2.2. Public-key ciphers

In public key cryptography (also known as asymmetric cryptography) keys come in pairs. Data encrypted with one key can only be decrypted using the other key from the pair, and it is not possible to deduce one key from the other. This helps to solve the key distribution problem since you can create such a key pair, publicise one of the keys widely (your "public key") and keep the other a closely guarded secret (your "private key"). Anyone can then send you data encrypted with the public key and only you, as the holder of the corresponding private key, can decrypt it.

You can also test that someone really does have access to a particular private key, by inventing some random text and asking them to encrypt it. If you can decrypt the result using their public key, and providing that they have kept their private key private, then you can make some assumptions about who they are.

The most well known public key algorithm, and one used extensively by TLS, is RSA.

There are however two big problems with all known public-key algorithms. One is that they are much more complex than symmetric algorithms and so are slower and/or require much more computer power to implement. The other is that the keys need to be much longer to ensure security - current thinking suggests that public keys should be at least 1024, and perhaps 2048, bits long.