Public Keys Encrypt and Private Keys Decrypt \u2014 Right?<\/h2>\n\n\n\n
The short answer? Not always. Yes, in most use cases, a public key is used to encrypt data while its corresponding private key is used to decrypt secrets. However, there are exceptions when it comes to certain processes. We\u2019ll break all of this down for you in the following sections, taking a look at five very common use cases:<\/p>\n\n\n\n
- \n
- SSL\/TLS (HTTPS)<\/li>\n\n\n\n
- Code Signing<\/li>\n\n\n\n
- Document Signing<\/li>\n\n\n\n
- Email Signing<\/li>\n\n\n\n
- Email Encryption<\/li>\n<\/ul>\n\n\n\n
1. How a Public-Private Key Pair Works During an SSL\/TLS Connection<\/h2>\n\n\n\n
When you visit a secure website using HTTPS, every connection starts with a process called a TLS handshake. This process involves using public key encryption<\/strong> (i.e., asymmetric encryption) to exchange sensitive information before switching to symmetric encryption<\/strong> for the rest of the session.<\/p>\n\n\n\n
Why bother switching? Because symmetric encryption requires less computational power than public key encryption does. Even though we\u2019re talking about minuscule amounts of time (i.e., milliseconds), it\u2019s more efficient for at-scale data encryption (i.e., for larger organizations with higher web traffic).<\/p>\n\n\n\n
To encrypt your website\u2019s connections, you need to have an SSL\/TLS certificate<\/strong><\/a> installed on your server. It also requires the client and server to introduce themselves and exchange essential information to create a secure encrypted session. This back-and-forth process is called the TLS handshake, of which most browsers support two varieties \u2014 TLS 1.2 (most common) and TLS 1.3.<\/p>\n\n\n\n
Here\u2019s an overview of how the TLS 1.2 handshake process works:<\/p>\n\n\n\n
- \n
- When a client (browser) connects to a server (website), the two parties exchange certain protocols about the cryptographic processes they support. The client sends a large, random prime value (called a \u201cclient random\u201d).<\/li>\n\n\n\n
- The server sends its SSL\/TLS certificate<\/strong> and public key<\/strong> to the client (browser), along with a \u201cserver random\u201d value (yeah, same concept as the client random value) that can be used in combination with the client random to create a symmetric session key<\/strong>.<\/li>\n\n\n\n
- The client checks the server\u2019s certificate and uses the server\u2019s public key<\/strong> to encrypt the symmetric key values it sends back to the server. (The specifics vary based on which key exchange algorithm is used.)<\/li>\n\n\n\n
- Both parties use their exchanged data to calculate a symmetric session key <\/strong>(i.e., shared session key).<\/li>\n\n\n\n
- The client checks the server\u2019s message authentication code (MAC)<\/strong> to ensure the handshake hasn\u2019t been tampered with.<\/li>\n\n\n\n
- Both parties use the shared session key to create a secure, symmetric encrypted connection.<\/li>\n<\/ul>\n\n\n\n
![\"An](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/tls-12-handshake-public-private-key-pair.jpg\")
Image caption: An illustration that shows the interactions between the client and web server during a TLS 1.2 handshake. It also shows the exchange of the server\u2019s public key, how it never shares the private key, and how the server and client use that cryptographic key pair to ultimately create a shared session key that they\u2019ll use for the rest of the session.<\/em><\/figcaption><\/figure>\n\n\n\n When it comes to the TLS 1.3 handshake<\/a>, the process differs somewhat, particularly regarding the key exchange process. The idea is to streamline everything into a single roundtrip.<\/p>\n\n\n\n
But the basic concept stays the same: the public-private keypair is used to securely exchange a symmetric key that\u2019s used for the actual data encryption.<\/p>\n\n\n\n
2. How Code Signing Uses Private and Public Keys to Secure Executables and Code<\/h2>\n\n\n\n
Let\u2019s consider the uses of public-private key pairs in software security. The process for securing code, software, executables, etc. involves the developer or publisher using a code signing certificate<\/strong><\/a> to add a digital signature to their software executable. This process uses cryptographic keys<\/a> and functions (i.e., hashing and encryption) to authenticate the developer\/publisher who created the asset and validate that the file or code hasn\u2019t been modified since it was signed.<\/p>\n\n\n\n
Remember toward the beginning of this article we said that it\u2019s not always the case that public keys encrypt and private keys decrypt? This is what we were referring to.<\/p>\n\n\n\n
But what does this process look like in terms of how and when each key is used?<\/p>\n\n\n\n
- \n
- The developer applies a hash function<\/strong> (i.e., hash algorithm) to their software\/code. This creates as fixed-length hash digest<\/strong> (i.e., hash value<\/strong>).<\/li>\n\n\n\n
- They use their private key<\/strong> to encrypt the resulting hash digest. This key must be stored on a secure device, such as a secure token or hardware security module (HSM), based on industry code signing baseline requirements<\/a>.<\/li>\n\n\n\n
- The developer then uses their code signing certificate<\/strong> to create a digital signature and apply a timestamp <\/strong>(Note: the timestamp is optional but recommended) to the software.<\/li>\n\n\n\n
- Their digitally signed software is distributed or released with the developer\u2019s public key and certificate attached.<\/li>\n<\/ul>\n\n\n\n
![\"A](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/how-code-signing-works-public-private-key-pair.png\")
Image caption: An illustration that breaks down the process of how code signing works and where half of the public-private key pair comes into play.<\/em><\/figcaption><\/figure>\n\n\n\n So, where does the public key come into play? During the software verification process that happens on the client end:<\/p>\n\n\n\n
- \n
- The end user downloads the software. Their browser or operating system (OS) checks the digital signature to ensure it is valid, is trusted, and hasn\u2019t been altered.<\/li>\n\n\n\n
- Their system will apply the developer\u2019s public key<\/strong> to the digest to decrypt it. It then compares that original hash digest<\/strong> to one that the system creates to see if it matches.<\/li>\n\n\n\n
- If the hash values match, then they\u2019ve got a winner. If the values don\u2019t, Windows operating systems and browsers will warn the user that your software shouldn\u2019t be trusted.<\/li>\n<\/ul>\n\n\n\n
![\"A](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/how-code-signing-verification-works-1024x429.png\")
Image caption: An illustration that breaks down the role of the public key in the code signing verification process when a user downloads or tries to install digitally signed software or code.<\/em><\/figcaption><\/figure>\n\n\n<\/span><\/span>\n\n\n 3. How You Can Use a Public-Private Key Pair to Digitally Sign Documents<\/h2>\n\n\n\n
When we talk about document signing, we\u2019re not talking about signing the electronic form of your handwritten signature. (That can be easily spoofed!) Instead, we\u2019re referring to stamping your verifiable digital identity to a digital file (Word document, PDF, etc.) so people know it\u2019s authentic and hasn\u2019t been altered.<\/p>\n\n\n\n
![\"A](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2022\/11\/electronic-vs-digital-signature-example.jpg\")
Image caption: An illustration that shows the difference between digital signatures (middle and right) and an electronic signature (left).<\/em><\/figcaption><\/figure>\n\n\n\n Fun aside: A digital signature is a type of electronic signature, but not all types of electronic signatures are digital signatures. A little confused? Check out my former colleague\u2019s article if you want to learn more about the difference between electronic and digital signatures<\/a>. Now, back to the main topic at hand\u2026<\/p>\n\n\n\n
As you\u2019ve probably now guessed, to digitally sign a document, you must have a document signing certificate<\/strong><\/a>. So, what\u2019s the role of the public and private key in this affair? Frankly, it\u2019s similar to what the private key does in the code signing process we described moments ago:<\/p>\n\n\n\n
- \n
- The document creator applies a hash function<\/strong> to their Word or PDF file. This creates a hash digest or hash value.<\/li>\n\n\n\n
- They apply their private key<\/strong> to encrypt the file\u2019s hash digest. Much like with the code signing process, your document signing key also must be stored on a secure device (token, HSM, etc.) or in a key vault.<\/li>\n\n\n\n
- The file owner then uses their document signing certificate<\/strong> to create the digital signature.<\/strong> They have the option of adding a timestamp<\/strong> to the file as well.<\/li>\n\n\n\n
- The digitally signed document is now ready for use.<\/li>\n<\/ul>\n\n\n\n
![\"public](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/how-document-signing-works.png\")
Image caption: This graphic illustrates how a document signing private key is used to help create a digital signature for Microsoft Office documents and PDFs.<\/em><\/figcaption><\/figure>\n\n\n\n - \n
- When the end user downloads the file, their device will check its digital signature.<\/li>\n\n\n\n
- Their system will apply the developer\u2019s public key<\/strong> to the digest to decrypt it. They then compare that original hash digest<\/strong> to one that the system creates to see if it matches.<\/li>\n<\/ul>\n\n\n\n
Now, it\u2019s time to shift gears and move on to signing email communications.<\/p>\n\n\n\n
4. How Public-Private Key Pairs Make Email Signing Possible<\/h2>\n\n\n\n
Email signing is a process that enables an email sender to prove that they sent the email and that the message didn\u2019t come from an imposter. This process uses an email signing certificate<\/strong><\/a> (also called a client authentication certificate<\/strong>), which they install onto their device or import to their email client.<\/p>\n\n\n\n
![\"An](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/windows-certificate-manager-example-1024x557.png\")
Image caption: An example screenshot of email signing and client authentication certificates that are installed in my Windows Certificate Manager.<\/em><\/figcaption><\/figure>\n\n\n\n So, what does this email signing process look like, and where does a public-private key pair fit into the equation?<\/p>\n\n\n\n
- \n
- When digitally signing an email, the sender applies a hash function\/algorithm<\/strong> to the message.<\/li>\n\n\n\n
- The sender applies their private key<\/strong> to encrypt that hash digest\/value<\/strong> to create the digital signature<\/strong>.<\/li>\n\n\n\n
- The sender attaches their email signing certificate<\/strong> and public key<\/strong> to the outbound email. Together, this creates the digital signature block<\/strong>.<\/li>\n<\/ul>\n\n\n\n
![\"An](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/how-email-signing-works.png\")
Image caption: A screenshot of how the code signing process works and where the cryptographic key comes into play in digitally signing the email.<\/em><\/figcaption><\/figure>\n\n\n\n Once the message is received:<\/p>\n\n\n\n
- \n
- The email recipient uses the sender\u2019s public key<\/strong> to decrypt the email\u2019s hash digest<\/strong>.<\/li>\n\n\n\n
- The recipient will compare this to a hash they generate to see if it matches.<\/li>\n\n\n\n
- If it matches, then the recipient can feel confident that the email is authentic.<\/li>\n<\/ul>\n\n\n\n
- The sender applies their private key<\/strong> to encrypt that hash digest\/value<\/strong> to create the digital signature<\/strong>.<\/li>\n\n\n\n
- When digitally signing an email, the sender applies a hash function\/algorithm<\/strong> to the message.<\/li>\n\n\n\n
- They apply their private key<\/strong> to encrypt the file\u2019s hash digest. Much like with the code signing process, your document signing key also must be stored on a secure device (token, HSM, etc.) or in a key vault.<\/li>\n\n\n\n
- If the hash values match, then they\u2019ve got a winner. If the values don\u2019t, Windows operating systems and browsers will warn the user that your software shouldn\u2019t be trusted.<\/li>\n<\/ul>\n\n\n\n
- They use their private key<\/strong> to encrypt the resulting hash digest. This key must be stored on a secure device, such as a secure token or hardware security module (HSM), based on industry code signing baseline requirements<\/a>.<\/li>\n\n\n\n
- The client checks the server\u2019s certificate and uses the server\u2019s public key<\/strong> to encrypt the symmetric key values it sends back to the server. (The specifics vary based on which key exchange algorithm is used.)<\/li>\n\n\n\n
![\"Public](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2023\/06\/public-private-keys-in-email-encryption-1024x325.png\")
<\/figure>\n\n\n\n