Content deleted Content added
LaffyTaffer (talk | contribs) m Reverted 1 edit by Itsakyaduvanshi (talk) to last revision by The frog in question |
No edit summary Tags: Reverted Mobile edit Mobile web edit |
||
Line 1:
--{{short description|Cryptographic system with public and private keys}}
{{Use dmy dates|date=October 2019}}
{{more citations needed|reason=article with large unreferenced sections|date=January 2024}},[[-*]]
[[File:Public-key-crypto-1.svg|thumb|250px|right|An unpredictable (typically large and [[random]]) number is used to begin generation of an acceptable pair of [[cryptographic key|keys]] suitable for use by an asymmetric key algorithm.]]
Line 9:
[[File:Public key shared secret.svg|thumb|250px|right| In the [[Diffie–Hellman key exchange]] scheme, each party generates a public/private key pair and distributes the public key of the pair. After obtaining an authentic (n.b., this is critical) copy of each other's public keys, Alice and Bob can compute a shared secret offline. The shared secret can be used, for instance, as the key for a [[symmetric cipher]].]]
[[File:Public key encryption.svg|thumb|250px|right|In an asymmetric key encryption scheme, anyone can encrypt messages using a public key, but only the holder of the paired private key can decrypt such a message. The security of the system depends on the secrecy of the private key, which must not become known to any other.]]
'''Public-key cryptography''', or '''asymmetric cryptography''', is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a '''public key''' and a corresponding '''private key'''.{{Ref RFC|4949|notes=no}}<ref>{{Cite journal |last1=Bernstein |first1=Daniel J. |last2=Lange |first2=Tanja |date=2017-09-14 |title=Post-quantum cryptography |url=http://www.nature.com/articles/nature23461 |journal=Nature |language=en |volume=549 |issue=7671 |pages=188–194 |doi=10.1038/nature23461 |pmid=28905891 |bibcode=2017Natur.549..188B |s2cid=4446249 |issn=0028-0836}}</ref> Key pairs are generated with [[cryptographic]] [[algorithms]] based on [[mathematical]] problems termed [[one-way function]]s. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.<ref>{{Cite book|url=https://books.google.com/books?id=Dam9zrViJjEC|title=Cryptography and Network Security: Principles and Practice|last=Stallings|first=William|date=3 May 1990|publisher=Prentice Hall|isbn=9780138690175|page=165|language=en}}</ref> There are many kinds of public-key cryptosystems, with different security goals, including [[digital signature]], [[Diffie–Hellman key exchange]], [[Key encapsulation mechanism|public-key key encapsulation]], and public-key encryption.--
Public key algorithms are fundamental security primitives in modern [[cryptosystem]]s, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as [[Transport Layer Security|Transport Layer Security (TLS)]], [[SSH]], [[S/MIME]], and [[Pretty Good Privacy|PGP]]. Compared to [[symmetric cryptography]], public-key cryptography can be too slow for many purposes,<ref>--*
{{cite journal
|last1=Alvarez |first1=Rafael
Line 26:
}}</ref> so these protocols often combine symmetric cryptography with public-key cryptography in [[Hybrid cryptosystem|hybrid cryptosystems]].
== Description ==[[z--*]]
Before the mid-1970s, all cipher systems used [[symmetric key algorithm]]s, in which the same [[cryptographic key]] is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system – for instance, via a [[secure channel]]. This requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels are not available, or when, (as is sensible cryptographic practice), keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users.
| |||