In computer science, public key cryptography is used for following purposes:
To do this a key pair is generated i.e. a public key and a private key. Let suppose a user A generated his key pair then A will broadcast his public key. Now any one, let suppose B, who wants to communicate with A can get public key of A. Now they can communicate securely.
Encryption and Decryption Process
Suppose A and B wants to communicate securely. Then A and B will exchange their public keys to each let me explain it with an example:
Lets suppose
A will encrypt the message with public key of B and send it over network. The message payload will be received by B then B decrypt it by his private key. i.e if M is message, Pb is public key of B, Sb is secret or private key of B and C is cipher text which will be send over network then:
Do you know about man in the middle attack? this Encryption and Decryption process is vulnerable to man in middle Attack. For Example:
Digital Signatures
In public key cryptography digital signatures are widely used for source identification. who they works let me explain it by example:
Suppose A want to send A message to B and Also wants to identify him self then.
- Encrypt valuable information so that no one can read it.
- Identify source of publisher i.e. Digital Signatures.
- Cryptography private keys exchange.
To do this a key pair is generated i.e. a public key and a private key. Let suppose a user A generated his key pair then A will broadcast his public key. Now any one, let suppose B, who wants to communicate with A can get public key of A. Now they can communicate securely.
Encryption and Decryption Process
Suppose A and B wants to communicate securely. Then A and B will exchange their public keys to each let me explain it with an example:
Lets suppose
- A's key pair is Pa (Public Key) and Sa (Secret Key)
- B's key pair is Pb (Public Key) and Sb (Secret Key)
A will encrypt the message with public key of B and send it over network. The message payload will be received by B then B decrypt it by his private key. i.e if M is message, Pb is public key of B, Sb is secret or private key of B and C is cipher text which will be send over network then:
- A: Encrypt (M, Pb) = C
- B: Decrypt (C, Sb) = M
Do you know about man in the middle attack? this Encryption and Decryption process is vulnerable to man in middle Attack. For Example:
- A encrypt message M with public key of B which produce cipher text C and send C to network.
- An attacker capture the C which was send to B. Attacker know the public key of B then attacker can change the message and encrypt it with public key of B and send it to B. i.e Encrypt (FakeMessage, Pb) = FakeCipher and send FakeCipher to B.
- Now when B decrypt it i.e Decrypt (FakeCipher, Sb) = FakeMessage
Digital Signatures
In public key cryptography digital signatures are widely used for source identification. who they works let me explain it by example:
Suppose A want to send A message to B and Also wants to identify him self then.
- A will encrypt the message with public key of B. i.e Encrypt (M, Pb) = C
- Now A will use any hashing function SHA or MD5 and generate hash of message. i.e SHA (M) = hash.
- Now A will encrypt whole package, cipher C and hash, with its own secret key Sa. i.e. Encrypt (C+hash, Sa) = SignedCipher
- Now A send SignedCipher over the network.
- B recive the Signed Cipher and then decrypt it with public key of A this will give B orignal cipher and i.e. Decrypt (SignedCipher, Pa) = C + hash
- Then B will decrypt the cipher i.e. Decrypt (C, Sb) = M1
- Now B will generate a hash of M1 i.e. SHA (M1)
- If hash of M1 is equal to hash which was send previously then message is same which was send by A, also source of A is identified.
