8 bits only: Public and Private Key Encryption

  • Is the same key used for encrypting and decrypting a message?
  • How do we initially share the keys that we use to encrypt the messages on a channel, over that very same channel? Is this even possible?
  • Do we use the same keys for encryption of channels with many different parties?

Key Space

Private Key Encryption

credit

Firstly, we’ve addressed that for private key encryption, the same key is used for both encrypting and decrypting messages. This is why private key encryption is also referred to as symmetric key encryption.

Some downsides of private key encryption include that there is a linear growth in the number of private keys each communicator must store, relative the number of channels they use. For example, a web app using private key encryption would need to store a private key for each user of the service, which is not scalable. Secondly, there is the constraint of requiring some additional step to share the private key initially, to avoid some third party from being able to eavesdrop on an encrypted channel.

Public Key Encryption

credit

To answer the first of the three questions posed, public key encryption does not use the same key for encrypting and decrypting messages, which is why it is also known as asymmetric key encryption

Wait, something is off…

Not quite!

With public key encryption, we can now use the same public key for all channels, and clients with this public key can send encrypted messages to the server, which cannot be decrypted by an adversary. Unfortunately, this is only a 1-way encrypted channel, as a message encrypted by the server’s private key could be decrypted by anyone with the public key.

Another Issue?!

The struggle continues

  • How can we ensure that a public key shared over an unsecured channel is actually the public key of the party we expected to be communicating with?
  • How can we establish a two-way encrypted channel, while still sharing the key(s) used for encryption, over an unsecured channel?

We’ll get to work on these issues next time, by discussing public-key infrastructure, and the Diffie-Hellman key exchange protocol.

--

--

--

Working on storage management and infrastructure at Azure SQL

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

STAR SHELL WALLET WANTS BETA UI TESTERS

Hack The Box — TartarSauce Writeup w/o Metasploit

Rise in Whistleblowing Signals the Need for Formal CyberEthics

Is Apple’s privacy reputation at risk?

On People and Service in Turbulent Environments

Make $500/Year Passively With No Investment

How to Account for the Human Element in AppSec

{UPDATE} Rush Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aashray Anand

Aashray Anand

Working on storage management and infrastructure at Azure SQL

More from Medium

It’s time we all started thinking of BBC’s Engineering as one of the best in the world

Insiders’ Guide to Finding the Best Developer: Concise version

Longer TikTok videos could entice a more diverse array of creators

Smartphone displaying the TikTok app

AI Terms everyone should know in 2022