Asymmetric encryption uses two different keys, a public key and a private key, which are mathematically paired to work together. Asymmetric encryption is commonly called "Public Key" encryption. You will need a Certificate Authority to use asymmetric encryption.
It only encrypts small bits of data. The data or message must be smaller than the asymmetric key.
Only used to encrypt symmetric keys (used for encrypting data at rest, and encrypting the hashes (combined this creates the "Digitial Signature".
The Public Key is available to everyone, the Private Key is only available to you. Users are not to share their Private Key with anyone. My way of telling people how to remember who gets the Private Key, "YOU HAVE TO KEEP YOUR PRIVATES: PRIVATE" keys.
In this blog, we are going to cover the use of asymmetric encryption when it comes to emails or messages, and documents (files).
ENCRYPTION & DECRYPTION: is performed with the recipient's keys:
1. If you were to send an email (Message, document, or file) to Dave, and you want only Dave to read it, you would encrypt with Dave's Public Key.
2. Dave would then decrypt the email (Message, document, or file) with his Private Key.
DIGITAL SIGNATURE: is always perform with the sender's keys.
1. First, the email (Message, document, or file) is hashed, the encrypted (Signed: Digitally signed) whit the sender Private Key. This Digital Signature will include the sender's Public Key.
2. The recipient will use the senders Public Key to verify that the digital signature is valid. The recipient validates the Public key to the issuing Certificate Authority.
Common asymmetric encryptions:
RSA: Typically used with X.509 certificates, it encrypts the certificate
DSA: Digital Signature Algorithm
ECC: Elliptic Curve Cryptography, mainly used with mobile devices due to less processing power
