Hello guys, I want to share with you something that when I know this, I just got “WOW”.
Let’s start with a basic idea of Cryptography that maybe you already know. So, you have a secret key that enables you to encrypt your messages into a random unreadable string, and when you give someone that unreadable string he only can get your original messages when he is able to decrypt it.
Let’s start with cryptography which is named symmetric cryptography. Basically, we use the same key for both encryption and decryption. But, in order to do that, we both need to know what the key is. Let’s just say it is you and me that want to know to communicate privately with this kind of schema, we both need to agree on a key that nobody can know about it, as you can see, we are in a situation where we need a secure encrypted connection to share our key but to establish the secure encrypted connection we must have a key. Or maybe we can meet each other physically and share the key but it is very inconvenient, right?
There is a way to solve the problem above named asymmetric cryptography. In asymmetric cryptography, we have a pair of keys to do the encryption and decryption. Let’s just say for now the name of the key is: keyA and keyB, the pair of keyA and keyB in this schema must be linked to each other:
- Anything that is encrypted by the keyA can only be decrypted by the keyB
- Anything that is encrypted by the keyB can only be decrypted by the keyA
We can generate those key pairs and we can just “pick” one of them to be our key, and decide one of the key to be our public key and the other as private key. Your public key is public and you can publish it everywhere but the private key must be keep absolutely secret.
Now, take a look at these cool things: I can encrypt a message and spread it with everybody can decrypt my message because they have my public key, right? and you asking what is the purpose for doing that. The fact that you can decrypt my message is a fact that means it is encrypted by my private key which only me has so you can be sure it is a message from me and not anyone else that’s one that we call Authentication.
But here are the other cool things that we can do. If we both have key pairs, remember that you will know my public key and I will know your public key. This is a way if I want to send you a message:
- I will encrypt my message with my private key and then after that the result message I will encrypt again with your public key.
- Look, you will be able to decrypt first with your private key and then decrypt again with my public key.
With that schema, we both can be sure nobody else knows our message, and you can be sure that I am the one that sends the message because of the Authentication that we mentioned earlier.
Look! we can create a secured communication system with simple logic! it’s way more beautiful for me because the logic is simple. Hope you feel the same way with the way I feel when I know this for the first time.