Public key cryptography
Public key cryptography is a branch of cryptography using pairs of mathematically related public and private keys to secure communications, authenticate identities, and protect data integrity without requiring parties to share a secret in advance.
What Is Public Key Cryptography?
Public key cryptography is a branch of cryptography that uses pairs of mathematically related keys, one public and one private, to secure communications, authenticate identities, and protect data integrity without requiring communicating parties to share a secret in advance. The approach is also called asymmetric cryptography because the two keys serve different roles: a message encrypted with the public key can only be decrypted with the matching private key, and a signature generated with the private key can be verified by anyone holding the public key. This asymmetry solves the classical key distribution problem, which had constrained cryptographic systems for centuries.
The field was established in 1976 when Whitfield Diffie and Martin Hellman published "New Directions in Cryptography," introducing the concept of public key exchange. Shortly after, Rivest, Shamir, and Adleman published the RSA algorithm, the first practical implementation of asymmetric encryption, in 1977. These two papers shifted cryptography from a specialized government tool into a broadly deployable technology for commercial and civil communication.
Encryption and Digital Signatures
The two primary operations in public key cryptography serve distinct purposes. In encryption, a sender uses the recipient's public key to transform plaintext into ciphertext that only the recipient's private key can reverse. This allows anyone to send a confidential message to a named recipient without any prior shared secret. In digital signature schemes, the process is inverted: the signer applies the private key to a message digest, producing a signature that any holder of the corresponding public key can verify. Digital signatures simultaneously authenticate the source of a message and confirm that its contents have not been altered. The NIST glossary entry on asymmetric cryptography defines the field precisely in these terms and provides the foundational vocabulary used in standards and specifications worldwide.
Algorithms and Standards
Several families of algorithms implement public key cryptography, each resting on a different mathematical hard problem. RSA relies on the difficulty of factoring the product of two large primes; its key sizes have grown steadily as computing power increases, with 2048-bit and 4096-bit keys now common. Elliptic curve cryptography (ECC), standardized by NIST in FIPS 186-5, achieves equivalent security with substantially shorter keys by grounding hardness in the discrete logarithm problem on elliptic curves over finite fields. ECDSA and ECDH are the most widely deployed elliptic curve algorithms, appearing in TLS, secure messaging, and code signing. Homomorphic encryption, an adjacent technique, extends asymmetric ideas by allowing computation on encrypted data without decryption, though it remains primarily a research concern rather than a widely deployed cryptographic primitive.
Key Management and Infrastructure
Public key cryptography requires supporting infrastructure to be useful at scale. Public Key Infrastructure (PKI) is the ecosystem of certificate authorities, digital certificates, and validation protocols that bind public keys to verified identities. Certificate authorities issue X.509 certificates, attesting that a given public key belongs to a named entity. Revocation mechanisms, including Certificate Revocation Lists and the Online Certificate Status Protocol, allow certificates to be invalidated before expiry if a private key is compromised. NIST Special Publication SP 800-57 specifies recommended practices for key generation, distribution, storage, and retirement across the full lifecycle of asymmetric key pairs.
Applications
Public key cryptography has applications in a wide range of security-critical systems, including:
- Securing web traffic via the TLS handshake in HTTPS connections
- Authenticating software updates and code packages through digital signatures
- Enabling secure remote access over SSH without password transmission
- Protecting email confidentiality and authenticity via S/MIME and OpenPGP
- Supporting electronic identity documents, smart cards, and government credentials
- Underpinning blockchain transaction authorization and cryptocurrency wallets