Public-Key Cryptography
Public-Key Cryptography is a sophisticated form of data encryption that safeguards sensitive information through the use of asymmetric algorithms. Unlike traditional symmetric ciphers, which require both parties to share the same key for encoding and decoding messages, public-key cryptography utilizes a pair of keys: a public key, which can be openly distributed, and a private key, which is kept secret by the owner. This innovative approach allows anyone to send encrypted messages using the recipient's public key, while only the holder of the private key can decrypt the information, enhancing security.
The development of public-key cryptography emerged in response to the increasing need for secure communication as technology advanced. Early pioneers, including cryptologists from British intelligence and mathematicians like Whitfield Diffie and Martin Hellman, laid the groundwork for this system in the 1970s. A significant breakthrough was achieved with the Rivest-Shamir-Adleman (RSA) algorithm, which relies on the mathematical challenge of factoring large numbers into their prime components, making unauthorized decryption extremely difficult.
Public-key cryptography is integral to modern digital communication, enabling secure transactions and authenticating the source of information through digital signatures. Its widespread application underpins countless online interactions, often occurring seamlessly in the background. Understanding this technology is essential for anyone interested in the fields of cybersecurity, data protection, and electronic communication.
On this Page
Subject Terms
Public-Key Cryptography
Public-key cryptography is a form of data encryption technology used to protect confidential information. Data encryption refers to using a code as a key to protect important information and limit access to a certain user or group of users. Public-key cryptography, also called public-key encryption, uses an asymmetric algorithm, or mathematical formula, that applies one key to encrypt the information and another one to decode it. Data is more secure when the encryption key does not have to be shared.
Background
Ciphers and codes are two ways of protecting data so that it can remain secret. A code is a list of prearranged substitutes—one thing replaces another. One simple form involves simply substituting a number for a letter; for instance, if A=1, B=2, etc., cat becomes "3-1-20." Yo decode a message, one uses the key to replace the substitutes with the original letters, words, or phrases. Every party who will be sharing the message needs the key to code or decode messages.
Ciphers are more complicated and use a mathematical algorithm to both substitute for the original information and multiply that result by another number that is the key to the algorithm. Using the example above, for instance, and encrypting it with a cipher with a key of 3, means multiplying "3-1-20" by 3 to get "9-3-60." To decipher the message, the recipient needs the specific key, or algorithm, that works for the cipher. The recipient applies the key in reverse to decode the message. Real ciphers use complicated mathematical keys.
The earliest known cipher is the Caesar cipher, which originated in the sixth century BCE. It is a symmetric cipher, meaning both parties use the same code to send and receive messages that either can read. For many centuries, this was the only type of cipher that existed. As technology increased to allow information to be shared faster and more easily between places, it became necessary to change codes more frequently. A code that fell into the wrong hands could be used to decode secret messages and also allowed an enemy to encrypt and send fake messages. To keep information safe, users were forced to develop more complicated codes and to change them often. This created administrative problems to manage and track multiple keys.
New Method
Cryptologists—those who work with codes and ciphers—realized that the way to solve the problem was to have a separate way to encrypt and decrypt the messages. This asymmetrical method means that data coded with the public key can only be decrypted with the private key, and vice versa. The public key could even be widely available and still protect the information, because it can only be accessed by someone with the private key. Meanwhile, those with the private key do not have to worry about replacing the key to protect sensitive information. Public-key cryptography protects that data and can be used to determine if the information is coming from an authentic source, since only a holder of the private key can send a message. This is the basis of a digital signature in electronic data transmissions.
This asymmetric encryption form was first explored secretly by British intelligence services in the early 1970s. Around the same time, Stanford mathematicians Whitfield Diffie (1944—) and Martin Hellman (1945—) proved it was theoretically possible to develop an asymmetric ciphering method that uses two keys. In 1977, MIT mathematicians Ronald L. Rivest (1947—), Adi Shamir (1952—), and Leonard M. Adleman (1945—) devised an algorithm based on factoring that allows for the first public-key encryption coding. Their method, known as the Rivest-Shamir-Adleman encryption, or RSA, created a special algorithm that can be used with multiple keys to encrypt information.
How it Works
Factoring is the secret behind public-key cryptography. Factoring a number means identifying the two prime numbers that can be multiplied together to produce the original number. The process of factoring very large numbers is difficult and slow, even when computers are used. This makes the encryption secure. The person, company, or other entity that wants to encrypt a message chooses—or has a computer choose—two prime numbers that are each more than 100 digits long and multiplies them together. This becomes the key and can be made public without endangering the code because it is so difficult to factor it back to the two prime numbers with which the person or entity started. It can be and often is published freely—the key is made public—and can be used by parties to send coded messages that only the originator of the code can read.
For example, Company A wants to be able to receive coded messages from its customers. Company A uses a computer to choose two large prime numbers—x and y—and multiplies them to get z. Company A then shares z on its website. Customer B can now take his message and the key z and enter them into the RSA algorithm. The algorithm will encode the message, which can now be sent to Company A. The key to unlocking it is x and y, which only Company A knows, so the company can decipher the message. The message remains secure because factoring z to x and y is difficult and time consuming.
This process is used in countless computer transactions every day, often without the person encrypting the message even realizing it is taking place. The method was so transformative for computer cryptography that the Association for Computing Machinery awarded the ACM Turing Award and $1 million in prize money to Diffie and Hellman in March 2016.
Bibliography
Bright, Peter. "Locking the Bad Guys Out with Asymmetric Encryption." ARSTechnica.Condé Nast. 12 Feb. 2013. Web. 4 March 2016. http://arstechnica.com/security/2013/02/lock-robster-keeping-the-bad-guys-out-with-asymmetric-encryption/
"Cryptography Defined/Brief History." The College of Liberal Arts. University of Texas at Austin. Web. 4 March 2016. http://www.laits.utexas.edu/~anorman/BUS.FOR/course.mat/SSim/history.html
Mann, Charles C. "A Primer in Public-Key Encryption." The Atlantic. The Atlantic Monthly Group. Sept. 2002. Web. 4 March 2016. http://www.theatlantic.com/magazine/archive/2002/09/a-primer-on-public-key-encryption/302574/
Niccolai, James. "As Encryption Debate Rages, Inventors of Public Key Encryption Win Prestigious Turing Award." PCWorld.IDG Consumer & SMB.2 March 2016. Web. 4 March 2016. http://www.pcworld.com/article/3039911/encryption/as-encryption-debate-rages-inventors-of-public-key-encryption-win-prestigious-turing-award.html
"Public Key Cryptography." PC Magazine Encyclopedia. Ziff Davis, LLC. Web. 4 March 2016. http://www.pcmag.com/encyclopedia/term/40522/cryptography
"Public Key Encryption." Geeks for Geeks, 24 June 2024, www.geeksforgeeks.org/public-key-encryption/#. Accessed 20 Nov. 2024.
"Understanding Public Key Cryptography." Microsoft Tech Net. Microsoft. Web. 4 March 2016. https://technet.microsoft.com/en-us/library/aa998077%28v=exchg.65%29.aspx