Questions about Public-key cryptography
Short answers, pulled from the story.
What is public-key cryptography and how does it work?
Public-key cryptography is a cryptographic system that uses pairs of mathematically related keys: a public key that can be freely shared and a private key that must be kept secret. A message encrypted with a public key can only be decrypted by the corresponding private key, allowing two parties to communicate securely without ever exchanging a secret in advance.
Who invented public-key cryptography?
The concept was independently discovered in two places. In 1970, James H. Ellis at the UK's GCHQ conceived of "non-secret encryption"; his colleague Clifford Cocks implemented the RSA algorithm in 1973, and Malcolm J. Williamson developed Diffie-Hellman key exchange in 1974, but this work remained classified until 1997. Publicly, Whitfield Diffie and Martin Hellman published the first open method in 1976, and Ron Rivest, Adi Shamir, and Leonard Adleman published the RSA algorithm in Scientific American in August 1977.
When was RSA encryption published and where?
RSA was published in the August 1977 issue of Scientific American in Martin Gardner's Mathematical Games column. The algorithm was developed by Ron Rivest, Adi Shamir, and Leonard Adleman, all then at MIT, and takes its name from their initials.
What is a man-in-the-middle attack in public-key cryptography?
A man-in-the-middle attack occurs when a third party intercepts the exchange of public keys and substitutes their own, allowing them to silently decrypt and re-encrypt communications between two parties. The attack is most feasible when the attacker controls the communications infrastructure, such as at an internet service provider, and is fully preventable only when the physical communications channel is controlled by one or both of the legitimate parties.
Why do secure internet protocols combine public-key and symmetric cryptography?
Asymmetric key algorithms are nearly always far more computationally intensive than symmetric ones, making them too slow for encrypting large volumes of data. Protocols such as TLS, PGP, and SSH use a hybrid approach: public-key cryptography handles the initial key exchange, and the faster symmetric encryption secures the rest of the session.
Is public-key cryptography vulnerable to quantum computing?
Many asymmetric key algorithms, including RSA, are considered vulnerable to attacks from quantum computers because quantum algorithms can solve the underlying mathematical problems, such as large-number factorization, far more efficiently than classical computers. Sufficiently powerful quantum computers do not yet exist, but new quantum-resistant cryptographic schemes are actively being developed to address this future risk.