Tue. Jan 24th, 2023

Public Key Encryption

What is it?

Public Key Encryption is a system which utilises pairs of keys: one is private, and is known only to its ‘owner’. The other is public, and is sharable to anyone.

This means that anyone with the public key can create and encrypt a message, but no-one except the private key owner will be able to decrypt it. It is a type of asymmetric encryption, and therefore the process with the public key is one way.

Consider a server and a client communicating. The client can send its public key to the server, which can then generate a key for symmetric encryption, and this key can be encrypted using the client’s public key, and sent back to the client.

The only person who can decrypt this is the client, as it requires their private key. This has allowed the server to create a symmetric encryption key and send it over an insecure medium (the Internet) in a secure manner. Once the client has decrypted the key, it can begin communicating with the server using symmetric encryption, taking advantage of symmetric encryption’s advantages of speed and reduced network utilisation.

Where is it used?

This is most widely used to provide security and privacy in communications.

For example, WhatsApp prides itself on providing end-to-end encryption. This is only possible through the use of public key encryption. Messages are encrypted with the recipients’ public keys, delivered, and finally decrypted with the users’ private key. This ensures that no-one except the intended parties are able to view the messages, even if data is intercepted en route.

Further Reading