[Asymmetric Cryptography] : How it is used in https protocol
2 min readJan 23, 2024
Asymmetric Cryptography : is a class of cryptography in which encryption and decryption occurs with help two keys pair, public and private key.
Two use cases of asymmetric cryptography :
- Data Encryption : Encrypt with public key & decrypt with private key.
- Digital Signature : Encrypt with private key & decrypt with public key.
Data Encryption
- Here both users have same public and private key pairs
- Message is encrypted with public key which is distributed publicly.
- Then decrypted with private key which kept secret i.e only user with private key can read you message no one else.
- Generally used in secure communication over an insecure channel.
Digital Signature :
- Here sender only have both keys.
- Message is encrypted with private key and public key is distributed publicly.
- Any user who wants to verify the digital signature will use the public key to verify weather is signed by correct one or not.
- Generally used in identity verification.
Use of Asymmetric in https :
- It is used in the initial phase of client server communication where keys are exchanged.
- In initial phase when client sends a request to server then server sends its SSL certificate which includes the public and then client verifies server’s identity [asymmetric — encrypt with private and decrypt with public].
- Client use the received public key to encrypt a new private key and then sends that to server
- Then server decrypts with its own private key and receives the new private key.
- Congratulation connection established.