Asymmetric key encryption is the process of transforming a text in order to conceal its meaning using a shared public key. The text can only be deciphered by a secret private key that is different from, but mathematically related to, the public key. The principle uses of asymmetric key encryption are symmetric key exchanges, certificate based authentication and digital signatures.
The advantage of asymmetric over symmetric key encryption, where the same key is used to encrypt and decrypt a message, is that secure messages can be sent between two parties over a non-secure communication channel without initially sharing secret information. The disadvantages are that encryption and decryption is slow, and ciphertext potentially may be hacked by a cryptographer given enough computing time and power.
Asymmetric key cryptography, or public-key cryptography, has revolutionized cryptology. Publicized in 1976, Martin Hellman and Whitfield Diffie describe a two key cryptographic system, where one key is used for encryption and a different but related second key is used for decryption. This has since become a fundamental part of securing communication over the Internet. Asymmetric key encryption is the base for tools such as the Pretty Good Privacy Program (PGP), Secure Sockets Layer protocol (SSL) and Transport Layer Security protocol (TLS.)
The confidentiality of a message as well as the authenticity of the sender can be guaranteed using asymmetric key encryption. Imagine that Alice would like to communicate confidential information to Bob. Bob has a published public key that he has made available to Alice using unsecured channels. Alice uses a cryptographic algorithm and Bob’s public key to turn her plain text message into cipher text, guaranteeing the confidentiality of her message. Only Bob can decipher her message using a complementary algorithm and his private key. Bob may then respond with a message encrypted with his private key and Alice can be sure that the message is authentic if her public key can decipher it.
The strength of asymmetric key encryption is linked to the length of the keys and the difficulty of the mathematics linking the two keys. Ron Rivest, Adi Shamir, and Leonard Adleman developed the RSA algorithm in 1978, which is the most common algorithm in use today. Public and private keys share the modulus of the product of two large distinct prime numbers. In order to guarantee the security of the message encryption, the lengths of keys have had to increase. This is in response to an increase in computing power of hackers who could break weaker codes using brute force calculations. The complexity of the algorithms makes asymmetric key encryption very slow, and best suited for smaller messages such as sharing session keys used in digital signatures.