Previous section: Block-based encryption methods

The type of encryption discussed up to now is referred to as **symmetric** because decryption is an exact mirror image of encryption, with the same key describing both operations. All the people who are intended to use the key for a symmetric encryption method need to be given access to it. Enigma codebooks and Russian one-time pads were issued in advance in paper form. However, this is hardly a practical solution for the huge and anonymous system that is the internet. Most internet business of any consequence would not be possible were it not for a second means of encoding data developed in the 1970s that is known as **asymmetric** encryption.

Imagine a door with a lock and its normal key, which we will call the strong key. Now imagine a second key, which we will call the weak key. The weak key has some of its teeth missing but nonetheless also fits the lock. In any cycle of the door being locked and unlocked, the weak key can be used to perform at most one of the two actions. This means that if the weak key was used to lock the door, it cannot be used to unlock it again: the strong key is required for that. If, however, the door was locked using the strong key, either strong or weak key can be used to unlock it again.

If I am the owner of a room secured with this door and are in possession of both keys, there are two ways I can use them. In both cases I keep the strong key for myself and give copies of the weak key to one or more friends. I can lock an object in the room and any one of my friends who is able to use his weak key to open the door knows that it must have been me who put the object in there, because I am the only person who has the strong key. Or, alternatively, any one of my friends can lock an object in the room in the sure knowledge that I am the only person who will be able to pick the object up, because nobody else’s weak key can reopen the door.

Asymmetric encryption methods use complex mathematics to create a virtual relationship between individuals that corresponds to the one between the owner of the door and his friends. The operations that are performed on the data as it is encoded and decoded go well beyond what we can cover here, but, just as with symmetric encryption, they are determined by series of bits that make up keys. I can generate a random **private key** which I keep secret. From the private key I can then generate a **public key** which I disseminate to everyone I wish to communicate with. A message encoded with the private key can only be decoded with the public key, and a message encoded with the public key can only be decoded with the private key. The fact that the public key is generated from the private key makes the private key like the strong key to the door described above, because anyone who has the private key effectively has the public key as well and can encrypt and decrypt messages as she likes.

Just as with the door, the system can be used in either direction. I can **sign** content with the private key, allowing anyone with the public key to verify that it did indeed originate from me. Or, alternatively, someone can encrypt a message using my public key and send it to me in the knowledge that only I will be able to read it, because decoding it requires my private key. Two servers on the internet can hold a private conversation by each encoding messages with the other’s public key.

Tweet about private and public keys |

Next section: The National Security Agency and Perfect Forward Secrecy