The basic protocol for the Asymmetric Cryptography works as the following:
- Either the sender or the receiver, Bob for example, will generate two keys (public-key and private-key).
- Bob will distribute his (public-key) publicly to everyone.
- The other parties, Alice for example, will use Bob’s (public-key) to send an encrypted message back to Bob.
- Bob will receive the (encrypted) message from Alice (unreadable message up till now).
- Bob will use his (private-key) to decrypt the received message (become readable now).
Note: if Oscar interrupt the communication and gain the encrypted message, it will be very difficult for him to decrypt it, since Bob only has the (private-key).
As a real-life example, everyone has an email address nowadays, where every email is linked with a secret password. Think of it this way, you give your email address to other people to send you emails/messages (public-key), while you are the only person who can read this emails/messages by accessing to your email address with your private password (private-key).
The main services that Asymmetric Cryptography provides:
- Key Distribution: For example, Diffie-Hellman Key Exchange & RSA (without a pre-shared secret key).
- Non-repudiation and Digital Signatures: For example, RSA, DSA or ECDSA. (that provides message integrity).
- Identification: Using challenge-response protocols with digital signatures.
- Encryption: For example, RSA/Elgamal.
However, the main disadvantage that Asymmetric Algorithms is about 1000 times slower than Symmetric Algorithms (Computationally very intensive).
In conclusion, it looks as though Asymmetric Cryptography (public-key schemes) can provide all functionality needed in modern security protocols such as SSL/TLS. However, the major drawback in practice is that encryption of data is extremely computationally demanding with (public-key algorithms). Many Block and Stream ciphers can encrypt 1000 times faster in software than (public-key algorithms). On the other hand, Symmetric Cryptography (private-key algorithms) are poor at providing digital signatures and key establishment/transport functionality. Hence, most practical protocols are hybrid protocols, which incorporate both Symmetric Algorithms and Asymmetric Algorithms.