Who can (re)explain public key encryption for me?

An out of town friend explained it to me about 2 years ago and I'm pretty sure I really understood the concept. But I brought it up today at work and when someone asked "How does it work?" I felt like an utter moran. Couldn't even begin to answer....

New wrinkles in the last two years, if PKE has been dropped in favor of some hot new apprach, all related info would be great, too.

Thanks in advance.

http://www.webopedia.com/TERM/P/public_key_cryptography.html

"A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it.

An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key."

from http://www.webopedia.com/TERM/P/public_key_cryptography.html

A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it.

An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key.

Public-key systems, such as Pretty Good Privacy (PGP), are becoming popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. The only difficulty with public-key systems is that you need to know the recipient's public key to encrypt a message for him or her. What's needed, therefore, is a global registry of public keys, which is one of the promises of the new LDAP technology.

Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption).

we're so smart!

minds that think alike....

is based on an algorithm where one key (private) can encrypt data, and the other (public) can decrypt it. Both are derived at the same time and can be used in reverse.

I generate a PPK pair. I keep the private key, and put the public key on my SSH server, which uses it to authenticate me. My password is encrypted using my public key and the server uses my private key to decrypt it.

PGP operates this way using public key servers

On edit: DAMN you folks are FAST!

DBDB

Can you expand on this in greater detail?

"I generate a PPK pair. I keep the private key, and put the public key on my SSH server, which uses it to authenticate me. My password is encrypted using my public key and the server uses my private key to decrypt it."

I swear, if I don't get it on the next pass, I won't pester you again.


Thank, perfesser!!!!!!!!!!!!!

What exactly are you using this for? Pretty Good Privacy (PGP) for email? Secure Shell (SSH) for connecting to remote servers? Communicating in general with friends without the intrusion from *Bush and his merry band of eavesdroppers? Something else?

The solution you seek is dependent upon your usage

If you want to see how it works under the hood, here is a start
http://www.math.nmsu.edu/crypto/public_html/PublicKey.html
http://www.math.nmsu.edu/crypto/public_html/BegRSA.html

DBDB

I just want to understand it...again. That simple.

I remember being facinated by the concept. But, too me at least, it's one of those things that's slippery. (Another one is the "let's make deal" Monte Carlo simulation discussed here in the lounge about 2 weeks ago....)

I'm sorry if I'm not posing the question correctly, but here goes:

I "broadcast" an encoding key for all to see. You encode w/ that algorithm and transmit in semi-public, cough, email to me. Let's stop there (and maybe it will answer the obvious follow up question): How come eavesdroppers can't decode it when they have acess to the way it was encoded?

Thanks very much. Sincerely.

You added links while I was responding....

And yes, I guess I want the hood cracked open a couple of inches. Certainly not the whole way,

Thanks again

:cheers:

It's coming back. Slowly. One key is and public, one is private.

But I guess I'm still in the dark as to the encryption/decryption details, the real specifics of the process.

Anyone?

Again, thanx for getting me this far. One cylinder just fired, I think...

Coming to you courtesy of Patriot Act 2.

Our talk today was not based on that at all. Now I have another whole basket of questions. One is, how can it be enforced?

-Creating a new, separate crime of using encryption technology that could add five years to any sentence for crimes committed with a computer. (Section 404)

http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11835&c=206

Heaven forbid if we start organizing on the Net.