Netcore Solutions Pvt. Ltd.
402, Peninsula Chambers,
Peninsula Corporate Park,
G. K. Marg, Lower Parel (W),
Mumbai 400 013.
Tel: 022-66628000
Fax: 022-66628134
e-mail: info@netcore.co.in
| |
How Public and Private Key Cryptography Works
In public key cryptography, a public and private key are created simultaneously using the same algorithm (a popular one is known as RSA) by a certificate authority (CA).
The private key is given only to the requesting party and the public key is made publicly available (as part of a digital certificate) in a directory that all parties can access. The private key is never shared with anyone or sent across the Internet. You use the private key to decrypt text that has been encrypted with your public key by someone else (who can find out what your public key is from a public directory). Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate. When I receive it, I can use your public key to decrypt it. Here's a table that restates it:
| To do this |
Use whose |
Kind of key |
• Send an encrypted message
• Send an encrypted signature
• Decrypt an encrypted message
• Decrypt an encrypted signature
(and authenticate the sender)
|
Use the receiver's
Use the sender's
Use the receiver's
Use the sender's
|
Public key
Private key
Private key
Public key
|
| Digital Certificate: A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys |
|
 |
|
|
