Public Key EncryptionPublic key encryption is a method of securing electronic information by the use of a private and public encryption key.
Cryptology, enciphering and deciphering messages in a secret code, is a means of ensuring information security on the Internet. Users wishing to secure files on the Internet have the option of setting up a private key system (whereby the participants would have to know the secret key) or using a public key encryptosystem, which involves the use of two keys. The originators of the latter have developed RSA, which provides encryption and authorization functions. RSA allows users to send and receive encrypted files without having to reveal their private key.
Public key encryptosystems, such as RSA, are ideal for providing security for large groups of users, because they do not require users to reveal their secret keys. When a person sends a message to an individual using this system, she would look up his public key to encrypt the message. The recipient would then use his private key to decrypt the message. Although this system provides a great deal of security, it has the disadvantage of running slower than the traditional private key encryptosystem. For this reason, it is often used in conjunction with the single-key industry standard, DES.
Using a combination of a two-key system such as RSA and a one-key system such as DES can provide speed and security. The two work together in the following way: The sender encrypts the message using a randomly chosen DES key, and looks up the public key of the intended recipient and encrypts the DES key using the recipient's public key. The message is then sent. The recipient would then use her private key to decrypt the DES key, and her public key to read the message.
A public key system also allows users to verify that messages have come from who they say they're from, and that they have not been tampered with. This is done by creating a digital signature, which is a calculation based on the user's private key and the message itself. If the recipient finds that the received message does not fit a certain equation, the message has been tampered with.