Читать книгу Bitcoin For Dummies - Peter Kent - Страница 48

Public key encryption is a clever little trick created using digital cryptography. This type of encryption is all accomplished using hugely complicated mathematics — the sort of mathematics that even most people with advanced degrees in mathematics don’t understand, the sort of mathematics that has names like Carmichael numbers and Goppa codes, the sort of mathematics that we certainly don’t understand, and you don’t either (well, most of you, dear readers, don’t). But that’s fine; gravity isn’t well understood either, but we all use it every day. So, forget how this amazing stuff works, and consider instead what it is actually accomplishing. Peter likes to call this mathemagics; sure, it’s mathematics, but it’s amazing and almost nobody understands it, so it might as well be magic! Here’s how it works.

First, imagine a safe, with two keyholes and two associated keys. We’ll call one the public key, and one the private key. Now imagine that you put something into the safe and lock it using the public key. Once the door is closed and locked, the public key no longer has access to the safe; it can’t be used to unlock the safe and extract the item. The private key, however, will work. In fact, once the safe is locked, the only way to open it is to use the private key.

That’s weird enough, but it gets even stranger. This magical mathematical safe actually works both ways. You can also lock it with the private key, but after you lock it, you can’t use the private key to open the safe. Only the public key will open a safe locked with a private key.

Oh, and these two keys are magically associated. They work only with each other and no other keys. Private Key X will work only with Public Key X, and vice versa. You can’t lock the safe with Public Key X and then unlock the safe with Private Key W or Private Key K, for example.

Okay, same principle, but now think of electronic messages. You can lock an electronic message with a public key — that is, you can use a key to scramble, or encrypt, the message. That message may be an email or information being sent from your browser to a web server.

After that locked (encrypted) message is received at the other end (by the email recipient or the web server), only the private key can unlock it; the public key is useless at this point. And again, the private key must be the mathemagically associated key (okay, mathematically associated), and no other.

Encryption is a handy tool. It means Peter can give you a public key, and you can write him a message and encrypt it using the public key; once it is encrypted, nobody in the world can read it unless they have the private key. So, if Peter carefully protects his keys, he’s the only person in the world who can read it.

The names of these keys aren’t arbitrary. The private key should be truly private — only you, and nobody else in the world, should have access to it. The public key can be truly public. You can give it away. For example, if you want to have people email encrypted messages to you, you could publish your public key — on your website, in the footer of your emails, on your business card, or whatever — so that anybody who wants to send a message to you can encrypt it with your public key knowing that you are the only person in the world who can read it (because you keep the private key secret).

This process is essentially what your web browser uses when you send your credit card information online; the web browser uses the web server’s public key to scramble the data so that only the web browser, with the associated private key, can decrypt and read the credit card information. (Okay, that’s a simplification. Browser-to-server communication is more complicated than this description, involving temporary session keys and so on; but the basic principle still applies.)