Encryption is a process in which information is encrypted in such a way that only a certain number of people able to see it. There are two basic encryption methods: symmetric encryption and asymmetric encryption. Let’s first consider symmetric encryption, to understand what asymmetric encryption was created for.
Alice needs to send Bob an important document. She uses an encryption program to protect this document with a password or a special phrase she chose. Further, she sends the encrypted document to Bob, however, Bob cannot open this document because he does not know the password that Alice used for encryption. Simply speaking, Bob does not have a key to open the lock. That is why we face a serious issue: the safe transfer of the document password. Sending a password via email is quite risky since third parties can intercept the password and in turn, use it to decrypt any messages between Alice and Bob. This is exactly the problem that asymmetric encryption solves!
The example of Alice and Bob can be easily compared with a mailbox on the street. Mailbox is available to anyone who knows its address. Let’s say, the location of the mailbox is completely public. Anyone who knows the address of the mailbox can put a letter there, but only the mailbox owner has the key to open it and read the contents. Now let’s go back to the technical details.
Using asymmetric encryption, both Bob and Alice must generate key pairs on their computer. The most popular and secure method for generating keys is the RSA algorithm. This algorithm generates a public and private key that are mathematically related.
The public key can be used to encrypt information, and only a certain private key can be used to decrypt it. Considering that both keys are mathematically related, the private key cannot be obtained from the public one. In other words, if you know someone’s public key, this does not mean that you can get its private key.
Let’s take the example of Alice and Bob to consider how they going to use asymmetric encryption to securely transfer information. They start by sharing their public keys with each other. Alice can now send an important document using encryption using Bob’s public key. Then she sends the encrypted file to Bob, who uses her private key to decrypt the document. Thus, using asymmetric encryption, only Bob can read the encrypted document. And even Alice does not have access to the contents of this document since only Bob’s private key is suitable for this.
Now, Bob and Alice are responsible for the reliability of asymmetric encryption. They must keep their keys in a secure place so that each owner has access exclusively to his private key. If fraud takes possession of the sender’s private key, he can decrypt all messages that were encrypted using his public key. However, the fraud will not be able to decrypt the message originating from Alice, as this requires the private key of Bob.
Asymmetric encryption is used in many cases where security really matters. Did you know that every time you visit a website with the HTTPS (HyperText Transfer Protocol Secure) protocol, you use asymmetric encryption? It is also used to protect emails using PGP or GPG protocols. For example, Bitcoin also uses asymmetric encryption in order to make sure that only the owner of the funds can withdraw or transfer Bitcoins from his address.
Now you know how asymmetric encryption works and how it differs from symmetric encryption.