380 http://inventwithpython.com/hacking
Email questions to the author: [email protected]
Say someone on the other side of the world wants to communicate with you. But you both know
that spy agencies are monitoring all emails, letters, texts, and calls that you send. You could send
them encrypted messages, however you would both have to agree on a secret key to use. But if
one of you emailed the other a secret key to use, then the spy agency would be able to see this key
and then decrypt any future messages you send with that key. Normally you would both secretly
meet in person and exchange the key then. But you can’t do this if the person is on the other side
of the world. You could try encrypting the key before you send it, but then you would have to
send the secret key for that message to the other person and it would also be intercepted.
This is a problem solved by public key cryptography. Public key cryptography ciphers have
two keys, one used for encryption and one used for decryption. A cipher that uses different keys
for encryption and decryption is called an asymmetric cipher, while the ciphers that use the
same key for encryption and decryption (like all the previous ciphers in this book) are called
symmetric ciphers.
The important thing to know is that a message encrypted with one key can only be decrypted
with the other key. So even if someone got their hands on the encryption key, they would not be
able to read an encrypted message because the encryption key can only encrypt; it cannot be used
to decrypt messages that it encrypted.
So when we have these two keys, we call one the public key and one the private key. The public
key is shared with the entire world. However, the private key must be kept secret.
If Alice wants to send Bob a message, Alice finds Bob’s public key (or Bob can give it to her).
Then Alice encrypts her message to Bob with Bob’s public key. Since the public key cannot
decrypt a message that was encrypted with it, it doesn’t matter that everyone else has Bob’s
public key.
When Bob receives the encrypted message, he uses his private key to decrypt it. If Bob wants to
reply to Alice, he finds her public key and encrypts his reply with it. Since only Alice knows her
own private key, Alice will be the only person who can decrypt the encrypted message.
Remember that when sending encrypted messages using a public key cipher:
The public key is used for encrypting.
The private key is used for decrypting.To go back to the example of communicating with someone across the world, now it doesn’t
matter if you send them your public key. Even if the spy agency has your public key, they cannot
read messages that were encrypted with the public key. Only your private key can decrypt those
messages, and you keep that key a secret.