Private Key in data public key encryption and authentication)

Source: Internet
Author: User
Previously I wrote an article" Design of secure login authentication for websites ", It may be that the story is not clear enough. One reader left a message and questioned it,
"As the name suggests, the Public Key is public. As long as you want it, everyone will have your public key. How can it be secure?
It should be encrypted with the public key of the website. After being uploaded to the website, the website will be decrypted with its own private key ".

These cryptographic concepts are easy to confuse and can be justified. Public Keys, private keys, encryption, and authentication are all complex issues, and their concepts are not easy to understand. If they are not understood, they are prone to various plausible concepts, to give you a better understanding of cryptography, I will explain in detail the specific functions and usage of public and private keys.

Encryption and authentication

First, we need to distinguish the two basic concepts of encryption and authentication.

Encryption encrypts data so that illegal users cannot obtain the correct data even if they have obtained the encrypted data. Therefore, data encryption can protect data and prevent attacks. The focus is on data security. Identity Authentication is used to determine the authenticity of an identity. After the identity is confirmed, the system can grant different permissions according to different identities. The focus is on the authenticity of users. The two have different focuses.

Public Key and Private Key

Secondly, we need to understand the concepts and functions of public and private keys.

In modern cryptographic systems, encryption and decryption use different keys (public keys), that is, asymmetric key cryptography systems. Each communication party requires two keys, namely, the public key and private key, these two keys can be used for mutual encryption and decryption. The Public Key is public and does not need to be kept confidential. The private key is held by the individual and must be kept properly and kept confidential.

Principles of Public Key and private key:

    1. A public key corresponds to a private key.
    2. The key pair is known to everyone as a public key. If you do not know it, you only know it as a private key.
    3. If one of the keys is used to encrypt data, only the corresponding key can be decrypted.
    4. If one of the keys can be used for data decryption, the data must be encrypted by the corresponding key.

The main application of asymmetric key cryptography is public key encryption and public key authentication. The process of public key encryption is different from that of public key authentication. I will explain in detail the differences between the two.

Public Key-based encryption process

For example, two users Alice and Bob, Alice want to send a piece of plain text to bob through the two-key encryption technology. Bob has a pair of public and private keys, the encryption and decryption process is as follows:

    1. Bob transfers his public key to Alice.
    2. Alice encrypted her message with Bob's public key and sent it to Bob.
    3. Bob uses his private key to decrypt Alice's message.

The above process can be used to indicate that Alice uses Bob's public key for encryption and Bob uses his own private key for decryption.

Public Key-based authentication process

Identity authentication and encryption are different. The main users identify the authenticity of users. Here, we can identify a user's private key as long as it is correct.

For Alice and Bob, Alice wants Bob to know that she is a real Alice, rather than a fake one. Therefore, Alice only needs to use public key cryptography to sign the file and send it to Bob, bob uses Alice's public key to decrypt the file. If the decryption succeeds, it proves that Alice's private key is correct and thus completes Alice's identity authentication. The authentication process is as follows:

    1. Alice uses her private key to encrypt the file and sign the file.
    2. Alice transfers the signed file to Bob.
    3. Bob decrypts the file with Alice's public key to verify the signature.

The above process can be used to indicate that Alice uses her own private key for encryption, and Bob uses Alice's public key for decryption.

Summary

Well, the above details the four concepts of encryption, authentication, public key, and private key. After understanding these concepts, you shouldDesign of secure login authentication for websites"The concepts described in this article have a clearer understanding.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.