Public-key Cryptography

The purpose of this document is to provide a basic understanding of public-key cryptography. Also included within this document is a description of the basic components to the public-key cryptography system. This document is intended for anybody looking to gain a basic understanding or knowledge of public-key cryptography.

When the Internet was first developed security was not a major concern as it was for different networking devices to have the ability to communicate with each other. As the Internet grew and evolved there became more of a need to ensure personal or private information was being protected from threats like: eavesdropping, impersonation, tampering, misrepresentation, and even spoofing. One method for protecting against these threats is by using public-key cryptography. Public-key cryptography protects against all of these threats by using an asymmetrical encryption process that provides encryption and decryption, tamper detection, authentication, and nonrepudiation (Sun Microsystems, 1998).

There are two primary uses of public-key cryptography, digital signing and encryption (RSA Security, 2009). When a person wants to send a digitally signed message to another person they must first register with a certifying authority (CA) to obtain a public and a private key. Once the keys have been obtained a user is able to use the key to authenticate onto a network and lookup the intended recipient in a global address listing (GAL). The person wanting to send a digitally signed message to a recipient then types up a message and chooses to digitally sign the message before sending to the recipient. Once the person pushes the send button within the e-mail client the system then performs a mathematical computation based on the private key and the message itself. When the recipient receives the message another mathematical computation is performed based on the message, the sender’s public key, and the purported signature. If the computation is correct then the signature has been verified, if the computation is incorrect then the message has been tampered or the signature is fraudulent. The mathematical computation that took place is based upon a mathematical relationship that exists between all public and private keys. Once the signature has been verified the recipient is able to read the message, knowing that is has not been altered and from a trusted source. If the message sender does not want to digitally sign a message or wants to include encryption, this process can be completed using similar steps. First the sender registers with a CA in order to obtain a public and a private key. The sender is then able to use their public key to authenticate onto a network. Once they have been authenticated onto the network they can then lookup the intended recipient in a GAL. Once the recipient has been identified the message is then encrypted using the recipients public key that was retrieved from the GAL to encrypt the message. The message is then sent to the recipient and when they are ready to read the message, the recipient uses their private key to decrypt the message knowing that any unauthorized viewers have not intercepted this message.

In conclusion, the public-key cryptography system was designed to protect against threats of eavesdropping, impersonation, tampering, misrepresentation, and spoofing. By the use of a certifying authority along with a users public and private keys the recipient of a digitally signed message will know immediately if a message was altered or sent from an untrusted source because the mathematical computation that takes place between the public and private keys will return an error. When a message is encrypted the recipient’s public key is used to encrypt the message in which the recipient will use their private key to decrypt the message knowing that it was sent and received without being altered or intercepted.

1. Microsystems, Sun (1998, October 9th). Introduction to Public-Key Cryptography. Retrieved February 28, 2009, from Sun Microsystems Web site: (2009). Network Security.
2. Security, RSA (2009). 2.1.1 What is public-key cryptography?. Retrieved February 28, 2009, from RAS Laboratories Web site:

Spread the love