how does public key cryptography work [duplicate]

Answer 1

I didn't create this, but someone shared this video with me and it helped the theory make much more sense. As always the devil's in the details (implementation).

http://www.youtube.com/watch?v=YEBfamv-_do

Answer 2

In this situation, Alice would use Bob's public key to encrypt the data and Bob would then decrypt it with his private key.

Essentially, a public key encrypts data and a private key decrypts that data. Since every user has both a public and private key, you can securely send data to any other user.

Answer 3

If you connect to the site of your bank it works a lot of cryptographic things. The most important is that you use public key of the bank to send a piece of information to the bank, because in every SSL (https) connection server send to client it's public key packed as a certificate.

Usage of certificate and world wide PKI is important. You want be sure, that if you gives to the bank your bank pin, that on the other side is really your bank and not an other person. This will be solved, because on every computers there are a small number of public keys of well known organisations (like VeriSign) and bank send you not only his server public key, but a certificate. certificate is a message signed by VeriSign for example, which say "this public key is really from the bank XYZ". So because you have public key of VeriSign you can first verify, that server certificate of the bank is correct. So you can be sure, that you communicate really with your bank.

Answer 4

Basically, the procedure is:

1. The client connects to the server and asks for the server's certificate. The certificate contains the public key and information about the server's identity.
2. Assuming the client is happy with the server's identity, it generates a random number P and encrypts it with the server's public key.
3. Only the server can decrypt P (with it's private key - not shared with anybody) so when the client sends the encrypted random number to the server, the server decrypts it.
4. The client and server both use P to generate a symmetric key for use in a symmetric encryption algorithm, safe in the knowledge that only the client and server know the value of P used to generate the key.

Answer 5

Simple, you need a key.

SSL/TLS solves this problem by creating a symmetric session key during the connection setup. The public key cryptography is used to establish this session key, which is then used for bi-directional data communication. Read more about TLS

Answer 6

Alice will use the public and private key combo to decrypt it

Alice would just decrypt it with her private key.

However, how can Alice encrypt something to be sent over to Bob? How would Bob decrypt it?

Alice would need Bob's public key to send something to him. Typically, public key encryption is used for authentication, non-repudiation (like signing), and distribution of symmetric keys (which are faster for encrypting/ decrypting long messages).