Public keys are also needed to create digital signatures and to check the legitimacy of these signatures during the transmission of secure digital information. While the private key creates the signature, the public key validates it, thus authenticating the sender's identity. The public key also confirms that the message (that was signed with the digital signature) is not tampered with during transmission and thus ensures its integrity and confidentiality.
The main applications of public key technology are:
One of the main uses of a public key is to encrypt messages prior to sending. Since the public and private keys are mathematically connected, they are used together to encrypt and decrypt information. If anyone other than the owner of the private key tries to decrypt the information using the public key, the information will be unreadable.
The use of two different keys makes it harder for unauthorized or malicious parties to eavesdrop on a digital transaction or to steal or compromise the message.
Public key encryption is also used to create digital signatures. The digital signatures are generated via the following steps:
SSL/TLS use public key encryption to create a secure connection between the server and client. This encryption method enables the use of HTTPS. The public key is contained in the SSL/TLS certificate, which is publicly shared. The private key however is installed on the website's origin server.
The communication session is first established (known as a handshake) using asymmetric encryption. This establishes the identities of both parties and facilitates the exchange of a shared session key that enables a symmetric cipher. A key exchange algorithm uses the public-private key pair to agree upon the session keys. These keys are then used for symmetric encryption. For each session, new session keys are generated and agreed upon to prevent unauthorized parties from decrypting the message using older session keys.
Public keys and digital signatures are also used for cryptocurrency transactions. In fact, in such transactions, public keys are used as digital signatures to create crypto public addresses, prove a user's ownership of the private key, and authorize the user to make transactions (buy, sell, hold, etc.) from their crypto account.
The public key is a hashed version of the private key, making it useful to do the following: