In this article, we shall understand how encryption and decryption work using public/private keys.

### Working of Encryption & Decryption

An old school example to understand public key and private key is: Public Key is like an Email Address and Private Key is like the Password. Another close example is: public key is like your credit card (or bank account number) and private key is like your PIN number. This is a close analogy but it is not exactly true. Because your password or PIN number is something that you decide irrespective of your email address or account number. They don’t have a mathematical relationship. Whereas between Public Key and Private Key, the Public Key is derived using complex mathematics on the Private Key (so they are mathematically related).

- Deriving public key out of private key is possible and it is intentional.
- Deriving private keys from the public key is next to impossible.

The reason for the above example lies in the assumption that: if you know the account number, you need not necessarily be the owner of it. Similarly, if you know the email address, you need not necessarily be the owner of that email account. But, for some reason you forgot the email address (or bank account number) but you remember the password (or PIN), then there is almost a 100% chance that you own that account (unless you stupidly shared that private key or password with someone else).

But, **the on-ground reality is that the relationship between public key and private key is much more nuanced**. Keys are fundamental for cryptography, and to access digital assets without a government (or a governing body). Public and private keys are two complementary sides of this process, which we shall understand in greater detail.

How exactly does encryption work using public and private keys? It is very similar to sending money to another person’s account. Suppose you want to send money to your father’s account. You would ask for his public key (account number, address, etc.) and send it to that account. You know that only your father can access that money because only he holds the private key.

Similarly, when you want to send a file across to your friend,

- Firstly, you both have to generate your own set of public and private keys. PuTTYgen is a key generator tool for creating pairs of public and private keys. These keys are generated by multiplying extremely large prime numbers. The public key is a multiplication of large prime numbers, and the private key is usually one of the prime numbers (not necessarily true, but mostly true). This is why prime number mathematics is important for children to learn, it has great applications.
- Anyways, coming back now, you and your friend both have public and private keys. Both the computers (of yours and your friend’s) exchange the public keys ( and not the private keys).
- Your computer will encrypt the data to be sent to your friend by using his public key (recipient’s public key)
- Your friend’s computer can decrypt the data using its own private key which was never shared with anyone.

There are types of encryption methods and algorithms. Asymmetric encryption method is what we’ve seen above and is probably the most important. It is called asymmetric or public key encryption because there are different keys used by sender and receiver. Symmetric encryption is an encryption method in which a common key is used to both encrypt and decrypt by the sender and receiver.

**Common Asymmetric Encryption methods are: **

RSA. RSA, named after MIT computer scientists Ron Rivest, Adi Shamir, and Leonard Adleman, is a popular algorithm used to encrypt data with a public key and decrypt with a private key for secure data transmission.

**Common Symmetric Encryption methods are: **

TwoFish, DES, AES, etc.

The algorithms first authenticate a message to verify the origin. Next, they check the integrity to verify that contents have remained unchanged. And, then they ensure they don’t deny the genuine user access/login.

Hope this is useful, thank you.