1. The public key and private key appear in pairs.
2. Public Keys are called public keys. Only private keys that you know are called public keys.
3. Only the corresponding private key can decrypt the data encrypted with the public key.
4. Only the corresponding public key can decrypt the data encrypted with the private key.
5. If the public key can be used for decryption, it must be the secret of the corresponding private key.
6. If you can decrypt it with a private key, it must be the password of the corresponding public key. I have two numbers, one is 1 and the other is 2. I like the number 2 and keep it. I will tell you that 1 is my public key. I have a file that cannot be viewed by others. I use 1 for encryption. Someone else finds this file, but he does not know that 2 is the decryption private key, so he cannot undo it. Only I can use number 2, that is, my private key, to decrypt it. In this way, I can protect the data. My good friend X used my public key 1 to encrypt character a, encrypted it into B, and put it online. Someone else steals this file, but someone else cannot undo it, because someone else does not know that 2 is my private key. Only I can decrypt it. After decryption, I will get. In this way, we can transmit encrypted data. Now we know that encryption with the public key and decryption with the private key can solve the problem of secure transmission. If I encrypt a piece of data with a private key (of course, only I can use the private key to encrypt it, because only I know that 2 is my private key ), as a result, all people will see my content, because they all know that my public key is 1. What is the use of this encryption? But my good friend x said someone impersonates me to send a mail to him. What should we do? I used my private key 2 to encrypt the letter I sent. The encrypted content is D. I sent it to X and told him to decrypt it to see if it was C. He decrypted it with my public key 1 and found it was C. At this time, he will think that the data that can be decrypted with my public key must be encrypted with my private key. Only I know my private key, so he can confirm that it is actually what I sent. In this way, we can confirm the sender's identity. This process is called digital signature. Of course, the specific process is a little more complicated. The private key is used to encrypt data. Okay. Let's review:
1. The public key and private key are paired.
2. I only know the private key.
3. You can use my public key to send me encrypted messages.
4. You can use my public key to decrypt the content of the letter and see if it can be unlocked. It indicates that it has been encrypted by my private key, and you can confirm that it was actually sent by me. Conclusion:
1. encrypt data with the public key and decrypt data with the private key
2. Use the private key to encrypt data (digital signature) and the public key to verify the digital signature. In actual use, the public key does not appear independently and always appears in the form of a digital certificate. This is for the security and validity of the public key. The principle of digital certificates adopt a public key system, that is, using a pair of matching keys for encryption and decryption. Each user sets a specific private key (Private Key) that is only known to him and uses it for decryption and signature. At the same time, a Public Key (Public Key) is set and made public by himself, shared by a group of users for encryption and signature verification. When a confidential file is sent, the sender encrypts the data using the public key of the receiver, while the receiver decrypts the data using its own private key, so that the information can be securely reached to the destination. It is an irreversible process to ensure the encryption process through digital means, that is, only private keys can be decrypted. In the public key cryptography system, RSA is commonly used.
You can also use your own private key to process the information. Because the key is only owned by yourself, a file cannot be generated by others, and a digital signature is formed. Using a digital signature, you can confirm the following two points:
(1) ensure that the information is sent by the signatory's own signature, and the signatory cannot deny or be hard to deny;
(2) ensure that no modification has been made to the information since it was issued and that the issued document is a real document. My explanation: each user has a private key and a public key.
The private key is used for decryption and signature.
The Public Key is disclosed by myself and used for encryption and signature verification. It is used by others. When a user sends a file, the user uses the private key to sign the file and others use the public key to decrypt the file. This ensures that the information is sent by the user. That is, digital signature.
When the user accepts a file, another user uses his/her public key to encrypt the file. He/she decrypts the file with his/her private key to ensure that the information can only be received by the user. You can avoid being seen by others. A digital certificate is a digital identity that is very similar to a passport or driver's license. A digital certificate is a digital credential that provides information about the entity identity and other support information. A digital certificate is issued by an authority that becomes a Certificate Authority (CA. Since a digital certificate is issued by a Certificate Authority, the Authority warrants the validity of the certificate information. In addition, the digital certificate is valid only for a specific period of time. The digital certificate contains the public key of the entity identified in the certificate (that is, your certificate contains your Public Key), because the certificate matches the public key with a specific individual, and the authenticity of the certificate is guaranteed by the Issuing Authority (that is to say, you can trust that your certificate is true). Therefore, the digital certificate provides a solution to the problem of finding the user's public key and knowing whether it is valid.