public Key Encryption Working

**Key Pair Generation : A user generates a pair of keys :

• **Public Key: Shared openly. Anyone can use it to send an encrypted message.
• **Private Key: Kept secret. Only the key owner can decrypt messages encrypted with the public key.

**Encryption : If someone wants to send a private message:

• They obtain the recipient’s public key.
• They encrypt the message using that public key.
• The encrypted message is sent over a network.

**Decryption : Upon receiving the message:

• The recipient uses their private key to decrypt the message and recover the original plaintext

Public Key Encryption

Public Key Encryption Practical Example: **Secure Website (HTTPS)

When you visit a secure website like https://www.bank.com, public key encryption is used behind the scenes to encrypt data between your browser and the bank's server.

**Bank's Server Has a Key Pair

• **Private Key: Secret, stored securely on the server.
• **Public Key: Shared with anyone via an SSL certificate.

**You Connect to the Website

• Your browser gets the bank’s public key from its SSL certificate.
• It verifies the certificate is valid (issued by a trusted certificate authority).

**Encrypting the Session Key

• Your browser creates a random symmetric key (used for actual data encryption).
• It encrypts this key using the bank's public key.
• Only the bank can decrypt it using its private key.

**Secure Communication Begins

• Now both your browser and the bank share a secret symmetric key.
• All further communication (login info, account data, etc.) is encrypted using this key.

Why Public Key Encryption is Used

• It ensures that only the server (with the private key) can read the symmetric key.
• Even if someone intercepts the traffic, they can’t decrypt the session key or data.

**Characteristics of Public Encryption key

• **Security Assurance:
  It is computationally infeasible to determine the private (decryption) key from the public (encryption) key and algorithm alone.
• **Key Pair Flexibility:
  Either key (public or private) can be used for encryption, with the other used for decryption supporting both confidentiality and authentication.
• **Easy Public Key Distribution:
  Public keys can be shared freely, enabling convenient encryption and digital signature verification.
• **Private Key Confidentiality:
  Private keys are kept secret, ensuring that only the key owner can decrypt content or create valid digital signatures.
• **Foundation of RSA:
  The most widely used public-key cryptosystem, **RSA, is based on the difficulty of factoring large composite numbers into primes.

**Limitations of the Public Key Encryption

• **Susceptible to Brute-Force Attacks: Although computationally hard, public key encryption algorithms can be theoretically brute forced if key lengths are too short or computational power advances (e.g., quantum computing).
• **Private Key Loss: If a user loses their private key, they can no longer decrypt data or prove their identity, making the system non-recoverable and highly vulnerable.
• **Man-in-the-Middle (MitM) Attack Risk: A third party could intercept and alter public keys during transmission, leading to unauthorized decryption or spoofed signatures if keys aren't verified through a trusted channel.
• **PKI Chain of Trust Vulnerability: If a private key higher in the PKI hierarchy (e.g., a root certificate authority) is compromised, it can invalidate all subordinate certificates, enabling widespread MitM attacks.

**Applications of the Public Key Encryption

• **SSL/TLS protocols : They use public key encryption to securely exchange symmetric session keys between a web browser and a server.
• **Digital signature: Digital signature is for senders authentication purpose. In this sender encrypt the plain text using his own private key. This step will make sure the authentication of the sender because receiver can decrypt the cipher text using senders public key only.
• **Key exchange: This algorithm can use in both Key-management and securely transmission of data.
• **SSH keys : For secure login to remote servers use public/private key pairs for authentication.
• **Blockchain and Cryptocurrencies: Users control wallets with private keys , public keys serve as wallet addresses.