Topics / Security / Asymmetric Encryption

Asymmetric Encryption

Asymmetric encryption (sometimes called public key encryption) is a form of encryption where a pair of keys are responsible for encrypting and decrypting data.

This is different to symmetric encryption where the same key is used to encrypt and decrypt.

Asymmetric encryption uses a special pairing of keys:

  • Public key – anyone can ask for a copy
  • Private key – remains private on the computer, never sent
  • Both needed to decrypt
  • Only public key is needed to encrypt

Because both keys are needed to decrypt, it doesn’t matter who sees the public key – all they can do is encrypt data with it!

SSL uses a combination of symmetric and asymmetric encryption where:

  • Asymmetric encryption resolves the key distribution problem, so that
  • Data can be transmitted using symmetric encryption

Example process:

  1. A symmetric key is encrypted by the sending computer using the public key sent by the receiving computer (usually via SSL certificate)
  2. The encrypted symmetric key is sent to the receiving computer (unreadable if intercepted)
  3. Using the stored private key, and the readily available public key, the receiving computer decrypts the symmetic key
  4. Now, both computers have the same symmetric key ready for secure encrypted data transmission
Topics / Security / Asymmetric Encryption