Reading Time: 2 minutes
Asymmetric cryptography is based on the public-private key pair. The public key and its corresponding private key are linked together through their internal mathematical structure. The public key can be shared with everyone but the private key must be kept secret.
There are two main use of Asymmetric cryptography-
- Digital signature -It is a mechanism by which a message is authenticated. The receiver can verify that a message is coming from a given sender.
The sender uses his\her private-key to encrypt the message and send the signed message along with public-key to the receiver. The receiver decrypts that message using sender’s public-key, successful decryption proof digital signature because only sender public-key can decrypt the message.
- Encryption and Decryption – Message is encrypted so that only the sender and a receiver can see. Encryption can be done using any key and the opposite key from the one used to encrypt the message is used for decryption.
The sender can send a private message to the receiver. The sender encrypts the message using receiver’s public key and sends it to the receiver. Receiver decryption the message using his/her private key.
How does it work?
Digital Signature – There is two-step process-
Message digest evaluation – Digest of the whole message is evaluated using hashing by the sender and receiver uses it to verify the message integrity.
Digest signature – Sender encrypts the message digest (not complete message due to performance reason) using his private key. Receiver decrypt message digest using sender’s public to verify\authenticate the sender. After decryption, the receiver uses the decrypted message digest to verify the message integrity using hashing.
Encryption and Decryption – There is three step process-
One-time symmetric key generation – Asymmetric-keys are too slow for long messages so a one-time symmetric key is generated for encryption and decryption.
Message encryption – The whole message is encrypted using a one-time symmetric key.
Symmetric-key encryption – Final step is to share the one-time symmetric key with receiver securely. To do this, symmetric-key is encrypted using receiver’s public key. The receiver decrypts symmetric-key using his private-key and uses decrypted symmetric-key to decrypt the whole message.
What is the use of Certificate
The certificate is used to prove the identity of a public key’s owner. Certificate Authority (CA) issues a certificate to a public key owner.