I have an exam tomorrow in Advanced Development, but I am stuck on the topic of Encryption. I have read up on it at http://support.microsoft.com/kb/246071. However I am still confused.
If a message is encrypted using Asymmetric Encryption, using the public key, how is the decryptor going to know the private key with which to decrypt it? Surely the only way to do this is to make the private key public, but that defeats the object of Asymmetric Encryption.
Can someone please explain this in a way that a non-techie would be able to understand it? Its only Asymmetric Encryption I dont understand, not Symmetric Encryption. Thanks in advance.
Regards,
Richard
Edit: So to sum up all the answers in the case of a web application (the specific use for which I need to know about this):
- User visits a website;
- User is requested to provide a public key;
- User creates public and private key-pair, keep the private one private and sends back the public key to the server;
- Server uses the public key to encrypt anything which needs to be sent to the user and sends the information to the user;
- User uses his / her private key to decrypt the response from the server;
- User does what they need to and sends back a response to the server, using the private key to encrypt it;
- Server decrypts using the public key. Steps 4 - 7 may continue many times, or they may only happen once, or only 4 and 5 may occur.
Is this all correct? If so then it should be all I need to know for the exam. I shouldnt think I would need to know any more to get the maximum 40% should a question on this subject come up - will mention the existence of certificates and signatures though.
Thank you for all the help.
Regards,
Richard
Edit: Well I have just got back from my exam and it went fairly ok I think. But no question on cryptography came up, however... The help was appreciated anyway. Thanks all.
Regards,
Richard