public-key cryptography

System of cryptography that allows remote users to exchange encrypted data without the need to transmit a secret digital ‘key’ in advance. The system was first proposed by Whitfield Diffie and Martin Hellman in a widely read and influential paper ‘New Directions in Cryptography’ (1976).

Several algorithms in common use apply public-key cryptography, including the RSA algorithm (published in 1977 in Scientific American and named after its inventors, Ronald Rivest, Adi Shamir, and Leonard Adleman) and the Skipjack algorithm used in the Clipper chip. The disadvantage is that it is extremely slow, so it is common on the Net to see Pretty Good Privacy (PGP), which uses RSA, being used to encrypt only a digest of the message generated using a hash function. This is appended to the end of the message along with a listing of the user's public key.

In public-key cryptography, each party has a personal pair of keys, one private and one public. The private key is kept secret, while the public key is distributed widely – to friends, business partners, and even to public key servers – computers which store many users' public keys so that anyone can obtain a copy. The two keys are complementary. The sender of a message may encrypt his message using the recipient's public key. This message can then only be decrypted using the recipient's private key. Using both sets of keys serves both to authenticate the message and ensure its privacy.

Public-key cryptography can also be used to create and verify a digital signature. The core framework for security for electronic commerce transactions is known as public key infrastructure (PKI).