Cryptography or cryptology is the art and study of transiting the details without having the intrusion of prying eyes. History suggests that this technique happens to be prevalent since ages, from the comfort of the ancient Greeks to the World War era; nonetheless, its contemporary form is still getting used in modern-day digital communication and computer security authentication. The inexplicable failure of traditional encryption (symmetric cryptography) with regards to of computer security and reliability of data, compelled scientists all over the world to devise a thing that would eliminate these shortcomings. Hence, public key encryption (the brainchild of Whitfield Diffie and Martin Hellman) was introduced in 1976; which within the world of cryptography, escalated computer security to a complete new level.
What exactly is it?
In traditional (symmetric) cryptography, when the sender fires off an indecipherable message towards the recipient, both the parties utilize the same secret key for locking/unlocking the message. Now, here is the problem. The key key, which would be utilised by both the parties, has got to delivered via some or the other media. Therefore, there's absolutely no guarantee that the key might travel without unsolicited tampering, thus risking the integrity associated with the data.
Public key encryption was the impending treatment for this problem. In this system, both the parties are handed a set of unique keys • public and private. These keys work hand-in-hand to protect and decode the specified information. The general public key is freely available, whereas the private key, once the name suggests, is confidential and protected by its respective owner. One of the most noted example will be the RSA algorithm. RSA is short for for Rivest, Shaman and Alderman, who wrote this algorithm.
So how exactly does it Work?
As stated previously, public key encryption revolves across the idea of two keys. Let us imagine the following scenario.
a wants to send an encrypted message to B. Both of them have a set of aforementioned keys. A looks up for B's public key in the directory. Once found, he creates his digital signature by computing his private key and the actual message. Done that, he encrypts the message and sends it to B which in turn, is verified by B using some calculations with the message, the signature and A's public key. Consequently, in the event that calculations at B's end prove that the signature is authentic then the message is decoded; otherwise it is regarded as tampered with or the signature happens to be forged. This technique virtually eliminates the difficulty regarding data encryption for information security.
Benefits and drawbacks
The most significant benefit of this kind of encryption is optimum security and ease of use. Moreover, each user is likely to safeguard his/her private key, which offers complete independence of ownership. As well, this system lowers the risks of widespread forgery by decentralization of keys. In reality, this technique is called non-repudiation. On the other hand, this cryptographic technique has a few drawbacks too. It really is comparatively slower than a couple of advanced encryption techniques. This is because of their long computation amount of time in factoring large numbers while encoding, decoding, and authenticating the messages. Also, public key encryption like RSA is virtually close to impossible to crack because of its complex algorithm. This proves to be an important setback for security personnel who would like to track sensitive data security breach of a business's or of a government organization.
The sudden surge in information security has compelled cryptographers to generate better and upgraded solutions everyday.
