Encryption is the process of taking a message and scrambling its contents so that only certain people can look at what’s inside.
Two Types of Encryption
- Symmetric encryption
- Asymmetric encryption
Asymmetric encryption was created to solve the problem brought about by Symmetric encryption. Let’s look at this illustration. User 1 has a sensitive document that he wants to share with User 2. He uses an encryption program to protect his document with a password that he chooses, and then sends the encrypted document to User 2. However, User 2 cannot open the message because he doesn’t know the password that User 1 used to encrypt the document. User 2 doesn’t have the key to open the lock. Now how does User 1 share the password securely with User 2? Sending it through email is risky because others might access the password and use it to decrypt any messages between User 1 and 2. This is why Asymmetric encryption was created.
Asymmetric encryption can be likened to a mailbox on the street. The mailbox is completely public—anyone who knows its location could go to it and drop in a letter. However, only the owner of the mailbox has a key which allows him to access it and read the letters.
When using asymmetric encryption, both Users 1 and 2 have to generate a key pair on their computers. This is done using the RSA algorithm which is a secure and popular method. The RSA algorithm will generate a pair of public and private keys that are mathematically linked to each other. Public keys are used to encrypt data, and only the corresponding private key can be used to decrypt it. Even though the keys are paired together, neither can be derived from the other. In other words, even if you know a person’s public key, you can’t use that information to recreate his private key.
Going back to our mailbox example, the mailbox location is the public key, something that is known to the public. The private key is with the owner of the mailbox, which is used to access the mailbox.
Let’s now take a look at how Users 1 and 2 can use asymmetric encryption to exchange messages securely. First of all, they exchange their public keys. User 1 gives his public key to User 2 and User 2 gives his public key to User 1. Now User 1 can share his sensitive document again by taking the document and encrypting it with User 2’s public key. He then sends the document to User 2, who uses his private key to decrypt the document and read it. Because they use asymmetric encryption, only User 2 can decrypt the message. Not even User 1, the creator of the message, can decrypt it, since he doesn’t have User 2’s private key. Users 1 and 2 have to keep their private keys well protected in order to maintain a strong and secure asymmetric encryption. If User 1’s private key is stolen, it can be used to decrypt all messages that are sent to User 1. But the attacker cannot decrypt messages that were sent by User 1, because they can only be decrypted using User 2’s private key.
Asymmetric encryption is used in a lot of places where security really matters. You might not be aware of it, but every time you visit a website which has been secured via HTTPS, you’re actually using asymmetric encryption. It is also used to securely send emails with the PGP protocol. As one last example, Bitcoin uses asymmetric encryption to make sure that only the owner of a money wallet can withdraw or transfer money from it.