Public-key systems

December 2016

the principle of public-key encryption

The principle of asymmetric encryption (also called public-key encryption) first appeared in 1976, with the publication of a work about cryptography by Whitfield Diffie and Martin Hellman.

In an asymmetric cryptosystem (or public-key cryptosystem), keys exists in pairs:

  • A public key for encryption;
  • A secret key for decryption.

In a public-key encryption system, users choose a random key that only they know (this is the private key). From this key, they each automatically deduce an algorithm (this is the public key). Users exchange this public key over an insecure channel.

When a user wants to send a message to another user, he simply needs to encrypt the message to be sent using the recipient's public key (which he can find, for example, in a key server such as an LDAP directory). The latter will be capable of decrypting the message with his private key (that only he knows).

overview of a public-key encryption

This system is based on a function that is easy to compute in one direction (called a one-way trapdoor function) and is mathematically extremely hard to invert without the private key (called the trapdoor).

To put this in images, this means having a user randomly create a small metal key (the private key) and then produce a large number of padlocks (public keys) he keeps in a locker that can be accessed by anyone (the locker plays the role of an insecure channel). To send him a document, each user can take an (open) padlock, close a portfolio containing the document with this padlock, then send the portfolio to the owner of the public key (the padlock's owner). Only the owner will be capable of opening the portfolio with his private key.

Advantages and disadvantages

The problem of communicating the decryption key no longer exists, in that public keys can be sent freely. Public-key encryption therefore lets people exchange encrypted messages without having a shared secret.

On the other hand, the challenge involves making sure the public key you recover actually belongs to the person you want to send the encrypted information to!


Related :


Sistemas de clave pública
Sistemas de clave pública
Les systèmes à clé publiques
Les systèmes à clé publiques
I sistemi a chiavi pubbliche
I sistemi a chiavi pubbliche
Cifragem com chave privada (ou chave secreta)
Cifragem com chave privada (ou chave secreta)
This document entitled « Public-key systems » from CCM (ccm.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.