What is Public Key Cryptography?
Public Key Cryptography, also known as asymmetric cryptography, uses an asymmetric algorithm to generate a pair of keys (a public and private key pair) for the purpose of encrypting and decrypting messages. Public key cryptography varies from symmetric encryption which uses one key to encrypt and decrypt. Examples of public key cryptography, or asymmetric algorithms, include: RSA, elliptic curve cryptographic systems (ECC) and Diffie-Hellman.
Certificate Authorities (CAs) issue digital certificates that use public key cryptography. The public and private keys are virtual keys that are actually large numerical values used to encrypt and decrypt data. The keys are produced by a trusted CA by both parties. The private key is generally held by the generator of the key pair, while the public key is held by anyone who wants to send data.
Public key encryption provides confidentiality because the message is encrypted with an individual's public key and can only be decrypted with the individual's private key, ensuring that only the intended recipient can decrypt the message. This is known as the TLS/SSL handshake.
Public key cryptography was first published in 1977 by Whitfield-Diffie and Martin Hellman, but it was initially formulated by James Ellis.
How does key size affect the cryptographic strength of an algorithm?
The cryptographic strength of an algorithm depends on its key size. The larger the key size, the harder it is to break the encryption. Since a larger key consumes more resources and more time to process than a smaller one, the size can be a consideration when selecting algorithms. The cryptographic strength of keys with the different algorithms does not correspond one to one with their key size. For example, the cryptographic strength of an ECC 256-bit key is equivalent to an RSA 3072-bit key.