Unlike symmetric encryption algorithms, an asymmetric encryption algorithm requires two keys: the public key (PublicKey) and the private key (Privatekey). If the public key and the private key are a pair, if the data is encrypted with the public key, only the corresponding private key can be decrypted, if the private key is used to encrypt the data, then only the corresponding public key can be decrypted. Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm.
Asymmetric Encryption principle
Asymmetric encryption itself is not difficult to understand, combined with figure 6-14 of the asymmetric encryption process to do a brief analysis.
Asymmetric encryption schematic
As shown in Figure 6-14, the data is encrypted before the two keys, a public key, a private key, where the public key is public, can be obtained by anyone, the private key is only owned by the decryption party. The two sides of the conversation are Lao Li and Xiao Wang, Lao Li now wants to send data to Xiao Wang, in order to avoid being monitored, Lao Li needs to encrypt the data. Because the data is the recipient of Xiao Li, so Lao Wang chose to use Xiao Li's public key to encrypt, Xiao Li's public key can be known to anyone, do not need a secret transfer. After receiving the data transmitted by Lao Wang, Xiao Li uses the private key he knows only to decrypt it. From the whole process, it does not involve the transmission of the key, so the key transmission security problem of symmetric encryption is fundamentally solved.
Example: Now Alice sends a digital message to Bob, in order to guarantee the confidentiality, authenticity, integrity and non-repudiation of the information transmission, it is necessary to digitally encrypt and digitally sign the information to be transmitted, which is transmitted as follows:
A. Alice prepares the digital information (clear text) to be transmitted.
B. Alice hashes a hash (hash) of the numeric information and gets a summary of the information.
C. Alice encrypts the information digest with her own private key (SK) to get Alice's digital signature and attach it to the digital information.
D. Alice randomly generates an encryption key (DES key) and encrypts the information to be sent using this key to form a ciphertext.
E. Alice uses Bob's public key (PK) to encrypt the cryptographic key that was just randomly generated, sending the encrypted des key along with the cipher to Bob
F. Bob receives the ciphertext sent by Alice and the encrypted Des Key, and first decrypts the encoded DES Key with her private key (SK) to obtain the DES key.
G. Bob then decrypts the received ciphertext with the DES Key, obtains the digital information in clear text, and discards the DES key (i.e., the DES Key is invalidated).
H. Bob decrypts Alice's digital signature with Alice's public key (PK) to get a summary of the information.
Bob uses the same hash algorithm to perform a hash operation on the received plaintext and gets a new summary of the information.
J. Bob compares the summary of information received with the summary of the newly generated information and, if consistent, indicates that the information received has not been modified.
Reproduced in: http://www.cnitpm.com/pm/5702.html