I,**Public Key**Encryption

Assume that I have two numbers: 1 and 2. I like the number 2 and keep it. I won't tell you (Private Key), and I will tell you that 1 is my public key.

I have a file that cannot be viewed by others. I use 1 for encryption.

Someone else finds this file, but he does not know that 2 is the decryption private key, so he cannot undo it. Only I can use number 2, that is, my private key, to decrypt it. In this way, I can protect the data.

My good friend X used my public key 1 to encrypt character a, encrypted it into B, and put it online.

Someone else steals this file, but someone else cannot undo it, because someone else does not know that 2 is my private key. Only I can decrypt it. After decryption, I will get.

In this way, we can transmit encrypted data.

II,**Private Key**Signature

If I encrypt a piece of data with a private key (of course, only I can use the private key to encrypt it, because only I know that 2 is my private key ), as a result, all people will see my content, because they all know that my public key is 1. What is the use of this encryption?

But my good friend x said someone impersonates me to send a mail to him. What should we do?

I used my private key 2 to encrypt the letter I sent. The encrypted content is D. I sent it to X and told him to decrypt it to see if it was C. He decrypted it with my public key 1 and found it was C. At this time, he will think that the data that can be decrypted with my public key must be encrypted with my private key. Only I know my private key, so he can confirm that it is actually what I sent.

In this way, we can confirm the sender's identity.

This process is called digital signature. Of course, the specific process is a little more complicated. The private key is used to encrypt data.**Digital Signature**.

I have previously written an article titled "secure login authentication Design for websites", which may not be clear enough. One reader left a message to question: "The public key is public as its name implies, who will have your public key as long as you want? It should be encrypted with the public key of the website. After being uploaded to the website, the website will be decrypted with its own private key ".

These cryptographic concepts are easy to confuse and can be justified. Public Keys, private keys, encryption, and authentication are all complex issues, and their concepts are not easy to understand. If they are not understood, they are prone to various plausible concepts, to give you a better understanding of cryptography, I will explain in detail the specific functions and usage of public and private keys.

Encryption and authentication

First, we need to distinguish the two basic concepts of encryption and authentication.

Encryption encrypts data so that illegal users cannot obtain the correct data even if they have obtained the encrypted data. Therefore, data encryption can protect data and prevent attacks. The focus is on data security. Identity Authentication is used to determine the authenticity of an identity. After the identity is confirmed, the system can grant different permissions according to different identities. The focus is on the authenticity of users. The two have different focuses.

Public Key and Private Key

Secondly, we need to understand the concepts and functions of public and private keys.

In modern cryptographic systems, encryption and decryption use different keys (public keys), that is, asymmetric key cryptography systems. Each communication party requires two keys, namely, the public key and private key, these two keys can be used for mutual encryption and decryption. The Public Key is public and does not need to be kept confidential. The private key is held by the individual and must be kept properly and kept confidential.

Principles of Public Key and private key:

- A public key corresponds to a private key.
- The key pair is known to everyone as a public key. If you do not know it, you only know it as a private key.
- If one of the keys is used to encrypt data, only the corresponding key can be decrypted.
- If one of the keys can be used for data decryption, the data must be encrypted by the corresponding key.

The main application of asymmetric key cryptography is public key encryption and public key authentication. The process of public key encryption is different from that of public key authentication. I will explain in detail the differences between the two.

Public Key-based encryption process

For example, two users Alice and Bob, Alice want to send a piece of plain text to bob through the two-key encryption technology. Bob has a pair of public and private keys, the encryption and decryption process is as follows:

- Bob transfers his public key to Alice.
- Alice encrypted her message with Bob's public key and sent it to Bob.
- Bob uses his private key to decrypt Alice's message.

The above process can be used to indicate that Alice uses Bob's public key for encryption and Bob uses his own private key for decryption.

Public Key-based authentication process

Identity authentication and encryption are different. The main users identify the authenticity of users. Here, we can identify a user's private key as long as it is correct.

For Alice and Bob, Alice wants Bob to know that she is a real Alice, rather than a fake one. Therefore, Alice only needs to use public key cryptography to sign the file and send it to Bob, bob uses Alice's public key to decrypt the file. If the decryption succeeds, it proves that Alice's private key is correct and thus completes Alice's identity authentication. The entire authentication process is as follows:

- Alice uses her private key to encrypt the file and sign the file.
- Alice transfers the signed file to Bob.
- Bob decrypts the file with Alice's public key to verify the signature.

The above process can be used to indicate that Alice uses her own private key for encryption, and Bob uses Alice's public key for decryption.

Summary

Now, the four concepts of encryption, authentication, public key, and private key are described in detail. After understanding these concepts, you should have a clearer understanding of the concept described in "secure login authentication Design for websites.

From: http://www.williamlong.info/archives/837.html

Cryptography-Private Key in data public key encryption and authentication