I'm having trouble with this topic and I was hoping to get the big guns to weigh in on this one. Keys.

I get what a key is and ehat its for. What is killing me is the concept of public and private keys, or public ones anyway. I simply dont get why public keys are necessary and how it is that by their very existence, they don't in fact degrade security.

Think of the public key as the "valet" key, it will just turn your car ohn but not open the trunk/glove box.....

There is more to it than that, but it should get the discussion rolling.

I simply dont get why public keys are necessary will not arise if this I get what a key is and ehat its for. is true. Sorry, no offence meant.:cool:.


My Understanding: The basis of the key system is the possibility of distributing a key (public key) to others for encryption, so that the message is encrypted at the senders end and transmitted to the intended person, who holds one more key (private key), which is used for decryption of the message resulting in privacy of the communication between the sender and receiver.

Definitions : The part of the key in a public key system which is distributed widely, and is not kept secure. This is the key used for encryption (as opposed to decryption) or for verifying signatures.

A mathematical key that can be made publicly available and which is used to verify signatures created with its corresponding private key. Depending on the algorithm, public keys are also used to encrypt messages or files which can then be decrypted with the corresponding private key.

The other half of a key pair, a public key is held in a digital certificate. Public keys are usually published in a directory. Any public key can encrypt information; however, data encrypted with a specific public key can only be decrypted by the corresponding private key, which the key owner keeps secret. A public key can also be used to verify the authenticity of a digital signature.

Messages are sent encrypted with the recipient's public key, which is known to others; the recipient decrypts them using their private key.

Common Explanation : With conventional encryption schemes, keys must be exchanged with everyone you wish to talk to by some other secure method such as face to face meetings, or via a trusted courier. The problem is that you need a secure channel before you can establish a secure channel! With conventional encryption, either the same key is used for both encryption and decryption or it is easy to convert either key to the other. With public key encryption, the encryption and decryption keys are different and it is impossible for anyone to convert one to the other. Therefore, the encryption key can be made public knowledge, and posted in a database somewhere. Anyone wanting to send you a message would obtain your encryption key from this database or some other source and encrypt his message to you. This message can't be decrypted with the encryption key. Therefore nobody other than the intended receiver can decrypt the message. Even the person who encrypted it can not reverse the process. When you receive a message, you use your secret decryption key to decrypt the message. This secret key never leaves your computer. In fact, your secret key is itself encrypted to protect it from anyone snooping around your computer.

You can find answers to most of your questions regarding cryptography HERE (http://www.faqs.org/faqs/cryptography-faq/part01/) :p

Encryption - a brief overview (http://www.stealthmessage.com/s/home/encryption.cfm) outlines the basics and the very basics of the mathematical concepts.

Put simply - an encryption "cipher pair" is divided into two halves (or keys):-

I publish one half as a public key for anyone to use if they want to send me encrypted messages.

When I receive these messages only my private key can decrypt them.

It is possible, eventually, to break the encryption from a knowledge of the public key's "cipher half" - but because of the enormous numbers involved it still takes a very long time indeed for large banks of the most powerful computers to achieve this.

Okay, question then. Can a public key be used to decrypt the same data that it was used to encrypt?

No, the whole point of a public key is that it can ONLY be used to encrypt data so that it can be freely transmitted over an unsecure medium and the private key is required to actually decrypt it.

Which means if a private key gets lost anything encrypted with the associated public key should be unrecoverable.