Content deleted Content added
Put digital signature diagram before public-key encryption too. |
rm unnec bold, see MOS:BOLD |
||
Line 10:
[[File:Public key encryption.svg|thumb|250px|right|In an asymmetric key encryption scheme, anyone can encrypt messages using a public key, but only the holder of the paired private key can decrypt such a message. The security of the system depends on the secrecy of the private key, which must not become known to any other.]]
'''Public-key cryptography''', or '''asymmetric cryptography''', is the field of [[cryptographic systems]] that use pairs of related keys. Each key pair consists of a '''public key''' and a corresponding '''private key'''.{{Ref RFC|4949|notes=no}}<ref>{{Cite journal |last1=Bernstein |first1=Daniel J. |last2=Lange |first2=Tanja |date=2017-09-14 |title=Post-quantum cryptography |url=http://www.nature.com/articles/nature23461 |journal=Nature |language=en |volume=549 |issue=7671 |pages=188–194 |doi=10.1038/nature23461 |pmid=28905891 |bibcode=2017Natur.549..188B |s2cid=4446249 |issn=0028-0836}}</ref> Key pairs are generated with [[cryptographic]] [[algorithms]] based on [[mathematical]] problems termed [[one-way function]]s. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.<ref>{{Cite book|url=https://books.google.com/books?id=Dam9zrViJjEC|title=Cryptography and Network Security: Principles and Practice|last=Stallings|first=William|date=3 May 1990|publisher=Prentice Hall|isbn=9780138690175|page=165|language=en}}</ref>
There are many kinds of public-key cryptosystems, with different security goals, including
Public key algorithms are fundamental security primitives in modern [[cryptosystem]]s, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as [[Transport Layer Security|Transport Layer Security (TLS)]], [[SSH]], [[S/MIME]], and [[Pretty Good Privacy|PGP]]. Compared to [[symmetric cryptography]], public-key cryptography can be too slow for many purposes,<ref>
Line 32:
By contrast, in a public-key cryptosystem, the public keys can be disseminated widely and openly, and only the corresponding private keys need be kept secret.
The two best-known types of public key cryptography are
* In a '''[[digital signature]]''' system, a sender can use a private key together with a message to create a
{{cite book
|author1-last=Menezes |author1-first=Alfred J. |author1-link=Alfred Menezes
Line 75:
|url-status=live
}}</ref><p>For example, a software publisher can create a signature key pair and include the public key in software installed on computers. Later, the publisher can distribute an update to the software signed using the private key, and any computer receiving an update can confirm it is genuine by verifying the signature using the public key. As long as the software publisher keeps the private key secret, even if a forger can distribute malicious updates to computers, they cannot convince the computers that any malicious updates are genuine.</p>
* In a
{{cite book
|author1-last=Menezes |author1-first=Alfred J. |author1-link=Alfred Menezes
| |||