Martin Kochanski’s web site


Some aspects of public-key encryption

Traditional ("symmetric", "secret-key", or "single-key") cryptosystems are simple.  There is an algorithm that says what calculations to perform and a key (often a number) that controls how those calculations work.  The same key can be used to decrypt or encrypt data. 

Public-key ("asymmetric", "two-key") cryptosystems are different.  They have two keys, one for encryption and one for decryption, and it is not possible to derive one from the other.  So you could keep the encryption key secret but publish your decryption key in a directory, so that you could encrypt messages and everyone could decrypt them and be sure they were from you (digital signatures) or you could keep the decryption key secret and publish the encryption key so that people could send you secret messages even if you have never met them or made arrangements with them.

The comedy of commercial encryption software

Every classic drama has some comic relief, and the comic relief in cryptography is provided by the activities of the commercial sector.  The weaknesses of the encryption packages are only matched by the feebleness of the public-relations excuses that are advanced when the weaknesses are pointed out.