“Secret Codes for Grown-Ups.“
“Last week, I touched on the concept of an encrypted session: in
that case, using ssh, or the secure shell. What I did not mention
was the means by which secure sessions and encrypted data are
managed and how to decrypt that information. You’ve probably heard
the terms “public key encryption” and “DSA” bandied about. You’ve
probably received messages with a “PGP signature” attached to the
message. What does that mean?…”
“Enter public key encryption, a popular form being PGP, or
Pretty Good Privacy (much more than just pretty good, I assure
you). My messages are encrypted with two keys. One is my private
key, which I guard jealously and never hand out to anyone. I will
take a copy of this key, print it out, save it to a diskette, and
store both in a safe-deposit box. Anyone knowing the whereabouts of
this key would have to be … well, that’s a bit dramatic, but you
get the idea. Now, when I encode a message, I do so by combining my
key with a public key. This is not my public key, but one supplied
to me by the person I want to communicate with. Both keys are
required for the encryption/decryption process, but anyone having
just one half of the key pair has nothing, and you never hand out
your private key to anyone.”