Join Sean Colins for an in-depth discussion in this video Understanding key pair encryption, part of Understanding Secure Sockets Layer.
- Okay, so, we're going to split out some of these subjects so that they're easier to understand, easier to digest in these smaller chunks, and in this movie we're going to talk about Private and Public Key Encryption. Keyed encryption is pretty straightforward as a concept, right? Cause encryption is just converting something that you can see into something you can't see and then being able to convert it back again. So it's intended to secure important data, and when we're talking about SSL, we're talking about securing important data across a network, so that means that that's doing that in transit.
So we do that in a couple of different ways in SSL. One is using Symmetric Key Encryption and this is a really easy concept to get across because it's just the creation of one complicated key that can be used to scramble something. Remember your decoder ring from being a kid, right? This is pretty easy. All you're going to do is you're going to use that one key to encode and decode information. And because it's on both ends, it just works, right? So, you use some secure media to get that key over to the client system that needs to decrypt the information that you created, right? So, they encrypt something, they send it to the server.
The server is then able to decrypt it because, of course, that key is the same. So that's Symmetric Key Encryption. But Asymmetric Key Cryptography, or Public Key Cryptography, as it's also known, works a little differently because you've got two different keys. You've got a private key, that would be represented by the blue key here in our diagram, and that private key is always kept in a secure location, it's never let out of the server that it operates on, and instead we create a public key that is mathematically linked to the private key.
That's really, really important, okay, so I'll say it again. The public key is not identical to the private key, they are different, but because they are mathematically keyed to one another, when someone gets a hold of the public key, which is freely available across the network, all that person has to do is take their content, encode it with the public key, send it to the server, and then because the private key is mathematically linked to the public key, it is able to decrypt what was encoded with the public key.
Important thing to note here, you can't just take two copies of the public key and use them between two individuals and have that work. The public key won't encrypt data that then someone else with the same public key can decrypt. So only the private key can decrypt what the public key encrypts, that's what makes that work. So to review, with Symmetric Key Encryption, symmetric keys encode and decode information using the same key on both ends of the transaction.
Because there's only one key, the security of the key itself is really important, and it's simultaneously super inconvenient to facilitate because it must be in the possession of anyone who needs to decode or encode. Whereas Public Key or Asymmetric Key Cryptography allows each server to have two keys, a private key and a public key. The private key has to be kept secured, the public key can be freely distributed. And the two keys are mathematically keyed to one another. I know I'm using the word "key" a lot here, but please follow. When strangers use the public key to encrypt data, only the private key can decrypt it.
And this allows you to transfer your information from you to a server without having to worry about someone in between being able to read it.
- SSL communications
- Certificate authorities
- Public key infrastructures
- Symmetric and asymmetric key pairs
- Cryptographic hash functions
- Encryption algorithms
Start now, and by the end of this course you'll have the knowledge to create SSL certificates, as well as revoke and renew them, from the command line.