### Public-Key Encryption

The most commonly used implementations of public-key encryption are
based on algorithms patented by RSA Data Security. Therefore, this section
describes the RSA approach to public-key encryption.

Public-key encryption (also called asymmetric encryption) involves a
pair of keys—a public key and a private key—associated with an entity that needs to authenticate
its identity electronically or to sign or encrypt data. Each public key is
published, and the corresponding private key is kept secret. The following
figure shows a simplified view of the way public-key encryption works.

##### Figure 2–13 Public-Key Encryption

Public—key encryption lets you distribute a public key, and only
you can read data encrypted by this key. In general, to send encrypted data
to someone, you encrypt the data with that person’s public key, and
the person receiving the encrypted data decrypts it with the corresponding
private key.

Compared with symmetric-key encryption, public-key encryption requires
more computation and is therefore not always appropriate for large amounts
of data. However, it’s possible to use public-key encryption to send
a symmetric key, which can then be used to encrypt additional data. This is
the approach used by the SSL protocol.

As it happens, the reverse of the scheme shown in Figure 2–13 also works: data encrypted with your private key
can be decrypted with your public key only. This would not be a desirable
way to encrypt sensitive data, however, because it means that anyone with
your public key, which is by definition published, could decrypt the data.
Nevertheless, private-key encryption is useful, because it means you can use
your private key to sign data with your digital signature—an important
requirement for electronic commerce and other commercial applications of cryptography.
Client software can then use your public key to confirm that the message was
signed with your private key and that it hasn’t been tampered with since
being signed. Digital Signatures on Digital Signatures and subsequent sections describe
how this confirmation process works.