Your On-line Security Is Probably More Dependent on Prime Numbers Than Your Virus Scanner

You should hopefully know that our core security on the Internet is the usage of symmetric key encryption — AES, ChaCha20 and RC4. These are at the core of our protection, and protect data both at rest and in transit. But this is only part of the story, as this type of encryption doesn’t not really prove anything — it protects, but does not really identify. But this is where public key encryption comes in, and where we have a public key and a private key — a key pair.

If we want to prove our identity, we encrypt something with our private key, and then others can prove this identity with our public key. Normally, too, a trusted entity — Trent — provides proof of our public key. It is thus mechanism that makes our work more trustworthy, and where we can prove our identity, and check the identity of others.

With public key, we can: encrypt data (but not a great deal of it, as it is much slower than AES): provide proof-of-identity; and pass secret keys. For key exchange, Bob can generate a secret key, and then encrypt this with Alice’s public key. Alice then decrypts the secret key with her private, and they will both have the same secret key: