Читать книгу Cryptocurrency Mining For Dummies - Peter Kent - Страница 28

Public key encryption is a clever little trick created using digital cryptography. And, by the way, this type of encryption is all accomplished using hugely complicated mathematics — the sort of mathematics that even most people with degrees in mathematics don’t understand, the sort of mathematics that has names like Carmichael numbers and Goppa codes, the sort of mathematics that we certainly don’t understand, and you don’t either (well, most of you, dear readers, don’t). But that’s fine: Gravity isn’t well understood either, but we all use it every day.

So, forget how this amazing stuff works, and consider instead what it is actually accomplishing. Now, imagine a safe, with two keyholes and two associated keys. One is a public key, and one is a private key. Now imagine that you put something into the safe and lock it using the public key. Once the door is closed and locked, the public key no longer has access to the safe; it can’t be used to unlock the safe and extract the item. The private key, however, will work. The only way to open the safe is to use the private key.

In fact, this magical mathematical safe works both ways. You can lock it with the private key, but after you lock it, you can’t use the private key to open the safe. Only the public key will open a safe locked with a private key.

Oh, and these two keys are magically associated. They work only with each other and no other keys. Private Key X will work only with Public Key X, and vice versa. You can’t lock the safe with Public Key X and then unlock the safe with Private Key W or Private Key K, for example.

Okay, same principle, but now think of electronic messages. You can lock an electronic message with a public key — that is, you can use a key to scramble, or encrypt, the message. That message may be an email or information being sent from your browser to a web server.

After that locked (encrypted) message is received at the other end (the email recipient or the web server), only the private key can unlock it; the public key is useless at this point. And it must be the magically associated (okay, mathematically associated) key, and no other.

Encryption is a handy tool. It means I can give you a public key, and you can write me a message and encrypt it using the public key, and once encrypted nobody in the world can read it unless they have the private key. So, if I’m carefully protecting my keys, I’m the only person in the world who can read it.

The names of these keys aren’t arbitrary. The private key should be truly private — only you, and nobody else in the world, should have access to it. The public key can be truly public. You can give it away. For example, if you want to have people email their messages to you, you can publish your public key — on your website, in the footer of your emails, on your business card, or whatever — so that anybody who wants to send a message to you can encrypt it with your public key knowing that you are the only person in the world who can read it (because you keep the private key secret).

How do you encrypt emails? Email encryption has been around for decades, but it simply never caught on with the public at large. Still, you can encrypt email from most email systems, such as Outlook, Gmail, and Yahoo! Mail, and there are systems, such as ProtonMail, that encrypt it by default.

This process is essentially what your web browser uses when you send your credit card information online; the browser uses the web server’s public key to scramble the data so that only the web browser, with the associated private key, can decrypt and read the credit card information. (Okay, that’s a simplification. Browser-to-server communication is more complicated than this description, involving temporary session keys, and so on; but the basic principle still applies.)