- Uses mathematical one-way functions.
- The private key must be kept private.
- The public key can be openly distributed without compromising security.
Any person can encrypt a message using the public key. The encrypted message can only be decrypted with the private key.
Using public-key cryptography to enable symmetric-key cryptography
A typical example of how public-key cryptography is used to allow symmetric-key cryptography between parties.
- A server generates a cryptographic key that it wants to use for symmetric-key cryptography. This is faster / less resource-intensive cryptography if the key can be shared between the 2 computers that wish to securely communicate.
- The server uses the connecting client’s openly shared public key to encrypt this newly generated symmetric key.
- The server can then send this encrypted symmetric key over an insecure channel to the client.
- Only the client can decrypt it using the client’s private key.
- Once it has decrypted in, the client and server now both have the same symmetric key. They can safely use faster symmetric key encryption to communicate over otherwise insecure channels.
This scheme has the advantage of not having to manually pre-share symmetric keys while gaining the higher data throughput advantage of using symmetric-key cryptography.