This chapter covers:
- Asymmetric Encryption can be used to encrypt secrets to a public key.
- Hybrid Encryption can be used to encrypt large amounts of data to a public key.
- The standards for Asymmetric and Hybrid Encryption.
In chapter 4 you learned about authenticated encryption, a cryptographic primitive used to encrypt data but limited by its symmetry: both sides of a connection had to share the same key. In this chapter, I’ll lift this restriction by introducing asymmetric encryption: a primitive to encrypt to someone else’s key without knowing the key. Without surprise, asymmetric encryption makes use of keypairs, and encryption will be done using a public key.
Halfway through this chapter, you will see that asymmetric encryption is limited by the size of the data it can encrypt, and by the rate at which it can encrypt. To remove this obstacle I’ll show you how to mix asymmetric encryption with authenticated encryption to form what we call hybrid encryption.
For this chapter you’ll need to have read:
- Chapter 4 on authenticated encryption.
- Chapter 5 on key exchanges.
Let’s get started!
The first step to understanding how to encrypt a message to someone is asymmetric encryption (also called public-key encryption). In this section you will learn about this cryptographic primitive and its properties.
Let’s take a look at the following real-world scenario: encrypted emails.