If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

### Course: Internet safety>Unit 1

Lesson 10: Data encryption techniques

# Encryption and public keys

Mia Epner, who works on security for a US national intelligence agency, explains how cryptography allows for the secure transfer of data online. This video explains 256-bit encryption, public and private keys, SSL & TLS and HTTPS.

## Want to join the conversation?

• How can public key and private key be different when the key (or answer) to the message can be only one? If you encrypt the message using 'x' key, then how can a 'y' key decrypt the message?
• A team recently tried to break a 1024 bit encryption , that took 3 years to break it "trying each possibility" is such a weak attack and there's various algorithms to do that way more smarter and faster, actually what i assumed your calculations aren't petty much right or doesn't have the accuracy to find the right time to break it , because each algorithm takes different time, am i wrong?
• Key length and the key strength are different things.
The key strength tells you how many bits worth of security you get compared to a key where no attack other than brute force can be used.

So for AES-256 where there are no known practical attacks against it, its 256 bit long key also has 256 bits of key strength.

On the other hand, for RSA, which has all sorts of attacks against it, a 1024 bit long key only has 80 bits worth of key strength. An 80 bit key is small, so it isn't that shocking that a concentrated effort could break it. Most keys used these days have at least 128 bits of key strength which means they are 2^48 = 281,474,976,710,656 times as strong (although some people are still using 3DES with only 112 bits of strength).

For an RSA key with 256 bits of key strength we would use a 15360 bit long RSA key.
(As shown on page 88 of FIPS 140-2 implementation guidelines here: http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf )

Hope this makes sense
• does 256 bit encryption = CAESAR'S CIPHER ?
• What would happen if the Riemann's hypothesis is solved? Is the perceived possibility of this soooo low, that all the information on the internet relies on it never being solved? Is there any plans to transitioning to another type of encryption?
• Modern public key cryptography schemes typically rely on the discrete log problem being hard, and/or factoring large numbers being hard. Proving Riemann's hypothesis would not make either of these problems easier. Cryptography schemes can be , and have been, built upon different hard problems in the event that the factorization and discrete log problems are solved.

As a side note: It is generally assumed that the Riemann's hypothesis is correct, so it would be unusual to build a scheme that relied upon it being false
• A bit of confusion in the private key concept. Suppose the package is received by the receiver and he has the private key does the package have information about the receivers private key. Because if not, how does the package know the receiver is using the right private key. And if yes how does the sender know about the private key of the receiver, do they share each other private key before hand? Sorry for long Qs.
• To receive packages you need to create two keys: a public key and a private key.
These two keys are related to each other mathematically, so you could say, that the public key knows about the private key. However, someone looking at the public key can't tell which private key the public key knows about without solving a super hard problem.

You give everyone the public key, and keep the private key secret.
When someone encrypts the package with the public key the package will be constructed so that only the private key will open it.

One way to think of it is like this:
- The sender borrows the opened padlock from the receiver, and locks it around their package
- The receiver can then just use their key to open it
(The padlock is the public key, and the matching key is the private key)

Hope this makes sense
• How do public and private keys correspond to each other? If they are not the same, how can we be sure that encrypted with public key message will be correctly decrypted by private key? And also if public key is openly available, what's the catch of private key if the message can be sniffed and decrypted to its original state using public key?
• How do public and private keys correspond to each other?
It depends on the one-way function being used for the encryption scheme e.g. in RSA the private key is the modular inverse of the public key mod phi(n)

If they are not the same, how can we be sure that encrypted with public key message will be correctly decrypted by private key?
Any encryption scheme will have a mathematical prove showing that the private key will act as a trapdoor for the corresponding public key. e.g. here is a proof of correctness for RSA ( https://en.wikipedia.org/wiki/RSA_(cryptosystem)#Proofs_of_correctness )

And also if public key is openly available, what's the catch of private key if the message can be sniffed and decrypted to its original state using public key?
Not sure what this is trying to ask, but it should be impractical to decipher a ciphertext without the private key as this would be reversing a one way function. The public key will not help in reversing a one way function.
• If the message being encrypted is a short one, then wouldn't it be impossible for a hacker to tell what it was because words with the same number of letters exist? For example if the message was 'throw' it could be mistaken as 'wires' or 'never' (these are all 5-letter words).
• The number of letters in the word is irrelevant; it has nothing to do with the encryption process. The secret number or numbers used to encrypt the word are used to shift the letters by that number or numbers of spaces. 'Throw', 'wires', and 'never' would all look completely different from each other when encrypted... and when decrypted.
(1 vote)
• I know this sounds stupid but if someone sent an encrypted message in a language other than english i.e German or Dutch, would the message be more secured?
• This may be repetitive, but, in WWII, the US Army used the Navajo Indian's native language to encode the US military's plans. They were good because some words could have four different meanings.
If you are interested, here is another website: http://www.historynet.com/world-war-ii-navajo-code-talkers.htm
(1 vote)
• Will quantum computers render 1024-bit encryption obsolete? I mean, can’t quantum computers perform even faster calculations than anything used today? Sure, they have to be kept ultra-cold and stuff like that, but if a hacker wants to break into something ultra-valuable, it would be worth the risk, right?
• If public key is "public", does that mean everyone on the internet (including hacker) can get one? If that's the case what's the point of having a public key?
• Hello Yinhe,

Correct - the public key is available to everyone! The corresponding private key is a secret.

If I send a message to the world using your private key you are the only one who can decrypt it. On a related note, if you "sign" a message using your private key I can verify it came from you using your public key!

Regards,

APD
(1 vote)