Public-key cryptography

Asymmetric (or public-key) cryptography is based on two types of keys: private keys and public keys.

Private and public keys are related so that a public key can be computed from a private key, but deriving the private key from the public key is infeasible. As the names hint, public keys can be publicly distributed, but private keys must be stored securely. Public keys permit anybody to do certain operations like encrypt data, whereas certain other operations like decryption can be done only with the private key.

The main use cases of asymmetric cryptography are key exchange, public key encryption, and digital signatures.

The main use cases of asymmetric cryptography in contemporary secure communication protocols are key exchange, public key encryption, and digital signatures. The key exchange methods allow two parties to securely derive a shared secret key (for example, for AES) over an insecure channel (for example, the Internet). The public key encryption methods encrypt data using a party’s public key so that only that party (the holder of the corresponding private key) can decrypt it. The digital signature methods allow signing messages with a private key so that anyone can later verify the signature with the public key in order to get assured that the message was indeed signed by claimed signer. Digital signatures form the basis of certificate-based public-key infrastructure (PKI) that brings trust into the modern Internet (e.g., in the HTTPS protocol).

The most famous asymmetric cryptographic algorithm is the RSA (Rivest-Shamir-Adleman), but the current state-of-the-art of asymmetric cryptography is based on elliptic curve mathematics, which are complicated mathematical algorithms combining security with efficient computations and small key sizes. Elliptic curve cryptography (ECC) commonly uses standardized elliptic curves such as the NIST curves by the U.S. NIST or the newer Curve25519.