There are two fundamental ways to use keys or secrets for encryption:symmetric and asymmetric. Symmetric encryption uses the identical key to both encrypt and decrypt the data. Symmetric key algorithms are much faster computationally than asymmetric algorithms as the encryption process is less complicated. The length of the key size is critical for the strength of the security. NIST has recommendations on how long a key should be– in general, 160-512 bits. There are inherent challenges with symmetric key encryption in that the key must somehow be managed. Distributing a shared key is a major security risk.
Asymmetric encryption uses two related keys (public and private) for data encryption and decryption, and takes away the security risk of key sharing. The private key is never exposed. A message that is encrypted by using the public key can only be decrypted by applying the same algorithm and using the matching private key. Likewise, a message that is encrypted by using the private key can only be decrypted by using the matching public key.
Are you building out for secure devices to protect your engineering designs and secure any potential hacking in your product? Receive a FREE Atmel CryptoAuthentication development tool?
This blog was written by Steve Jarmusz, Atmel Applications Manager for Crypto, Memory and Analog Devices.
“a message that is encrypted by using the private key can only be decrypted by using the matching public key.”
This is a wrong statement. Private key is never used for encryption purpose.
no. you are wrong, that’s the whole purpose of public/private keys.
private keys are only used for DEcryption. using them for encryption would be stupid because anyone could decrypt them with the public key. thats why its called a public key
technically the statement in question is true, but that is not how asymmetric encryption is used
Ok, wow. I’m just commenting here to clarify incase some poor soul gets confused:
– ONLY the shared key is used for encryption and decryption.
– The shared key is generated from all public/private key(s) by means of whatever authentication and key exchange protocol.
I have no idea why you would say “private keys are only used for DEcryption”. That is wrong and doesn’t make sense.
“A message that is encrypted by using the public key can only be decrypted by applying the same algorithm and using the matching private key” as well as “A message that is encrypted by using the private key can only be decrypted by using the matching public key” also don’t make sense.
THE KEY YOU USE TO ENCRYPT A MESSAGE IS THE KEY YOU USE TO DECRYPT A MESSAGE, HENCE HAVING A SHARED KEY.
Unless the author and you guys are talking about some crazy protocols not specified in TLS and are not talking about AES encryption. In which case, good luck with your security.
In terms of asymmetric encryption, only digital signatures on emails are encrypted with a private key. Other than that, only public keys are used to encrypt messages.
Based on the above comments it’s easy to see why there is so much confusion surrounding encryption. Part of that confusion stems from the fact that there’s no mathematical difference between a public and a private key in RSA (assuming you’re using RSA for your asymmetric encryption). The public and private keys are chosen arbitrarily from the key pair. While the public key is used to encrypt messages intended for the holder of the private key, message signing is, in fact, encryption with the private key and is done all the time.
As people have stated, the information about asymmetric encryption is true except when the author states “Likewise, a message that is encrypted by using the private key can only be decrypted by using the matching public key”, and should be deleted or edited. Here is a very simple explanation of how an asymmetric conversation would work:
Assume that person A and person B want to send a message to each other. They would both exchange their public keys. A would use B’s public key to encrypt, and B would use his private key to decrypt the message. B would then use A’s public key to encrypt a response, and A would use their private key to decrypt the message.
If private keys were used for both encryption and decryption, it would be very easy to discover the algorithm used in the private key. That is why it is PRIVATE, you do not send any information out about this key what-so-ever (although the public key is technically mathematically related, it is near-impossible to reverse engineer).
Pingback: Week Three Case Study | Tyler N Woods
wow my all doubts cleared…thanks a lot dear
BOTH keys are used for encryption; it only depends on WHY you are doing the encryption. As Mad Irish above has correctly said, if you want to people to know that you are associated with some item, you encrypt it using your PRIVATE key. This is called signing the item. Someone proves that you signed it by decrypting it with your PUBLIC key. It is only your PUBLIC key that can decrypt an item you have signed (encrypted with your PRIVATE key.
Cryptography is not only used for concealment.
Pingback: SEC280 Wk3 Case Study | BruceClues
can symmetric key be used in place of asymmetric key in wimax security architecture?
Sometimes an explanation from the actual users in the Real World is needed to totally comprehend a concept. I also didn’t fully understand for what reasons you would encrypt something with the private keys. So far most definitions I found described the WHAT and HOW but not the WHY, which I know fully understand per the comments on this article. THANKS to the posters. Cheers
Pingback: Let's Encrypt: A New Hope | LAS 396 | Jupiter Broadcasting