[Asymmetric Cryptography] : How it is used in https protocol

Asymmetric Cryptography : is a class of cryptography in which encryption and decryption occurs with help two keys pair, public and private key.

Two use cases of asymmetric cryptography :

• Data Encryption : Encrypt with public key & decrypt with private key.
• Digital Signature : Encrypt with private key & decrypt with public key.

Data Encryption

• Here both users have same public and private key pairs
• Message is encrypted with public key which is distributed publicly.
• Then decrypted with private key which kept secret i.e only user with private key can read you message no one else.
• Generally used in secure communication over an insecure channel.

Digital Signature :

• Here sender only have both keys.
• Message is encrypted with private key and public key is distributed publicly.
• Any user who wants to verify the digital signature will use the public key to verify weather is signed by correct one or not.
• Generally used in identity verification.

Use of Asymmetric in https :

• It is used in the initial phase of client server communication where keys are exchanged.
• In initial phase when client sends a request to server then server sends its SSL certificate which includes the public and then client verifies server’s identity [asymmetric — encrypt with private and decrypt with public].
• Client use the received public key to encrypt a new private key and then sends that to server
• Then server decrypts with its own private key and receives the new private key.
• Congratulation connection established.