Public Key Crypto

From BloomWiki
Revision as of 01:56, 25 April 2026 by Wordpad (talk | contribs) (BloomWiki: Public Key Crypto)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

How to read this page: This article maps the topic from beginner to expert across six levels � Remembering, Understanding, Applying, Analyzing, Evaluating, and Creating. Scan the headings to see the full scope, then read from wherever your knowledge starts to feel uncertain. Learn more about how BloomWiki works ?

Public-Key Cryptography (also known as Asymmetric Cryptography) is a revolutionary method of encryption that uses a Pair of Keys: a Public Key and a Private Key. While the public key can be shared with anyone in the world, the private key is kept secret by the owner. Anything encrypted with the public key can only be decrypted by the matching private key. This is the "Magic" that makes the modern internet possible—allowing you to send your credit card number to a website you've never met before without a hacker being able to see it. It solved the ancient "Key Exchange Problem" and is the foundation of digital privacy and trust.

Remembering[edit]

  • Public-Key Cryptography — A cryptographic system that uses pairs of keys: public keys (which may be disseminated widely) and private keys (which are known only to the owner).
  • Public Key — Used to encrypt data or verify a digital signature; available to everyone.
  • Private Key — Used to decrypt data or create a digital signature; must be kept secret.
  • RSA (Rivest-Shamir-Adleman) — The first and most famous public-key algorithm, based on the difficulty of factoring large numbers.
  • ECC (Elliptic Curve Cryptography) — A modern, more efficient public-key system that uses the math of curves to provide the same security with much smaller keys.
  • One-Way Function — A mathematical operation that is easy to do in one direction but extremely difficult to undo (e.g., multiplying two huge primes).
  • Trapdoor Function — A one-way function that is easy to undo if you have a specific piece of "secret" information (the private key).
  • Digital Signature — A mathematical scheme for verifying the authenticity of digital messages or documents.
  • Certificate Authority (CA) — A trusted organization that "vouches" for your public key (the "Passport Office" of the internet).
  • SSL/TLS (HTTPS) — The protocol that uses public-key cryptography to secure website connections.
  • Diffie-Hellman — A specific method for two people to create a shared secret key over an insecure channel.
  • Prime Number — A number that has no divisors other than 1 and itself; the "Atoms" of public-key math.
  • Modular Arithmetic — "Clock math"; the branch of math used to scramble numbers in RSA and ECC.

Understanding[edit]

Public-Key Cryptography is understood through the Mailbox Analogy.

1. The Open Mailbox: Imagine Alice has a mailbox with a slot on the top. The slot is the Public Key.

  • Anyone can walk up and drop a secret letter into the slot.
  • Once the letter is inside, only Alice (who has the Private Key to the back door) can read it.

Even the person who sent the letter can't get it back out!

2. The Math of Prime Factors: Why is it secure?

  • It is very easy for a computer to multiply two 500-digit prime numbers together.
  • It is Impossible for any current computer to take that massive resulting number and figure out which two primes made it.

The "Result" is your public key. The "Two Primes" are your private key.

3. Digital Signatures (The Reverse): Public-key crypto can also be used backwards to prove identity.

  • If Alice encrypts a message with her Private Key, everyone can decrypt it with her Public Key.
  • If it works, it Proves that only Alice could have written it. This is a "Digital Signature."

The Trust Chain: How do you know the "Public Key" you get from Amazon.com really belongs to Amazon and not a hacker? You check the Digital Certificate. A trusted third party (a CA) has "signed" Amazon's key with their private key, creating a chain of trust that goes up to a "Root" built into your browser.

Applying[edit]

Modeling 'The Diffie-Hellman Key Exchange': <syntaxhighlight lang="python"> def generate_shared_secret(g, p, my_private_key, their_public_part): 

   """
   Shows how two people can create a secret key 
   without ever sending the key itself.
   Formula: (g^b mod p)^a mod p == (g^a mod p)^b mod p
   """
   shared_secret = (their_public_part ** my_private_key) % p
   return shared_secret
  1. Alice and Bob agree on g=5, p=23
  2. Alice chooses private_a=6. Bob chooses private_b=15.
  3. Alice sends (5^6 mod 23) = 8. Bob sends (5^15 mod 23) = 19.

alice_secret = generate_shared_secret(5, 23, 6, 19) bob_secret = generate_shared_secret(5, 23, 15, 8)

print(f"Alice's secret: {alice_secret}") print(f"Bob's secret: {bob_secret}")

  1. They both calculated '2' without ever sending it!

</syntaxhighlight>

Asymmetric Landmarks
PGP (Pretty Good Privacy) → The first software to bring public-key encryption to the masses for email.
Bitcoin → Uses ECC to prove ownership of coins without needing a bank.
The Green Padlock → The visual indicator in your browser that a site is using public-key crypto (TLS).
SSH Keys → Used by developers to log into servers without using a password.

Analyzing[edit]

Symmetric vs. Asymmetric
Feature Symmetric (AES) Asymmetric (RSA/ECC)
Key Usage Same key for Lock/Unlock Different keys for Lock/Unlock
Speed Very Fast (Gigabits/sec) Very Slow (Milliseconds/operation)
Key Sharing Difficult (Must be kept secret) Easy (Public key is public)
Main Use Encrypting big files/hard drives Exchanging keys / Signatures

The Concept of "Hybrid Encryption": Because public-key crypto is slow, we don't use it to encrypt a whole movie. Instead, we use it for 1 second to Exchange a Symmetric Key. Once both sides have the secret key, they switch to the fast symmetric encryption. Analyzing this "Handshake" is the core of all internet security.

Evaluating[edit]

Evaluating an asymmetric system:

  1. Key Size: Is the key long enough (e.g., RSA-2048 is safe, RSA-512 is broken)?
  2. Computational Cost: Is the math too heavy for a small phone battery or a smart card?
  3. The Quantum Threat: Most current public-key math (RSA/ECC) will be Instantly Broken by a future quantum computer using "Shor's Algorithm."
  4. Randomness: Is the "Private Key" truly random, or did the computer use a "weak" random number generator that a hacker can predict?

Creating[edit]

Future Frontiers:

  1. Post-Quantum Cryptography (PQC): New types of public-key math (like "Lattice-based") that even a quantum computer cannot break.
  2. Homomorphic Encryption: A type of public-key crypto that allows a server to "calculate" data without ever seeing the numbers (e.g., adding encrypted numbers to get an encrypted result).
  3. Self-Sovereign Identity: Using your own public-key pairs to prove who you are without needing a central company like Facebook or Google.
  4. Zero-Knowledge Proofs: Proving you are over 21 or have enough money in your bank without revealing your exact age or balance.
Retrieved from "http://bloomwiki.org/index.php?title=Public_Key_Crypto&oldid=4632"