CODEWITHSUNDEEP
public-key-encryption
Den
Den

Reputation: 23

Public Key Encryption

I just wanted to make sure I am on the right track

  1. Sender generates private key, encrypts message
  2. Sender requests receivers public key
  3. "Secret" is then encrypted with this public key
  4. Data sent to receiver for decryption

I assume logically speaking the "Secret" can only be encrypted with the receivers public key, although is the encrypted secret attached to the encrypted file / document?

Upvotes: 1

Views: 701

Answers (3)

dereckrx
dereckrx

Reputation: 456

  1. Sender generates session symmetric key.
    • Symmetric meaning both parties will use the same key.
  2. Sender encrypts data with session key.
  3. Sender requests receivers public key.
  4. Receiver sends public key while keeping the matching private key secret.
  5. Session key is encrypted using receivers pubic key.
    • Now only the receivers private key can decrypt the session key.
  6. Encrypted Data and encrypted session key are sent to receiver.
  7. Receiver decrypts senders session key using receivers secret private key.
  8. Receiver decrypts data using decrypted session key.

Sticking with John Browne's metaphor:

  1. I lock a document in a box with a key.
  2. I ask a friend to send me a box to which only they have a key too.
  3. I place a copy of my document-box-key in my friends box and lock it.
  4. I send the document box and my friends box (which contains the key to the document box) to my friend.
  5. My friend opens their box with their secret key, and retrieves the document-box-key from inside.
  6. My friend then uses that key to open the document box.

Upvotes: 0

John Browne
John Browne

Reputation: 722

Public key encryption: An easy way to visualize this is as follows:

I send someone an unlocked box that they can put stuff in. Then they close it and it locks. They can ship me the box and I have the only key that will open the lock.

The locked box is the public key encryption; the key is my private key.

Symmetric key encryption works like this:

We buy a padlock at Home Depot and it comes with two keys. You take one and move to Boston; I take one and move to San Jose. We can padlock our box and ship it back and forth, only we have the keys.

Upvotes: 2

Eugene Mayevski 'Callback
Eugene Mayevski 'Callback

Reputation: 46080

p1. Sender generates session symmetric key.

p3. session key is encrypted using this public key.

Yes, the encrypted secret is attached to the encrypted file. There's no risk in this as this is a session (one-time) key.

Upvotes: 1

Related Questions