CyberSecurity FAQ - What is public-key encryption?

Alternative FAQ Phrasings: What is public-key encryption? | What is public-key cryptography?

Public-key encryption is an asymmetrical cryptographic system which uses a pair of mathematically related cryptographic keys:

  • public key: As its name implies, the public cryptographic key is widely known. Public keys are typically made available via a public directory or repository.
  • private key: As its name implies, the private cryptographic key is confidential, and is closely held by the message recipient or information concealor.

The cryptographic key pair is mathematically related in the sense that whatever is encrypted via a public key can only be decrypted via a private key, and vice versa. For example, if Chauncey wants to send a confidential message to Chelsea, and wants to ensure that only Chelsea can read it, Chauncey can encrypt the message with Chelsea’s public key. Only Chelsea, or someone with access to her corresponding private key, will be capable of decrypting the encrypted message back into its original unencrypted form. Even if someone intercepts Chelsea’s encrypted message druing transmission, its contents will remain confidential if the interceptor lacks access to Chelsea’s private key, which is essential for decryption.

To explicate further, consider the following pseudocode for the complementary cryptographic algorithm functions encode and decode with parameters plaintext, ciphertext, publickey, and privatekey, where the last two parameters represent a complementary public-private cryptographic key pair:

  • encode (plaintext: String; publickey: String): ciphertext: String
  • decode (ciphertext: String; privatekey: String): plaintext: String

The input and output parameters for encode and decode functions are described below:

  • plaintext: the unencrypted message or other information which is an input parameter to the encode function, and is a return parameter for the decode function;
  • ciphertext: the encrypted message or other information which is a return parameter for the encode function, and is an input parameter for the decode function.
  • publickey: the public cryptographic key used by encode as an input parameter to encrypt the plaintext input parameter.
  • privatekey: the private cryptographic key used by decode as an input parameter to decrypt the ciphertext input parameters.