Asymmetric encryption and digital certificates
But what’s symmetric encryption?
Symmetric encryption uses the same key to encrypt and decrypt data. This key must be kept secret.
Asymmetric encryption, also called public key encryption, uses a public key and a private key. The public key is publicly shared with everyone and the private key is kept strictly private. When data is encrypted with the public key, it can only be decrypted using the corresponding private key — this ensures confidentiality. When data is encrypted with the private key, it can be decrypted with the corresponding public key — this proves the origin of the data and ensures non-repudiation.
Asymmetric encryption uses more compute power and encrypts and decrypts data much slower than when using symmetric keys. Therefore, the common scenario is that we can use asymmetric encryption to establish symmetric session/ share a symmetric key and then use that symmetric key for symmetric encryption.
The below video explains digital certificates very well. When you visit a website using the secure HTTPS protocol, the website’s digital certificate (SSL certificate in this video) contains the public key and is signed by a CA to assure the user that the website is an legitimate website.
