Public Key Cryptography: What it is and how it works
Public key cryptography is at the center of modern cryptography. It allows messages to be encrypted and sent securely between parties. There are two types of key in public key cryptography; a public key, that can be published in a directory along with the user’s name, and a secret key that is only known to the owner of the key. Everyone who wants to send and receive messages must have a pair of keys (public key, secret key).
But what is a key?
We can think of cryptographic keys as real life keys; the public key is used to lock the message (encrypt it securely) in such a way that only the secret key can unlock it (decrypt the message).
How do we send messages?
Someone who wants to send a message must first look up the public key of the intended recipient, encrypt a message using their public key, and send it to that key holder. The recipient can then decrypt the message. Let us see how this looks when Bob wants to send a message to Alice.
- Alice will broadcast her public key.
- Bob will encrypt his message using Alice’s public key.
- Bob will send Alice the encrypted message.
- Alice will use her secret key to decrypt the message.
It may help to think about public key cryptography with the following transformations (note these are not proper mathematical equations):
Message + Public Key (of receiver) = Encrypted Message
Encrypted Message + Secret key (of receiver) = Message
Why does it work?
Public key cryptography works because the two keys, (public key, secret key), are mathematically linked so that knowing the public key does not afford you any knowledge of the secret key but knowing the secret key allows you to decrypt a message that is encrypted using the corresponding public key. We also require that the message can only be decrypted if one knows the secret key, otherwise anyone could decrypt the message!
Public key cryptography is also called asymmetric cryptography. This is because the public and the secret keys must be different (asymmetric). This is in contrast to symmetric cryptography which uses the same keys for encryption and decryption.
In the next article in this series, we will see a public key algorithm in action, the RSA algorithm.
Questions:
- Given the public key, should I be able to work out the secret key?
- Given the secret key, should I be able to work out the public key?
- What are the advantages and disadvantages of symmetric and asymmetric cryptography?
Further reading:
Look up the RSA algorithm. This is an example of a public key cryptography in action. It uses an area of mathematics called modular arithmetic, which you may not have seen before, but do not be put off, it is not very hard!
This article was written by David Butler, one of the course creators and teachers at Oxbridge Inspire. David is studying for a PhD at the Alan Turing Institute in London.
If you enjoyed this article, you might consider coming to our course in Cambridge this summer on the Mathematics behind Cryptography.
