my experience with public/private keys is ssh where I have logins in both places and I login without keys and move it to the .ssh file. That is what gets me. how is the key moved over for communication and if the server moves it then it could theoretically hold onto it. So in the picture above it takes the public key in step 2 and sends it on in step 3 which is used to encrypt the message. I just don’t see how the public key in that case can encrypt the message but not decrypt it.
An encrypted message requires the key pair to decrypt. So if I’m sending you a message I use your public key to encrypt, then you use your private key to decrypt. Only you have your private key. If I were going to sign something, rather than encrypt it, I would use my private key, then everyone could verify it was me by using my public key.
yeah I just don’t see how you can encrypt something with a key and not be able to decrypt it with the same key (I looked at the khan academy thing and have seen others. I never got the math around it).
So I and some others here have probably sounded a bit antagonistic to you, but good on you for asking and trying to understand. Public Key Cryptography feels like magic to me too, it’s just magic that I’ve accepted exists without understanding the base math of it all. Without it, however, most of the security of the Internet doesn’t work.
Even most symmetrical encryption (Like AES, which is how you are picturing encryption working) layers on asymmetrical encryption as a negotiation layer to share a key that both parties have but that nobody eves dropping can read. Then once the key is exchanged, they use that because symmetrical encryption is way easier for computers. But for short messages like Signal sends, it wouldn’t surprise me if they stay asymmetrical for the entire communication.
That’s literally the defining feature of asymmetric cryptography. There are many explanations of how it works which you can easily find. One example is the Wikipedia article: https://en.m.wikipedia.org/wiki/Public-key_cryptography
If you educate yourself and are still confused, you should probably just accept the fact that even though you can’t understand the specifics, information encoded with the public key cannot be decoded with the same public key.
As an aside, if this is a topic that interests you, I recommend Code by Charles Petzold and The Code Book by Simon Singh. They are both exceptional books and very approachable.
While the public and private key are separate, they are mathematically related.
Say two large prime numbers are generated. Their product is used as part of the public and private keys. When you multiply two prime numbers together it is extremely difficult to “guess” what those two prime numbers were from the product, but if you have the private key you know the missing part of the equation that makes it difficult to reverse so you can easily reverse the equation and decrypt the message.
my experience with public/private keys is ssh where I have logins in both places and I login without keys and move it to the .ssh file. That is what gets me. how is the key moved over for communication and if the server moves it then it could theoretically hold onto it. So in the picture above it takes the public key in step 2 and sends it on in step 3 which is used to encrypt the message. I just don’t see how the public key in that case can encrypt the message but not decrypt it.
An encrypted message requires the key pair to decrypt. So if I’m sending you a message I use your public key to encrypt, then you use your private key to decrypt. Only you have your private key. If I were going to sign something, rather than encrypt it, I would use my private key, then everyone could verify it was me by using my public key.
https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:data-encryption-techniques/a/public-key-encryption
yeah I just don’t see how you can encrypt something with a key and not be able to decrypt it with the same key (I looked at the khan academy thing and have seen others. I never got the math around it).
So I and some others here have probably sounded a bit antagonistic to you, but good on you for asking and trying to understand. Public Key Cryptography feels like magic to me too, it’s just magic that I’ve accepted exists without understanding the base math of it all. Without it, however, most of the security of the Internet doesn’t work.
Even most symmetrical encryption (Like AES, which is how you are picturing encryption working) layers on asymmetrical encryption as a negotiation layer to share a key that both parties have but that nobody eves dropping can read. Then once the key is exchanged, they use that because symmetrical encryption is way easier for computers. But for short messages like Signal sends, it wouldn’t surprise me if they stay asymmetrical for the entire communication.
That’s literally the defining feature of asymmetric cryptography. There are many explanations of how it works which you can easily find. One example is the Wikipedia article: https://en.m.wikipedia.org/wiki/Public-key_cryptography
If you educate yourself and are still confused, you should probably just accept the fact that even though you can’t understand the specifics, information encoded with the public key cannot be decoded with the same public key.
As an aside, if this is a topic that interests you, I recommend Code by Charles Petzold and The Code Book by Simon Singh. They are both exceptional books and very approachable.
While the public and private key are separate, they are mathematically related.
Say two large prime numbers are generated. Their product is used as part of the public and private keys. When you multiply two prime numbers together it is extremely difficult to “guess” what those two prime numbers were from the product, but if you have the private key you know the missing part of the equation that makes it difficult to reverse so you can easily reverse the equation and decrypt the message.