3.3.3 What is public key cryptography (PKC)?

Public key cryptography (PKC) is a system based on pairs of keys, a public key and a private key, rather than on a single secret key. The keys are related in such a way that information that is encrypted with the public key can only be decrypted with the private key. This means that, if I have a pair of keys, I can make my public key freely available to anyone who wants it without worrying about who else might get it. If anyone wants to send me a secret message, they can use my public key to encrypt the message. Only I can decrypt the message, using my private key, which I keep safe.

The action of encrypting information with PKC keys is significantly slower than encrypting with a secret key, such as a DES (Data Encryption Standard) key. So, in practice, a system that uses PKC first generates a secret key according to a method such as DES. It uses the secret key to encrypt the message, and it uses the PKC key to encrypt the secret key. Then, it attaches the PKC-encrypted secret key to the secret key-encrypted message.