Asymmetric cryptography is a type of cryptography that uses a pair of keys: a public key and a private key. A user holding such a pair publishes their public key so anyone who wants to use it to send them an encrypted message. Only the private key holder is the one who can decrypt the encrypted message.
In 1874, a book written by William Stanley Jevons described the relationship between non-inverse functions and cryptography and specifically discussed the problem of factorization used to create the trap function in the RSA system.
In July 1996, a critic commented on Jevons’ book:
In his book, Jevons noted that there are situations where direct surgery is relatively simple, but the reverse is irreducibly harder. An example of this is encryption, which is simple compared to decryption. In the same section of the book, great importance is given to the idea that the multiplication of the whole is easy, but the decomposition of the product into fundamental factors is much harder. Thus, Jevons anticipated a key principle in the RSA algorithm used for asymmetric cryptography, although it is not Jevons who invented the whole concept.
Mathematically, the two keys are linked, but the private key can not be obtained from the public key. Otherwise, anyone could decrypt the messages for another user, because anyone has access to its public key.
A very good analogy for the process is the use of the mailbox. Anyone can put an envelope in someone’s mailbox, but only the keeper of the mailbox key has access to the envelope.
Asymmetric cryptography is also called public key cryptography.
Cryptographic methods using the same key for encryption and decryption are symmetric cryptography or cryptography with secret keys. Symmetric keys encryption systems use a single key, both for encryption and decryption. In order to use this method both the receiver and the transmitter should know the secret key.
This must be unique to a pair of users, which leads to problems due to the management of a very large number of keys. Asymmetric encryption systems remove this shortcoming. It also eliminates the need to agree on a common key that is difficult to pass under increased security conditions between the two interlocutors.
The two major branches of asymmetric cryptography are:
1. Public Key Encryption – an encrypted message with a public key can only be decoded using the appropriate private key. The method is used to ensure confidentiality.
2. Digital Signs – Anyone can check a private key–signed message by accessing the appropriate public key, thereby ensuring the authenticity of the message.
An analogy for digital signatures would be to seal an envelope using a personal seal.
Anyone can open the envelope, but it is the personal seal that checks the authenticity of the envelope.
A major problem in using this kind of encryption is the trust (proof) that the public key is correct, authentic, and has not been intercepted or replaced by a third party.
Typically, the problem is resolved using Public Key Infrastructure (PKI) where one or more people ensure the authenticity of the pair keys.
Another approach used by PGP (Pretty Good Privacy) is that of the web of trust concept.